1=pod 2 3=head1 NAME 4 5PKCS12_SAFEBAG_create_cert, PKCS12_SAFEBAG_create_crl, 6PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, 7PKCS12_SAFEBAG_create0_pkcs8, PKCS12_SAFEBAG_create_pkcs8_encrypt, 8PKCS12_SAFEBAG_create_pkcs8_encrypt_ex - Create PKCS#12 safeBag objects 9 10=head1 SYNOPSIS 11 12 #include <openssl/pkcs12.h> 13 14 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); 15 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); 16 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, 17 const unsigned char* value, 18 int len); 19 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); 20 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); 21 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, 22 const char *pass, 23 int passlen, 24 unsigned char *salt, 25 int saltlen, int iter, 26 PKCS8_PRIV_KEY_INFO *p8inf); 27 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt_ex(int pbe_nid, 28 const char *pass, 29 int passlen, 30 unsigned char *salt, 31 int saltlen, int iter, 32 PKCS8_PRIV_KEY_INFO *p8inf, 33 OSSL_LIB_CTX *ctx, 34 const char *propq); 35 36=head1 DESCRIPTION 37 38PKCS12_SAFEBAG_create_cert() creates a new B<PKCS12_SAFEBAG> of type B<NID_certBag> 39containing the supplied certificate. 40 41PKCS12_SAFEBAG_create_crl() creates a new B<PKCS12_SAFEBAG> of type B<NID_crlBag> 42containing the supplied crl. 43 44PKCS12_SAFEBAG_create_secret() creates a new B<PKCS12_SAFEBAG> of type 45corresponding to a PKCS#12 B<secretBag>. The B<secretBag> contents are tagged as 46I<type> with an ASN1 value of type I<vtype> constructed using the bytes in 47I<value> of length I<len>. 48 49PKCS12_SAFEBAG_create0_p8inf() creates a new B<PKCS12_SAFEBAG> of type B<NID_keyBag> 50containing the supplied PKCS8 structure. 51 52PKCS12_SAFEBAG_create0_pkcs8() creates a new B<PKCS12_SAFEBAG> of type 53B<NID_pkcs8ShroudedKeyBag> containing the supplied PKCS8 structure. 54 55PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B<PKCS12_SAFEBAG> of type 56B<NID_pkcs8ShroudedKeyBag> by encrypting the supplied PKCS8 I<p8inf>. 57If I<pbe_nid> is 0, a default encryption algorithm is used. I<pass> is the 58passphrase and I<iter> is the iteration count. If I<iter> is zero then a default 59value of 2048 is used. If I<salt> is NULL then a salt is generated randomly. 60 61PKCS12_SAFEBAG_create_pkcs8_encrypt_ex() is identical to PKCS12_SAFEBAG_create_pkcs8_encrypt() 62but allows for a library context I<ctx> and property query I<propq> to be used to select 63algorithm implementations. 64 65=head1 NOTES 66 67PKCS12_SAFEBAG_create_pkcs8_encrypt() makes assumptions regarding the encoding of the given pass 68phrase. 69See L<passphrase-encoding(7)> for more information. 70 71PKCS12_SAFEBAG_create_secret() was added in OpenSSL 3.0. 72 73=head1 RETURN VALUES 74 75All of these functions return a valid B<PKCS12_SAFEBAG> structure or NULL if an error occurred. 76 77=head1 CONFORMING TO 78 79IETF RFC 7292 (L<https://tools.ietf.org/html/rfc7292>) 80 81=head1 SEE ALSO 82 83L<PKCS12_create(3)>, 84L<PKCS12_add_safe(3)>, 85L<PKCS12_add_safes(3)> 86 87=head1 HISTORY 88 89PKCS12_SAFEBAG_create_pkcs8_encrypt_ex() was added in OpenSSL 3.0. 90 91=head1 COPYRIGHT 92 93Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 94 95Licensed under the Apache License 2.0 (the "License"). You may not use 96this file except in compliance with the License. You can obtain a copy 97in the file LICENSE in the source distribution or at 98L<https://www.openssl.org/source/license.html>. 99 100=cut 101