Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

gnutls_pkcs12_simple_parse(3) [centos man page]

gnutls_pkcs12_simple_parse(3)					      gnutls					     gnutls_pkcs12_simple_parse(3)

NAME

       gnutls_pkcs12_simple_parse - API function

SYNOPSIS

       #include <gnutls/pkcs12.h>

       int  gnutls_pkcs12_simple_parse(gnutls_pkcs12_t	p12,  const  char  *  password,  gnutls_x509_privkey_t	* key, gnutls_x509_crt_t ** chain,
       unsigned int * chain_len, gnutls_x509_crt_t ** extra_certs, unsigned int * extra_certs_len, gnutls_x509_crl_t * crl, unsigned int flags);

ARGUMENTS

       gnutls_pkcs12_t p12
		   the PKCS12 blob.

       const char * password
		   optional password used to decrypt PKCS12 blob, bags and keys.

       gnutls_x509_privkey_t * key
		   a structure to store the parsed private key.

       gnutls_x509_crt_t ** chain
		   the corresponding to key certificate chain (may be NULL)

       unsigned int * chain_len
		   will be updated with the number of additional (may be NULL)

       gnutls_x509_crt_t ** extra_certs
		   optional pointer to receive an array of additional certificates found in the PKCS12 blob (may be NULL).

       unsigned int * extra_certs_len
		   will be updated with the number of additional certs (may be NULL).

       gnutls_x509_crl_t * crl
		   an optional structure to store the parsed CRL (may be NULL).

       unsigned int flags
		   should be zero or one of GNUTLS_PKCS12_SP_*

DESCRIPTION

       This function parses a PKCS12 blob in  p12blob and extracts the private key, the corresponding certificate chain, and any  additional  cer-
       tificates and a CRL.

       The   extra_certs_ret  and   extra_certs_len  parameters are optional and both may be set to NULL. If either is non-NULL, then both must be
       set.

       Encrypted PKCS12 bags and PKCS8 private keys are supported.  However, only password based security, and the same password  for  all  opera-
       tions, are supported.

       A  PKCS12  file may contain many keys and/or certificates, and there is no way to identify which key/certificate pair you want.	You should
       make sure the PKCS12 file only contain one key/certificate pair and/or one CRL.

       It is believed that the limitations of this function are acceptable for common usage, and that any more flexibility  would  introduce  com-
       plexity that would make it harder to use this functionality at all.

       If the provided structure has encrypted fields but no password is provided then this function returns GNUTLS_E_DECRYPTION_FAILED.

       Note that normally the chain constructed does not include self signed certificates, to comply with TLS' requirements. If, however, the flag
       GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED is specified then self signed certificates will be included in the chain.

RETURNS

       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

SINCE

       3.1

REPORTING BUGS

       Report bugs to <bug-gnutls@gnu.org>.
       General guidelines for reporting bugs: http://www.gnu.org/gethelp/
       GnuTLS home page: http://www.gnu.org/software/gnutls/

COPYRIGHT

       Copyright (C) 2012 Free Software Foundation, Inc..
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full documentation for gnutls is maintained as a Texinfo manual.  If the info and gnutls programs are properly installed at your site,
       the command

	      info gnutls

       should give you access to the complete manual.  As an alternative you may obtain the manual from:

	      http://www.gnu.org/software/gnutls/manual/

gnutls								      3.1.15					     gnutls_pkcs12_simple_parse(3)

Check Out this Related Man Page

gnutls_certificate_set_x509_key(3)				      gnutls					gnutls_certificate_set_x509_key(3)

NAME

       gnutls_certificate_set_x509_key - API function

SYNOPSIS

       #include <gnutls/gnutls.h>

       int    gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t	 res,	gnutls_x509_crt_t   *	cert_list,   int   cert_list_size,
       gnutls_x509_privkey_t key);

ARGUMENTS

       gnutls_certificate_credentials_t res
		   is a gnutls_certificate_credentials_t structure.

       gnutls_x509_crt_t * cert_list
		   contains a certificate list (path) for the specified private key

       int cert_list_size
		   holds the size of the certificate list

       gnutls_x509_privkey_t key
		   is a gnutls_x509_privkey_t key

DESCRIPTION

       This function sets a certificate/private key pair in the gnutls_certificate_credentials_t structure.  This function may be called more than
       once,  in  case multiple keys/certificates exist for the server.  For clients that wants to send more than their own end entity certificate
       (e.g., also an intermediate CA cert) then put the certificate chain in  cert_list .

RETURNS

       GNUTLS_E_SUCCESS (0) on success, or a negative error code.

SINCE

       2.4.0

REPORTING BUGS

       Report bugs to <bug-gnutls@gnu.org>.
       General guidelines for reporting bugs: http://www.gnu.org/gethelp/
       GnuTLS home page: http://www.gnu.org/software/gnutls/

COPYRIGHT

       Copyright (C) 2012 Free Software Foundation, Inc..
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full documentation for gnutls is maintained as a Texinfo manual.  If the info and gnutls programs are properly installed at your site,
       the command

	      info gnutls

       should give you access to the complete manual.  As an alternative you may obtain the manual from:

	      http://www.gnu.org/software/gnutls/manual/

gnutls								      3.1.15					gnutls_certificate_set_x509_key(3)
Man Page