.\" DO NOT MODIFY THIS FILE! It was generated by gdoc. .TH "gnutls_pkcs12_simple_parse" 3 "3.1.11" "gnutls" "gnutls" .SH NAME gnutls_pkcs12_simple_parse \- API function .SH SYNOPSIS .B #include .sp .BI "int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t " p12 ", const char * " password ", gnutls_x509_privkey_t * " key ", gnutls_x509_crt_t ** " chain ", unsigned int * " chain_len ", gnutls_x509_crt_t ** " extra_certs ", unsigned int * " extra_certs_len ", gnutls_x509_crl_t * " crl ", unsigned int " flags ");" .SH ARGUMENTS .IP "gnutls_pkcs12_t p12" 12 the PKCS12 blob. .IP "const char * password" 12 optional password used to decrypt PKCS12 blob, bags and keys. .IP "gnutls_x509_privkey_t * key" 12 a structure to store the parsed private key. .IP "gnutls_x509_crt_t ** chain" 12 the corresponding to key certificate chain (may be \fBNULL\fP) .IP "unsigned int * chain_len" 12 will be updated with the number of additional (may be \fBNULL\fP) .IP "gnutls_x509_crt_t ** extra_certs" 12 optional pointer to receive an array of additional certificates found in the PKCS12 blob (may be \fBNULL\fP). .IP "unsigned int * extra_certs_len" 12 will be updated with the number of additional certs (may be \fBNULL\fP). .IP "gnutls_x509_crl_t * crl" 12 an optional structure to store the parsed CRL (may be \fBNULL\fP). .IP "unsigned int flags" 12 should be zero or one of GNUTLS_PKCS12_SP_* .SH "DESCRIPTION" This function parses a PKCS12 blob in \fIp12blob\fP and extracts the private key, the corresponding certificate chain, and any additional certificates and a CRL. The \fIextra_certs_ret\fP and \fIextra_certs_len\fP parameters are optional and both may be set to \fBNULL\fP. If either is non\-\fBNULL\fP, then both must be set. Encrypted PKCS12 bags and PKCS8 private keys are supported. However, only password based security, and the same password for all operations, are supported. A PKCS12 file may contain many keys and/or certificates, and there is no way to identify which key/certificate pair you want. You should make sure the PKCS12 file only contain one key/certificate pair and/or one CRL. It is believed that the limitations of this function are acceptable for common usage, and that any more flexibility would introduce complexity that would make it harder to use this functionality at all. If the provided structure has encrypted fields but no password is provided then this function returns \fBGNUTLS_E_DECRYPTION_FAILED\fP. Note that normally the chain constructed does not include self signed certificates, to comply with TLS' requirements. If, however, the flag \fBGNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED\fP is specified then self signed certificates will be included in the chain. .SH "RETURNS" On success, \fBGNUTLS_E_SUCCESS\fP (0) is returned, otherwise a negative error value. .SH "SINCE" 3.1 .SH "REPORTING BUGS" Report bugs to . .br General guidelines for reporting bugs: http://www.gnu.org/gethelp/ .br GnuTLS home page: http://www.gnu.org/software/gnutls/ .SH COPYRIGHT Copyright \(co 2012 Free Software Foundation, Inc.. .br Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. .SH "SEE ALSO" The full documentation for .B gnutls is maintained as a Texinfo manual. If the .B info and .B gnutls programs are properly installed at your site, the command .IP .B info gnutls .PP should give you access to the complete manual. As an alternative you may obtain the manual from: .IP .B http://www.gnu.org/software/gnutls/manual/ .PP