|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_decrypt
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_decrypt}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_decrypt} (gnutls_pkcs12_bag_t @var{bag}, const char * @var{pass})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{pass}: The password used for encryption, must be ASCII.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will decrypt the given encrypted bag and return 0 on
|
|
Packit |
aea12f |
success.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned,
|
|
Packit |
aea12f |
otherwise a negative error code is returned.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_deinit
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_deinit}
|
|
Packit |
aea12f |
@deftypefun {void} {gnutls_pkcs12_bag_deinit} (gnutls_pkcs12_bag_t @var{bag})
|
|
Packit |
aea12f |
@var{bag}: A pointer to the type to be initialized
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will deinitialize a PKCS12 Bag structure.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_enc_info
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_enc_info}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_enc_info} (gnutls_pkcs12_bag_t @var{bag}, unsigned int * @var{schema}, unsigned int * @var{cipher}, void * @var{salt}, unsigned int * @var{salt_size}, unsigned int * @var{iter_count}, char ** @var{oid})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{schema}: indicate the schema as one of @code{gnutls_pkcs_encrypt_flags_t}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{cipher}: the cipher used as @code{gnutls_cipher_algorithm_t}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{salt}: PBKDF2 salt (if non-NULL then @code{salt_size} initially holds its size)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{salt_size}: PBKDF2 salt size
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{iter_count}: PBKDF2 iteration count
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{oid}: if non-NULL it will contain an allocated null-terminated variable with the OID
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will provide information on the encryption algorithms used
|
|
Packit |
aea12f |
in an encrypted bag. If the structure algorithms
|
|
Packit |
aea12f |
are unknown the code @code{GNUTLS_E_UNKNOWN_CIPHER_TYPE} will be returned,
|
|
Packit |
aea12f |
and only @code{oid} , will be set. That is, @code{oid} will be set on encrypted bags
|
|
Packit |
aea12f |
whether supported or not. It must be deinitialized using @code{gnutls_free()} .
|
|
Packit |
aea12f |
The other variables are only set on supported structures.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} @code{GNUTLS_E_INVALID_REQUEST} if the provided bag isn't encrypted,
|
|
Packit |
aea12f |
@code{GNUTLS_E_UNKNOWN_CIPHER_TYPE} if the structure's encryption isn't supported, or
|
|
Packit |
aea12f |
another negative error code in case of a failure. Zero on success.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_encrypt
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_encrypt}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_encrypt} (gnutls_pkcs12_bag_t @var{bag}, const char * @var{pass}, unsigned int @var{flags})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{pass}: The password used for encryption, must be ASCII
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{flags}: should be one of @code{gnutls_pkcs_encrypt_flags_t} elements bitwise or'd
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will encrypt the given bag.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned,
|
|
Packit |
aea12f |
otherwise a negative error code is returned.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_get_count
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_get_count}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_get_count} (gnutls_pkcs12_bag_t @var{bag})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return the number of the elements within the bag.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} Number of elements in bag, or an negative error code on
|
|
Packit |
aea12f |
error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_get_data
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_get_data}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_get_data} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx}, gnutls_datum_t * @var{data})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The element of the bag to get the data from
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{data}: where the bag's data will be. Should be treated as constant.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return the bag's data. The data is a constant
|
|
Packit |
aea12f |
that is stored into the bag. Should not be accessed after the bag
|
|
Packit |
aea12f |
is deleted.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_get_friendly_name
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_get_friendly_name}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_get_friendly_name} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx}, char ** @var{name})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The bag's element to add the id
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{name}: will hold a pointer to the name (to be treated as const)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return the friendly name, of the specified bag
|
|
Packit |
aea12f |
element. The key ID is usually used to distinguish the local
|
|
Packit |
aea12f |
private key and the certificate pair.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value. or a negative error code on error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_get_key_id
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_get_key_id}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_get_key_id} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx}, gnutls_datum_t * @var{id})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The bag's element to add the id
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{id}: where the ID will be copied (to be treated as const)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return the key ID, of the specified bag element.
