1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimPKCS12_parse - parse a PKCS#12 structure 6e71b7053SJung-uk Kim 7e71b7053SJung-uk Kim=head1 SYNOPSIS 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim #include <openssl/pkcs12.h> 10e71b7053SJung-uk Kim 116935a639SJung-uk Kim int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, 126935a639SJung-uk Kim STACK_OF(X509) **ca); 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim=head1 DESCRIPTION 15e71b7053SJung-uk Kim 16e71b7053SJung-uk KimPKCS12_parse() parses a PKCS12 structure. 17e71b7053SJung-uk Kim 18e71b7053SJung-uk KimB<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use. 19e71b7053SJung-uk KimIf successful the private key will be written to B<*pkey>, the corresponding 20e71b7053SJung-uk Kimcertificate to B<*cert> and any additional certificates to B<*ca>. 21e71b7053SJung-uk Kim 22e71b7053SJung-uk Kim=head1 NOTES 23e71b7053SJung-uk Kim 24*b077aed3SPierre ProncheryEach of the parameters B<pkey>, B<cert>, and B<ca> can be NULL in which case 25*b077aed3SPierre Proncherythe private key, the corresponding certificate, or the additional certificates, 26*b077aed3SPierre Proncheryrespectively, will be discarded. 27*b077aed3SPierre ProncheryIf any of B<pkey> and B<cert> is non-NULL the variable it points to is 28*b077aed3SPierre Proncheryinitialized. 29*b077aed3SPierre ProncheryIf B<ca> is non-NULL and B<*ca> is NULL a new STACK will be allocated. 30*b077aed3SPierre ProncheryIf B<ca> is non-NULL and B<*ca> is a valid STACK 31*b077aed3SPierre Proncherythen additional certificates are appended in the given order to B<*ca>. 32e71b7053SJung-uk Kim 33e71b7053SJung-uk KimThe B<friendlyName> and B<localKeyID> attributes (if present) on each 34e71b7053SJung-uk Kimcertificate will be stored in the B<alias> and B<keyid> attributes of the 35e71b7053SJung-uk KimB<X509> structure. 36e71b7053SJung-uk Kim 37e71b7053SJung-uk KimThe parameter B<pass> is interpreted as a string in the UTF-8 encoding. If it 38e71b7053SJung-uk Kimis not valid UTF-8, then it is assumed to be ISO8859-1 instead. 39e71b7053SJung-uk Kim 40e71b7053SJung-uk KimIn particular, this means that passwords in the locale character set 41e71b7053SJung-uk Kim(or code page on Windows) must potentially be converted to UTF-8 before 42e71b7053SJung-uk Kimuse. This may include passwords from local text files, or input from 43e71b7053SJung-uk Kimthe terminal or command line. Refer to the documentation of 44e71b7053SJung-uk KimL<UI_OpenSSL(3)>, for example. 45e71b7053SJung-uk Kim 46e71b7053SJung-uk Kim=head1 RETURN VALUES 47e71b7053SJung-uk Kim 48e71b7053SJung-uk KimPKCS12_parse() returns 1 for success and zero if an error occurred. 49e71b7053SJung-uk Kim 50e71b7053SJung-uk KimThe error can be obtained from L<ERR_get_error(3)> 51e71b7053SJung-uk Kim 52e71b7053SJung-uk Kim=head1 BUGS 53e71b7053SJung-uk Kim 54e71b7053SJung-uk KimOnly a single private key and corresponding certificate is returned by this 55e71b7053SJung-uk Kimfunction. More complex PKCS#12 files with multiple private keys will only 56e71b7053SJung-uk Kimreturn the first match. 57e71b7053SJung-uk Kim 58e71b7053SJung-uk KimOnly B<friendlyName> and B<localKeyID> attributes are currently stored in 59e71b7053SJung-uk Kimcertificates. Other attributes are discarded. 60e71b7053SJung-uk Kim 61e71b7053SJung-uk KimAttributes currently cannot be stored in the private key B<EVP_PKEY> structure. 62e71b7053SJung-uk Kim 63e71b7053SJung-uk Kim=head1 SEE ALSO 64e71b7053SJung-uk Kim 65e71b7053SJung-uk KimL<d2i_PKCS12(3)>, 66e71b7053SJung-uk KimL<passphrase-encoding(7)> 67e71b7053SJung-uk Kim 68e71b7053SJung-uk Kim=head1 COPYRIGHT 69e71b7053SJung-uk Kim 70*b077aed3SPierre ProncheryCopyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. 71e71b7053SJung-uk Kim 72*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 73e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 74e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 75e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 76e71b7053SJung-uk Kim 77e71b7053SJung-uk Kim=cut 78