HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |ARGUMENTS |DESCRIPTION |RETURNS |SINCE |REPORTING BUGS |COPYRIGHT |SEE ALSO |COLOPHON | |
gnutls_pkcs12_simple_parse(3) gnutlsgnutls_pkcs12_simple_parse(3)gnutls_pkcs12_simple_parse - API function
#include <gnutls/pkcs12.h>int gnutls_pkcs12_simple_parse(gnutls_pkcs12_tp12, const char *password, gnutls_x509_privkey_t *key, gnutls_x509_crt_t **chain,unsigned int *chain_len, gnutls_x509_crt_t **extra_certs,unsigned int *extra_certs_len, gnutls_x509_crl_t *crl, unsignedintflags);
gnutls_pkcs12_t p12 A pkcs12 type const char * password optional password used to decrypt the structure, bags and keys. gnutls_x509_privkey_t * key a structure to store the parsed private key. gnutls_x509_crt_t ** chain the corresponding to key certificate chain (may beNULL) unsigned int * chain_len will be updated with the number of additional (may beNULL) gnutls_x509_crt_t ** extra_certs optional pointer to receive an array of additional certificates found in the PKCS12 structure (may beNULL). unsigned int * extra_certs_len will be updated with the number of additional certs (may beNULL). gnutls_x509_crl_t * crl an optional structure to store the parsed CRL (may beNULL). unsigned int flags should be zero or one of GNUTLS_PKCS12_SP_*
This function parses a PKCS12 structure inpkcs12 and extracts the private key, the corresponding certificate chain, any additional certificates and a CRL. The structures inkey ,chaincrl , andextra_certs must not be initialized. Theextra_certs andextra_certs_len parameters are optional and both may be set toNULL. If either is non-NULL, then both must be set. The value forextra_certs is allocated usinggnutls_malloc(). Encrypted PKCS12 bags and PKCS8 private keys are supported, but only with password based security and the same password for all operations. Note that a PKCS12 structure may contain many keys and/or certificates, and there is no way to identify which key/certificate pair you want. For this reason this function is useful for PKCS12 files that contain only one key/certificate pair and/or one CRL. If the provided structure has encrypted fields but no password is provided then this function returnsGNUTLS_E_DECRYPTION_FAILED. Note that normally the chain constructed does not include self signed certificates, to comply with TLS' requirements. If, however, the flagGNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNEDis specified then self signed certificates will be included in the chain. Prior to using this function the PKCS12structure integrity must be verified usinggnutls_pkcs12_verify_mac().
On success,GNUTLS_E_SUCCESS(0) is returned, otherwise a negative error value.
3.1.0
Report bugs to <bugs@gnutls.org>. Home page:https://www.gnutls.org
Copyright © 2001-2023 Free Software Foundation, Inc., and others. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
The full documentation forgnutlsis maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visithttps://www.gnutls.org/manual/
This page is part of theGnuTLS (GnuTLS Transport Layer Security Library) project. Information about the project can be found at ⟨http://www.gnutls.org/⟩. If you have a bug report for this manual page, send it to bugs@gnutls.org. This page was obtained from the tarball fetched from ⟨https://www.gnupg.org/ftp/gcrypt/gnutls/⟩ on 2025-08-11. If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.orggnutls 3.8.10gnutls_pkcs12_simple_parse(3)HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |