openssl: Adjust manual pages for 1.0.1o.
[dragonfly.git] / secure / lib / libcrypto / man / PKCS12_create.3
CommitLineData
5a44c043 1.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
8b0cefbb 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
8b0cefbb 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
8b0cefbb 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
8b0cefbb
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
8b0cefbb 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
8b0cefbb
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
8b0cefbb
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
5a44c043
SW
41. ds C`
42. ds C'
984263bc 43'br\}
8b0cefbb 44.\"
e257b235
PA
45.\" Escape single quotes in literal strings from groff's Unicode transform.
46.ie \n(.g .ds Aq \(aq
47.el .ds Aq '
48.\"
8b0cefbb 49.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 50.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
8b0cefbb
JR
51.\" entries marked with X<> in POD. Of course, you'll have to process the
52.\" output yourself in some meaningful fashion.
5a44c043
SW
53.\"
54.\" Avoid warning from groff about undefined register 'F'.
55.de IX
984263bc 56..
5a44c043
SW
57.nr rF 0
58.if \n(.g .if rF .nr rF 1
59.if (\n(rF:(\n(.g==0)) \{
60. if \nF \{
61. de IX
62. tm Index:\\$1\t\\n%\t"\\$2"
e257b235 63..
5a44c043
SW
64. if !\nF==2 \{
65. nr % 0
66. nr F 2
67. \}
68. \}
e257b235 69.\}
5a44c043 70.rr rF
aac4ff6f 71.\"
8b0cefbb
JR
72.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
73.\" Fear. Run. Save yourself. No user-serviceable parts.
74. \" fudge factors for nroff and troff
984263bc 75.if n \{\
8b0cefbb
JR
76. ds #H 0
77. ds #V .8m
78. ds #F .3m
79. ds #[ \f1
80. ds #] \fP
984263bc
MD
81.\}
82.if t \{\
8b0cefbb
JR
83. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
84. ds #V .6m
85. ds #F 0
86. ds #[ \&
87. ds #] \&
984263bc 88.\}
8b0cefbb 89. \" simple accents for nroff and troff
984263bc 90.if n \{\
8b0cefbb
JR
91. ds ' \&
92. ds ` \&
93. ds ^ \&
94. ds , \&
95. ds ~ ~
96. ds /
984263bc
MD
97.\}
98.if t \{\
8b0cefbb
JR
99. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
100. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
101. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
102. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
103. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
104. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 105.\}
8b0cefbb 106. \" troff and (daisy-wheel) nroff accents
984263bc
MD
107.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
108.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
109.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
110.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
111.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
112.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
113.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
114.ds ae a\h'-(\w'a'u*4/10)'e
115.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 116. \" corrections for vroff
984263bc
MD
117.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
118.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 119. \" for low resolution devices (crt and lpr)
984263bc
MD
120.if \n(.H>23 .if \n(.V>19 \
121\{\
8b0cefbb
JR
122. ds : e
123. ds 8 ss
124. ds o a
125. ds d- d\h'-1'\(ga
126. ds D- D\h'-1'\(hy
127. ds th \o'bp'
128. ds Th \o'LP'
129. ds ae ae
130. ds Ae AE
984263bc
MD
131.\}
132.rm #[ #] #H #V #F C
8b0cefbb
JR
133.\" ========================================================================
134.\"
135.IX Title "PKCS12_create 3"
46af7d9a 136.TH PKCS12_create 3 "2015-06-12" "1.0.1o" "OpenSSL"
e257b235
PA
137.\" For nroff, turn off justification. Always turn off hyphenation; it makes
138.\" way too many mistakes in technical documents.
139.if n .ad l
140.nh
984263bc
MD
141.SH "NAME"
142PKCS12_create \- create a PKCS#12 structure
143.SH "SYNOPSIS"
8b0cefbb 144.IX Header "SYNOPSIS"
984263bc
MD
145.Vb 1
146\& #include <openssl/pkcs12.h>
e257b235 147\&
984263bc
MD
148\& PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca,
149\& int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
150.Ve
151.SH "DESCRIPTION"
8b0cefbb
JR
152.IX Header "DESCRIPTION"
153\&\fIPKCS12_create()\fR creates a PKCS#12 structure.
