30 I<pass> is the passphrase to use. I<name> is the B<friendlyName> to use for
31 the supplied certificate and key. I<pkey> is the private key to include in
32 the structure and I<cert> its corresponding certificates. I<ca>, if not B<NULL>
35 I<nid_key> and I<nid_cert> are the encryption algorithms that should be used
37 GCM, CCM, XTS, and OCB are unsupported. I<iter> is the encryption algorithm
38 iteration count to use and I<mac_iter> is the MAC iteration count to use.
39 I<keytype> is the type of key.
42 I<ctx> and property query I<propq> to be used to select algorithm implementations.
45 callback I<cb> of type B<PKCS12_create_cb> to be specified and also allows for an
46 optional argument I<cbarg> to be passed back to the callback.
48 The I<cb> if specified will be called for every safebag added to the
54 The parameters I<nid_key>, I<nid_cert>, I<iter>, I<mac_iter> and I<keytype>
65 is not required then I<mac_iter> should be set to PKCS12_DEFAULT_ITER.
67 I<keytype> adds a flag to the store private key. This is a non standard extension
75 If I<name> is B<NULL> and I<cert> contains an I<alias> then this will be
77 Similarly, if I<pkey> is NULL and I<cert> contains a I<keyid> then this will be
79 id calculated from the I<pkey>.
81 For all certificates in I<ca> then if a certificate contains an I<alias> or
82 I<keyid> then this will be used for the corresponding B<friendlyName> or
85 Either I<pkey>, I<cert> or both can be B<NULL> to indicate that no key or
89 I<nid_key> or I<nid_cert> can be set to -1 indicating that no encryption
92 I<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
100 If I<cb> is specified, then it should return 1 for success and -1 for a fatal error.

Last Index update Tue Oct 01 22:02:31 UTC 2024

Dedicated to & Maintained by Room-11