#use wml::openssl-macros area=docs page=PKCS12_parse

<title>Documents, PKCS12_parse(3)</title>

<h1>PKCS12_parse(3)</h1>

#use wml::imp::generic

{:
## What's this? [[s|(<STRONG>[^<].+?)</A>(</STRONG><DD>)|$1$2|sg]]
[[s|<P>\s+<P>|<P>|sg]]
[[s|<P>\s+</|</|sg]]
[[s|<DD>\s*<DT>|<DD>&nbsp;<DT>|sg]]
[[s|<DD>\s*</DL>|<DD>&nbsp;</DL>|sg]]
[[s|\[|&#91;|sg]]
[[s|\]|&#93;|sg]]

<!-- INDEX BEGIN -->

<UL>

	<LI><A HREF="#NAME">NAME</A>
	<LI><A HREF="#SYNOPSIS">SYNOPSIS</A>
	<LI><A HREF="#DESCRIPTION">DESCRIPTION</A>
	<LI><A HREF="#NOTES">NOTES</A>
	<LI><A HREF="#RETURN_VALUES">RETURN VALUES</A>
	<LI><A HREF="#BUGS">BUGS</A>
	<LI><A HREF="#SEE_ALSO">SEE ALSO</A>
	<LI><A HREF="#HISTORY">HISTORY</A>
</UL>
<!-- INDEX END -->

<HR>
<P>
<HR>
<H1><A NAME="NAME">NAME</A></H1>
<P>
PKCS12_parse - parse a PKCS#12 structure

</P>
<P>
<HR>
<H1><A NAME="SYNOPSIS">SYNOPSIS</A></H1>
<PRE> #include &lt;openssl/pkcs12.h&gt;
</PRE>
<P>
int <CODE>PKCS12_parse(PKCS12</CODE> *p12, const char *pass, EVP_PKEY
**pkey, X509 **cert, <CODE>STACK_OF(X509)</CODE> **ca);

</P>
<P>
<HR>
<H1><A NAME="DESCRIPTION">DESCRIPTION</A></H1>
<P>
<CODE>PKCS12_parse()</CODE> parses a PKCS12 structure.

</P>
<P>
<STRONG>p12</STRONG> is the <STRONG>PKCS12</STRONG> structure to parse. <STRONG>pass</STRONG> is the passphrase to use. If successful the private key will be written to <STRONG>*pkey</STRONG>, the corresponding certificate to <STRONG>*cert</STRONG> and any additional certificates to <STRONG>*ca</STRONG>.

</P>
<P>
<HR>
<H1><A NAME="NOTES">NOTES</A></H1>
<P>
The parameters <STRONG>pkey</STRONG> and <STRONG>cert</STRONG> cannot be <STRONG>NULL</STRONG>. <STRONG>ca</STRONG> can be &lt;NULL&gt; in which case additional certificates will be discarded. <STRONG>*ca</STRONG> can also be a valid STACK in which case additional certificates are
appended to <STRONG>*ca</STRONG>. If
<STRONG>*ca</STRONG> is <STRONG>NULL</STRONG> a new STACK will be allocated.

</P>
<P>
The <STRONG>friendlyName</STRONG> and <STRONG>localKeyID</STRONG> attributes (if present) on each certificate will be stored in the <STRONG>alias</STRONG> and <STRONG>keyid</STRONG> attributes of the
<STRONG>X509</STRONG> structure.

</P>
<P>
<HR>
<H1><A NAME="RETURN_VALUES">RETURN VALUES</A></H1>
<P>
<CODE>PKCS12_parse()</CODE> returns 1 for success and zero if an error
occurred.

</P>
<P>
The error can be obtained from <A HREF="../crypto/ERR_get_error.html#">ERR_get_error(3)</A>



</P>
<P>
<HR>
<H1><A NAME="BUGS">BUGS</A></H1>
<P>
Only a single private key and corresponding certificate is returned by this
function. More complex PKCS#12 files with multiple private keys will only
return the first match.

</P>
<P>
Only <STRONG>friendlyName</STRONG> and <STRONG>localKeyID</STRONG> attributes are currently stored in certificates. Other attributes are
discarded.

</P>
<P>
Attributes currently cannot be stored in the private key <STRONG>EVP_PKEY</STRONG> structure.

</P>
<P>
<HR>
<H1><A NAME="SEE_ALSO">SEE ALSO</A></H1>
<P>
<EM>d2i_PKCS12(3)</EM>



</P>
<P>
<HR>
<H1><A NAME="HISTORY">HISTORY</A></H1>
<P>
PKCS12_parse was added in OpenSSL 0.9.3

</P>
:}