man7.org > Linux > man-pages

Linux/UNIX system programming training

gnutls_pkcs12_simple_parse(3) — Linux manual page

NAME | SYNOPSIS | ARGUMENTS | DESCRIPTION | RETURNS | SINCE | REPORTING BUGS | COPYRIGHT | SEE ALSO | COLOPHON 

gnutls_pkcs12_simple_parse(3)     gnutls    gnutls_pkcs12_simple_parse(3)

NAME         top

       gnutls_pkcs12_simple_parse - API function

SYNOPSIS         top

       #include <gnutls/pkcs12.h>

       int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, const char *
       password, gnutls_x509_privkey_t * key, gnutls_x509_crt_t ** chain,
       unsigned int * chain_len, gnutls_x509_crt_t ** extra_certs,
       unsigned int * extra_certs_len, gnutls_x509_crl_t * crl, unsigned
       int flags);

ARGUMENTS         top

       gnutls_pkcs12_t p12
                   A pkcs12 type

       const char * password
                   optional password used to decrypt the structure, bags
                   and keys.

       gnutls_x509_privkey_t * key
                   a structure to store the parsed private key.

       gnutls_x509_crt_t ** chain
                   the corresponding to key certificate chain (may be
                   NULL)

       unsigned int * chain_len
                   will be updated with the number of additional (may be
                   NULL)

       gnutls_x509_crt_t ** extra_certs
                   optional pointer to receive an array of additional
                   certificates found in the PKCS12 structure (may be
                   NULL).

       unsigned int * extra_certs_len
                   will be updated with the number of additional certs
                   (may be NULL).

       gnutls_x509_crl_t * crl
                   an optional structure to store the parsed CRL (may be
                   NULL).

       unsigned int flags
                   should be zero or one of GNUTLS_PKCS12_SP_*

DESCRIPTION         top

       This function parses a PKCS12 structure in  pkcs12 and extracts
       the private key, the corresponding certificate chain, any
       additional certificates and a CRL. The structures in  key ,  chain
       crl , and  extra_certs must not be initialized.

       The  extra_certs and  extra_certs_len parameters are optional and
       both may be set to NULL. If either is non-NULL, then both must be
       set. The value for  extra_certs is allocated using
       gnutls_malloc().

       Encrypted PKCS12 bags and PKCS8 private keys are supported, but
       only with password based security and the same password for all
       operations.

       Note that a PKCS12 structure may contain many keys and/or
       certificates, and there is no way to identify which
       key/certificate pair you want.  For this reason this function is
       useful for PKCS12 files that contain only one key/certificate pair
       and/or one CRL.

       If the provided structure has encrypted fields but no password is
       provided then this function returns GNUTLS_E_DECRYPTION_FAILED.

       Note that normally the chain constructed does not include self
       signed certificates, to comply with TLS' requirements. If,
       however, the flag GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED is
       specified then self signed certificates will be included in the
       chain.

       Prior to using this function the PKCS 12 structure integrity must
       be verified using gnutls_pkcs12_verify_mac().

RETURNS         top

       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative
       error value.

SINCE         top

       3.1.0

REPORTING BUGS         top

       Report bugs to <[email protected]>.
       Home page: https://www.gnutls.org

COPYRIGHT         top

       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without
       modification, are permitted in any medium without royalty provided
       the copyright notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo
       manual.  If the /usr/share/doc/gnutls/ directory does not contain
       the HTML form visit

       https://www.gnutls.org/manual/

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at
       ⟨http://www.gnutls.org/⟩.  If you have a bug report for this
       manual page, send it to [email protected].  This page was obtained
       from the tarball fetched from
       ⟨https://www.gnupg.org/ftp/gcrypt/gnutls/⟩ on 2025-08-11.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for the
       page, or you have corrections or improvements to the information
       in this COLOPHON (which is not part of the original manual page),
       send a mail to [email protected]

gnutls                            3.8.10    gnutls_pkcs12_simple_parse(3)

HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI