libcrypto/man/PKCS12_gen_mac.3

         $NetBSD: PKCS12_gen_mac.3,v 1.5 2024/09/08 13:08:28 christos Exp $

 -*- mode: troff; coding: utf-8 -*-
 Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)

 Standard preamble:
 ========================================================================
..
..

..
 \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` ""
. ds C' ""
'br\}
. ds C`
. ds C'
'br\}

 Escape single quotes in literal strings from groff's Unicode transform.

 If the F register is >0, we'll generate index entries on stderr for
 titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 entries marked with X<> in POD. Of course, you'll have to process the
 output yourself in some meaningful fashion.

 Avoid warning from groff about undefined register 'F'.
..
.nr rF 0
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
 ========================================================================

 Title "PKCS12_gen_mac 3"  PKCS12_gen_mac 3 2024-09-03 3.0.15 OpenSSL
 For nroff, turn off justification. Always turn off hyphenation; it makes
 way too many mistakes in technical documents.
 NAME
PKCS12_gen_mac, PKCS12_setup_mac, PKCS12_set_mac,
PKCS12_verify_mac - Functions to create and manipulate a PKCS#12 structure
 SYNOPSIS
 Header "SYNOPSIS" .Vb 1
 #include <openssl/pkcs12.h>
\&
 int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
  unsigned char *mac, unsigned int *maclen);
 int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
 int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
  unsigned char *salt, int saltlen, int iter,
  const EVP_MD *md_type);
 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
  int saltlen, const EVP_MD *md_type);
.Ve
 DESCRIPTION
 Header "DESCRIPTION" \fBPKCS12_gen_mac() generates an HMAC over the entire PKCS#12 object using the
supplied password along with a set of already configured parameters.
The default key generation mechanism used is PKCS12KDF.

\fBPKCS12_verify_mac() verifies the PKCS#12 object's HMAC using the supplied
password.

\fBPKCS12_setup_mac() sets the MAC part of the PKCS#12 structure with the supplied
parameters.

\fBPKCS12_set_mac() sets the MAC and MAC parameters into the PKCS#12 object.

\fIpass is the passphrase to use in the HMAC. salt is the salt value to use,
\fIiter is the iteration count and md_type is the message digest
function to use.
 NOTES
 Header "NOTES" If salt is NULL then a suitable salt will be generated and used.

If iter is 1 then an iteration count will be omitted from the PKCS#12
structure.

\fBPKCS12_gen_mac(), PKCS12_verify_mac() and PKCS12_set_mac() make assumptions
regarding the encoding of the given passphrase. See passphrase-encoding\|(7)
for more information.
 "RETURN VALUES"
 Header "RETURN VALUES" All functions return 1 on success and 0 if an error occurred.
 "CONFORMING TO"
 Header "CONFORMING TO" IETF RFC 7292 (<https://tools.ietf.org/html/rfc7292>)
 "SEE ALSO"
 Header "SEE ALSO" \fBd2i_PKCS12\|(3),
\fBEVP_KDF-PKCS12KDF\|(7),
\fBPKCS12_create\|(3),
\fBpassphrase-encoding\|(7)
 COPYRIGHT
 Header "COPYRIGHT" Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.