|
|
Packit |
aea12f |
The key ID is usually used to distinguish the local private key and
|
|
Packit |
aea12f |
the certificate pair.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value. or a negative error code on error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_get_type
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_get_type}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_get_type} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The element of the bag to get the type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return the bag's type.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On error a negative error value or one of the @code{gnutls_pkcs12_bag_type_t} enumerations.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_init
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_init}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_init} (gnutls_pkcs12_bag_t * @var{bag})
|
|
Packit |
aea12f |
@var{bag}: A pointer to the type to be initialized
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will initialize a PKCS12 bag structure. PKCS12 Bags
|
|
Packit |
aea12f |
usually contain private keys, lists of X.509 Certificates and X.509
|
|
Packit |
aea12f |
Certificate revocation lists.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_crl
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_crl}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_crl} (gnutls_pkcs12_bag_t @var{bag}, gnutls_x509_crl_t @var{crl})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{crl}: the CRL to be copied.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will insert the given CRL into the
|
|
Packit |
aea12f |
bag. This is just a wrapper over @code{gnutls_pkcs12_bag_set_data()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} the index of the added bag on success, or a negative error code
|
|
Packit |
aea12f |
on failure.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_crt
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_crt}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_crt} (gnutls_pkcs12_bag_t @var{bag}, gnutls_x509_crt_t @var{crt})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{crt}: the certificate to be copied.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will insert the given certificate into the
|
|
Packit |
aea12f |
bag. This is just a wrapper over @code{gnutls_pkcs12_bag_set_data()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} the index of the added bag on success, or a negative
|
|
Packit |
aea12f |
value on failure.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_data
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_data}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_data} (gnutls_pkcs12_bag_t @var{bag}, gnutls_pkcs12_bag_type_t @var{type}, const gnutls_datum_t * @var{data})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{type}: The data's type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{data}: the data to be copied.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will insert the given data of the given type into
|
|
Packit |
aea12f |
the bag.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} the index of the added bag on success, or a negative
|
|
Packit |
aea12f |
value on error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_friendly_name
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_friendly_name}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_friendly_name} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx}, const char * @var{name})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The bag's element to add the id
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{name}: the name
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will add the given key friendly name, to the
|
|
Packit |
aea12f |
specified, by the index, bag element. The name will be encoded as
|
|
Packit |
aea12f |
a 'Friendly name' bag attribute, which is usually used to set a
|
|
Packit |
aea12f |
user name to the local private key and the certificate pair.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value. or a negative error code on error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_key_id
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_key_id}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_key_id} (gnutls_pkcs12_bag_t @var{bag}, unsigned @var{indx}, const gnutls_datum_t * @var{id})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: The bag's element to add the id
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{id}: the ID
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will add the given key ID, to the specified, by the
|
|
Packit |
aea12f |
index, bag element. The key ID will be encoded as a 'Local key
|
|
Packit |
aea12f |
identifier' bag attribute, which is usually used to distinguish
|
|
Packit |
aea12f |
the local private key and the certificate pair.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value. or a negative error code on error.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_bag_set_privkey
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_bag_set_privkey}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_bag_set_privkey} (gnutls_pkcs12_bag_t @var{bag}, gnutls_x509_privkey_t @var{privkey}, const char * @var{password}, unsigned @var{flags})
|
|
Packit |
aea12f |
@var{bag}: The bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{privkey}: the private key to be copied.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{password}: the password to protect the key with (may be @code{NULL} )
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{flags}: should be one of @code{gnutls_pkcs_encrypt_flags_t} elements bitwise or'd
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will insert the given private key into the
|
|
Packit |
aea12f |
bag. This is just a wrapper over @code{gnutls_pkcs12_bag_set_data()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} the index of the added bag on success, or a negative
|
|
Packit |
aea12f |
value on failure.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_deinit
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_deinit}
|
|
Packit |
aea12f |
@deftypefun {void} {gnutls_pkcs12_deinit} (gnutls_pkcs12_t @var{pkcs12})
|
|
Packit |
aea12f |
@var{pkcs12}: The type to be initialized
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will deinitialize a PKCS12 type.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_export
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_export}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_export} (gnutls_pkcs12_t @var{pkcs12}, gnutls_x509_crt_fmt_t @var{format}, void * @var{output_data}, size_t * @var{output_data_size})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{format}: the format of output params. One of PEM or DER.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{output_data}: will contain a structure PEM or DER encoded
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{output_data_size}: holds the size of output_data (and will be
|
|
Packit |
aea12f |
replaced by the actual size of parameters)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will export the pkcs12 structure to DER or PEM format.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
If the buffer provided is not long enough to hold the output, then
|
|
Packit |
aea12f |
*output_data_size will be updated and GNUTLS_E_SHORT_MEMORY_BUFFER
|
|
Packit |
aea12f |
will be returned.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
If the structure is PEM encoded, it will have a header
|
|
Packit |
aea12f |
of "BEGIN PKCS12".
