| =pod |
| |
| =head1 NAME |
| |
| PKCS12_parse - parse a PKCS#12 structure |
| |
| =head1 SYNOPSIS |
| |
| #include <openssl/pkcs12.h> |
| |
| int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); |
| |
| =head1 DESCRIPTION |
| |
| PKCS12_parse() parses a PKCS12 structure. |
| |
| B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use. |
| If successful the private key will be written to B<*pkey>, the corresponding |
| certificate to B<*cert> and any additional certificates to B<*ca>. |
| |
| =head1 NOTES |
| |
| The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in |
| which case additional certificates will be discarded. B<*ca> can also be a |
| valid STACK in which case additional certificates are appended to B<*ca>. If |
| B<*ca> is B<NULL> a new STACK will be allocated. |
| |
| The B<friendlyName> and B<localKeyID> attributes (if present) on each |
| certificate will be stored in the B<alias> and B<keyid> attributes of the |
| B<X509> structure. |
| |
| =head1 RETURN VALUES |
| |
| PKCS12_parse() returns 1 for success and zero if an error occurred. |
| |
| The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)> |
| |
| =head1 BUGS |
| |
| Only a single private key and corresponding certificate is returned by this |
| function. More complex PKCS#12 files with multiple private keys will only |
| return the first match. |
| |
| Only B<friendlyName> and B<localKeyID> attributes are currently stored in |
| certificates. Other attributes are discarded. |
| |
| Attributes currently cannot be stored in the private key B<EVP_PKEY> structure. |
| |
| =head1 SEE ALSO |
| |
| L<d2i_PKCS12(3)|d2i_PKCS12(3)> |
| |
| =head1 HISTORY |
| |
| PKCS12_parse was added in OpenSSL 0.9.3 |
| |
| =cut |
