1*4724848cSchristos=pod 2*4724848cSchristos 3*4724848cSchristos=head1 NAME 4*4724848cSchristos 5*4724848cSchristosPKCS12_parse - parse a PKCS#12 structure 6*4724848cSchristos 7*4724848cSchristos=head1 SYNOPSIS 8*4724848cSchristos 9*4724848cSchristos #include <openssl/pkcs12.h> 10*4724848cSchristos 11*4724848cSchristos int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, 12*4724848cSchristos STACK_OF(X509) **ca); 13*4724848cSchristos 14*4724848cSchristos=head1 DESCRIPTION 15*4724848cSchristos 16*4724848cSchristosPKCS12_parse() parses a PKCS12 structure. 17*4724848cSchristos 18*4724848cSchristosB<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use. 19*4724848cSchristosIf successful the private key will be written to B<*pkey>, the corresponding 20*4724848cSchristoscertificate to B<*cert> and any additional certificates to B<*ca>. 21*4724848cSchristos 22*4724848cSchristos=head1 NOTES 23*4724848cSchristos 24*4724848cSchristosThe parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in 25*4724848cSchristoswhich case additional certificates will be discarded. B<*ca> can also be a 26*4724848cSchristosvalid STACK in which case additional certificates are appended to B<*ca>. If 27*4724848cSchristosB<*ca> is B<NULL> a new STACK will be allocated. 28*4724848cSchristos 29*4724848cSchristosThe B<friendlyName> and B<localKeyID> attributes (if present) on each 30*4724848cSchristoscertificate will be stored in the B<alias> and B<keyid> attributes of the 31*4724848cSchristosB<X509> structure. 32*4724848cSchristos 33*4724848cSchristosThe parameter B<pass> is interpreted as a string in the UTF-8 encoding. If it 34*4724848cSchristosis not valid UTF-8, then it is assumed to be ISO8859-1 instead. 35*4724848cSchristos 36*4724848cSchristosIn particular, this means that passwords in the locale character set 37*4724848cSchristos(or code page on Windows) must potentially be converted to UTF-8 before 38*4724848cSchristosuse. This may include passwords from local text files, or input from 39*4724848cSchristosthe terminal or command line. Refer to the documentation of 40*4724848cSchristosL<UI_OpenSSL(3)>, for example. 41*4724848cSchristos 42*4724848cSchristos=head1 RETURN VALUES 43*4724848cSchristos 44*4724848cSchristosPKCS12_parse() returns 1 for success and zero if an error occurred. 45*4724848cSchristos 46*4724848cSchristosThe error can be obtained from L<ERR_get_error(3)> 47*4724848cSchristos 48*4724848cSchristos=head1 BUGS 49*4724848cSchristos 50*4724848cSchristosOnly a single private key and corresponding certificate is returned by this 51*4724848cSchristosfunction. More complex PKCS#12 files with multiple private keys will only 52*4724848cSchristosreturn the first match. 53*4724848cSchristos 54*4724848cSchristosOnly B<friendlyName> and B<localKeyID> attributes are currently stored in 55*4724848cSchristoscertificates. Other attributes are discarded. 56*4724848cSchristos 57*4724848cSchristosAttributes currently cannot be stored in the private key B<EVP_PKEY> structure. 58*4724848cSchristos 59*4724848cSchristos=head1 SEE ALSO 60*4724848cSchristos 61*4724848cSchristosL<d2i_PKCS12(3)>, 62*4724848cSchristosL<passphrase-encoding(7)> 63*4724848cSchristos 64*4724848cSchristos=head1 COPYRIGHT 65*4724848cSchristos 66*4724848cSchristosCopyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. 67*4724848cSchristos 68*4724848cSchristosLicensed under the OpenSSL license (the "License"). You may not use 69*4724848cSchristosthis file except in compliance with the License. You can obtain a copy 70*4724848cSchristosin the file LICENSE in the source distribution or at 71*4724848cSchristosL<https://www.openssl.org/source/license.html>. 72*4724848cSchristos 73*4724848cSchristos=cut 74