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} In case of failure a negative error code will be
|
|
Packit |
aea12f |
returned, and 0 on success.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_export2
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_export2}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_export2} (gnutls_pkcs12_t @var{pkcs12}, gnutls_x509_crt_fmt_t @var{format}, gnutls_datum_t * @var{out})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{format}: the format of output params. One of PEM or DER.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{out}: will contain a structure PEM or DER encoded
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will export the pkcs12 structure to DER or PEM format.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
The output buffer is allocated using @code{gnutls_malloc()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
If the structure is PEM encoded, it will have a header
|
|
Packit |
aea12f |
of "BEGIN PKCS12".
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} In case of failure a negative error code will be
|
|
Packit |
aea12f |
returned, and 0 on success.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Since:} 3.1.3
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_generate_mac
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_generate_mac}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_generate_mac} (gnutls_pkcs12_t @var{pkcs12}, const char * @var{pass})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{pass}: The password for the MAC
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will generate a MAC for the PKCS12 structure.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_generate_mac2
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_generate_mac2}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_generate_mac2} (gnutls_pkcs12_t @var{pkcs12}, gnutls_mac_algorithm_t @var{mac}, const char * @var{pass})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{mac}: the MAC algorithm to use
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{pass}: The password for the MAC
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will generate a MAC for the PKCS12 structure.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_get_bag
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_get_bag}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_get_bag} (gnutls_pkcs12_t @var{pkcs12}, int @var{indx}, gnutls_pkcs12_bag_t @var{bag})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{indx}: contains the index of the bag to extract
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{bag}: An initialized bag, where the contents of the bag will be copied
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will return a Bag from the PKCS12 structure.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
After the last Bag has been read
|
|
Packit |
aea12f |
@code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} will be returned.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_import
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_import}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_import} (gnutls_pkcs12_t @var{pkcs12}, const gnutls_datum_t * @var{data}, gnutls_x509_crt_fmt_t @var{format}, unsigned int @var{flags})
|
|
Packit |
aea12f |
@var{pkcs12}: The data to store the parsed PKCS12.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{data}: The DER or PEM encoded PKCS12.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{format}: One of DER or PEM
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{flags}: an ORed sequence of gnutls_privkey_pkcs8_flags
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will convert the given DER or PEM encoded PKCS12
|
|
Packit |
aea12f |
to the native gnutls_pkcs12_t format. The output will be stored in 'pkcs12'.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
If the PKCS12 is PEM encoded it should have a header of "PKCS12".
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_init
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_init}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_init} (gnutls_pkcs12_t * @var{pkcs12})
|
|
Packit |
aea12f |
@var{pkcs12}: A pointer to the type to be initialized
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will initialize a PKCS12 type. PKCS12 structures
|
|
Packit |
aea12f |
usually contain lists of X.509 Certificates and X.509 Certificate
|
|
Packit |
aea12f |
revocation lists.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_mac_info
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_mac_info}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_mac_info} (gnutls_pkcs12_t @var{pkcs12}, unsigned int * @var{mac}, void * @var{salt}, unsigned int * @var{salt_size}, unsigned int * @var{iter_count}, char ** @var{oid})
|
|
Packit |
aea12f |
@var{pkcs12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{mac}: the MAC algorithm used as @code{gnutls_mac_algorithm_t}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{salt}: the salt used for string to key (if non-NULL then @code{salt_size} initially holds its size)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{salt_size}: string to key salt size
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{iter_count}: string to key iteration count
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{oid}: if non-NULL it will contain an allocated null-terminated variable with the OID
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will provide information on the MAC algorithm used
|
|
Packit |
aea12f |
in a PKCS @code{12} structure. If the structure algorithms
|
|
Packit |
aea12f |
are unknown the code @code{GNUTLS_E_UNKNOWN_HASH_ALGORITHM} will be returned,
|
|
Packit |
aea12f |
and only @code{oid} , will be set. That is, @code{oid} will be set on structures
|
|
Packit |
aea12f |
with a MAC whether supported or not. It must be deinitialized using @code{gnutls_free()} .
