2 * Copyright (C) 2003-2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
23 #ifndef GNUTLS_PKCS12_H
24 #define GNUTLS_PKCS12_H
26 #include <gnutls/x509.h>
34 /* PKCS12 structures handling
36 struct gnutls_pkcs12_int
;
37 typedef struct gnutls_pkcs12_int
*gnutls_pkcs12_t
;
39 struct gnutls_pkcs12_bag_int
;
40 typedef struct gnutls_pkcs12_bag_int
*gnutls_pkcs12_bag_t
;
42 int gnutls_pkcs12_init(gnutls_pkcs12_t
* pkcs12
);
43 void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12
);
44 int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12
,
45 const gnutls_datum_t
* data
,
46 gnutls_x509_crt_fmt_t format
, unsigned int flags
);
47 int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12
,
48 gnutls_x509_crt_fmt_t format
,
49 void *output_data
, size_t * output_data_size
);
50 int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12
,
51 gnutls_x509_crt_fmt_t format
,
52 gnutls_datum_t
* out
);
54 int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12
,
55 int indx
, gnutls_pkcs12_bag_t bag
);
56 int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12
, gnutls_pkcs12_bag_t bag
);
58 int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12
, const char *pass
);
59 int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12
, const char *pass
);
61 int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag
, const char *pass
);
62 int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag
,
63 const char *pass
, unsigned int flags
);
65 #define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1
66 int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12
,
68 gnutls_x509_privkey_t
* key
,
69 gnutls_x509_crt_t
** chain
,
70 unsigned int *chain_len
,
71 gnutls_x509_crt_t
** extra_certs
,
72 unsigned int *extra_certs_len
,
73 gnutls_x509_crl_t
* crl
,
77 * gnutls_pkcs12_bag_type_t:
78 * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag.
79 * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key.
80 * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key.
81 * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate.
82 * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL.
83 * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys.
84 * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag.
85 * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag.
87 * Enumeration of different PKCS 12 bag types.
89 typedef enum gnutls_pkcs12_bag_type_t
{
91 GNUTLS_BAG_PKCS8_ENCRYPTED_KEY
= 1,
92 GNUTLS_BAG_PKCS8_KEY
= 2,
93 GNUTLS_BAG_CERTIFICATE
= 3,
95 GNUTLS_BAG_SECRET
= 5, /* Secret data. Underspecified in pkcs-12,
96 * gnutls extension. We use the PKCS-9
97 * random nonce ID 1.2.840.113549.1.9.25.3
98 * to store randomly generated keys.
100 GNUTLS_BAG_ENCRYPTED
= 10,
101 GNUTLS_BAG_UNKNOWN
= 20
102 } gnutls_pkcs12_bag_type_t
;
104 gnutls_pkcs12_bag_type_t
105 gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag
, int indx
);
106 int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag
, int indx
,
107 gnutls_datum_t
* data
);
108 int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag
,
109 gnutls_pkcs12_bag_type_t type
,
110 const gnutls_datum_t
* data
);
111 int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag
,
112 gnutls_x509_crl_t crl
);
113 int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag
,
114 gnutls_x509_crt_t crt
);
116 int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t
* bag
);
117 void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag
);
118 int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag
);
120 int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag
, int indx
,
121 gnutls_datum_t
* id
);
122 int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag
, int indx
,
123 const gnutls_datum_t
* id
);
125 int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag
,
126 int indx
, char **name
);
127 int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag
,
128 int indx
, const char *name
);
135 #endif /* GNUTLS_PKCS12_H */