| =pod |
| |
| =head1 NAME |
| |
| PKCS12_parse - parse a PKCS#12 structure |
| |
| =head1 SYNOPSIS |
| |
| #include <openssl/pkcs12.h> |
| |
| int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); |
| |
| =head1 DESCRIPTION |
| |
| PKCS12_parse() parses a PKCS12 structure. |
| |
| B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use. |
| If successful the private key will be written to B<*pkey>, the corresponding |
| certificate to B<*cert> and any additional certificates to B<*ca>. |
| |
| =head1 NOTES |
| |
| The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> |
| in which case additional certificates will be discarded. B<*ca> can also |
| be a valid STACK in which case additional certificates are appended to |
| B<*ca>. If B<*ca> is B<NULL> a new STACK will be allocated. |
| |
| The B<friendlyName> and B<localKeyID> attributes (if present) on each certificate |
| will be stored in the B<alias> and B<keyid> attributes of the B<X509> structure. |
| |
| =head1 BUGS |
| |
| Only a single private key and corresponding certificate is returned by this function. |
| More complex PKCS#12 files with multiple private keys will only return the first |
| match. |
| |
| Only B<friendlyName> and B<localKeyID> attributes are currently stored in certificates. |
| Other attributes are discarded. |
| |
| Attributes currently cannot be store in the private key B<EVP_PKEY> structure. |
| |
| =head1 SEE ALSO |
| |
| L<d2i_PKCS12(3)|d2i_PKCS12(3)> |
| |
| =head1 HISTORY |
| |
| PKCS12_parse was added in OpenSSL 0.9.3 |
| |
| =cut |