|
|
Packit |
aea12f |
The other variables are only set on supported structures.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} @code{GNUTLS_E_INVALID_REQUEST} if the provided structure doesn't contain a MAC,
|
|
Packit |
aea12f |
@code{GNUTLS_E_UNKNOWN_HASH_ALGORITHM} if the structure's MAC isn't supported, or
|
|
Packit |
aea12f |
another negative error code in case of a failure. Zero on success.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_set_bag
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_set_bag}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_set_bag} (gnutls_pkcs12_t @var{pkcs12}, gnutls_pkcs12_bag_t @var{bag})
|
|
Packit |
aea12f |
@var{pkcs12}: should contain a gnutls_pkcs12_t type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{bag}: An initialized bag
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will insert a Bag into the PKCS12 structure.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_simple_parse
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_simple_parse}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_simple_parse} (gnutls_pkcs12_t @var{p12}, const char * @var{password}, gnutls_x509_privkey_t * @var{key}, gnutls_x509_crt_t ** @var{chain}, unsigned int * @var{chain_len}, gnutls_x509_crt_t ** @var{extra_certs}, unsigned int * @var{extra_certs_len}, gnutls_x509_crl_t * @var{crl}, unsigned int @var{flags})
|
|
Packit |
aea12f |
@var{p12}: A pkcs12 type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{password}: optional password used to decrypt the structure, bags and keys.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{key}: a structure to store the parsed private key.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{chain}: the corresponding to key certificate chain (may be @code{NULL} )
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{chain_len}: will be updated with the number of additional (may be @code{NULL} )
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{extra_certs}: optional pointer to receive an array of additional
|
|
Packit |
aea12f |
certificates found in the PKCS12 structure (may be @code{NULL} ).
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{extra_certs_len}: will be updated with the number of additional
|
|
Packit |
aea12f |
certs (may be @code{NULL} ).
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{crl}: an optional structure to store the parsed CRL (may be @code{NULL} ).
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{flags}: should be zero or one of GNUTLS_PKCS12_SP_*
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function parses a PKCS12 structure in @code{pkcs12} and extracts the
|
|
Packit |
aea12f |
private key, the corresponding certificate chain, any additional
|
|
Packit |
aea12f |
certificates and a CRL. The structures in @code{key} , @code{chain} @code{crl} , and @code{extra_certs} must not be initialized.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
The @code{extra_certs} and @code{extra_certs_len} parameters are optional
|
|
Packit |
aea12f |
and both may be set to @code{NULL} . If either is non-@code{NULL} , then both must
|
|
Packit |
aea12f |
be set. The value for @code{extra_certs} is allocated
|
|
Packit |
aea12f |
using @code{gnutls_malloc()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Encrypted PKCS12 bags and PKCS8 private keys are supported, but
|
|
Packit |
aea12f |
only with password based security and the same password for all
|
|
Packit |
aea12f |
operations.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Note that a PKCS12 structure may contain many keys and/or certificates,
|
|
Packit |
aea12f |
and there is no way to identify which key/certificate pair you want.
|
|
Packit |
aea12f |
For this reason this function is useful for PKCS12 files that contain
|
|
Packit |
aea12f |
only one key/certificate pair and/or one CRL.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
If the provided structure has encrypted fields but no password
|
|
Packit |
aea12f |
is provided then this function returns @code{GNUTLS_E_DECRYPTION_FAILED} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Note that normally the chain constructed does not include self signed
|
|
Packit |
aea12f |
certificates, to comply with TLS' requirements. If, however, the flag
|
|
Packit |
aea12f |
@code{GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED} is specified then
|
|
Packit |
aea12f |
self signed certificates will be included in the chain.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Prior to using this function the PKCS @code{12} structure integrity must
|
|
Packit |
aea12f |
be verified using @code{gnutls_pkcs12_verify_mac()} .
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Since:} 3.1.0
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@subheading gnutls_pkcs12_verify_mac
|
|
Packit |
aea12f |
@anchor{gnutls_pkcs12_verify_mac}
|
|
Packit |
aea12f |
@deftypefun {int} {gnutls_pkcs12_verify_mac} (gnutls_pkcs12_t @var{pkcs12}, const char * @var{pass})
|
|
Packit |
aea12f |
@var{pkcs12}: should contain a gnutls_pkcs12_t type
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@var{pass}: The password for the MAC
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This function will verify the MAC for the PKCS12 structure.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a
|
|
Packit |
aea12f |
negative error value.
|
|
Packit |
aea12f |
@end deftypefun
|
|
Packit |
aea12f |
|