984263bc 154.PP
8b0cefbb 155\&\fBpass\fR is the passphrase to use. \fBname\fR is the \fBfriendlyName\fR to use for
984263bc 156the supplied certifictate and key. \fBpkey\fR is the private key to include in
8b0cefbb 157the structure and \fBcert\fR its corresponding certificates. \fBca\fR, if not \fB\s-1NULL\s0\fR
984263bc
MD
158is an optional set of certificates to also include in the structure.
159.PP
8b0cefbb 160\&\fBnid_key\fR and \fBnid_cert\fR are the encryption algorithms that should be used
984263bc 161for the key and certificate respectively. \fBiter\fR is the encryption algorithm
8b0cefbb
JR
162iteration count to use and \fBmac_iter\fR is the \s-1MAC\s0 iteration count to use.
163\&\fBkeytype\fR is the type of key.
984263bc 164.SH "NOTES"
8b0cefbb 165.IX Header "NOTES"
984263bc
MD
166The parameters \fBnid_key\fR, \fBnid_cert\fR, \fBiter\fR, \fBmac_iter\fR and \fBkeytype\fR
167can all be set to zero and sensible defaults will be used.
168.PP
8b0cefbb 169These defaults are: 40 bit \s-1RC2\s0 encryption for certificates, triple \s-1DES\s0
5a44c043
SW
170encryption for private keys, a key iteration count of \s-1PKCS12_DEFAULT_ITER
171\&\s0(currently 2048) and a \s-1MAC\s0 iteration count of 1.
984263bc 172.PP
8b0cefbb
JR
173The default \s-1MAC\s0 iteration count is 1 in order to retain compatibility with
174old software which did not interpret \s-1MAC\s0 iteration counts. If such compatibility
5a44c043 175is not required then \fBmac_iter\fR should be set to \s-1PKCS12_DEFAULT_ITER.\s0
984263bc 176.PP
8b0cefbb 177\&\fBkeytype\fR adds a flag to the store private key. This is a non standard extension
5a44c043 178that is only currently interpreted by \s-1MSIE.\s0 If set to zero the flag is omitted,
8b0cefbb 179if set to \fB\s-1KEY_SIG\s0\fR the key can be used for signing only, if set to \fB\s-1KEY_EX\s0\fR
984263bc
MD
180it can be used for signing and encryption. This option was useful for old
181export grade software which could use signing only keys of arbitrary size but
182had restrictions on the permissible sizes of keys which could be used for
183encryption.
a561f9ff
SS
184.SH "NEW FUNCTIONALITY IN OPENSSL 0.9.8"
185.IX Header "NEW FUNCTIONALITY IN OPENSSL 0.9.8"
186Some additional functionality was added to \fIPKCS12_create()\fR in OpenSSL
1870.9.8. These extensions are detailed below.
188.PP
189If a certificate contains an \fBalias\fR or \fBkeyid\fR then this will be
190used for the corresponding \fBfriendlyName\fR or \fBlocalKeyID\fR in the
191\&\s-1PKCS12\s0 structure.
192.PP
193Either \fBpkey\fR, \fBcert\fR or both can be \fB\s-1NULL\s0\fR to indicate that no key or
194certficate is required. In previous versions both had to be present or
195a fatal error is returned.
196.PP
197\&\fBnid_key\fR or \fBnid_cert\fR can be set to \-1 indicating that no encryption
e257b235 198should be used.
a561f9ff
SS
199.PP
200\&\fBmac_iter\fR can be set to \-1 and the \s-1MAC\s0 will then be omitted entirely.
984263bc 201.SH "SEE ALSO"
74dab6c2 202.IX Header "SEE ALSO"
8b0cefbb
JR
203\&\fId2i_PKCS12\fR\|(3)
204.SH "HISTORY"
74dab6c2 205.IX Header "HISTORY"
8b0cefbb 206PKCS12_create was added in OpenSSL 0.9.3