pub struct Pkcs12 { /* private fields */ }Expand description
A PKCS#12 / PFX bundle (PKCS12*).
Load from DER with Pkcs12::from_der or create with Pkcs12::create.
Implementations§
Source§impl Pkcs12
impl Pkcs12
Sourcepub fn new() -> Result<Self, ErrorStack>
pub fn new() -> Result<Self, ErrorStack>
Allocate a new, empty PKCS12 structure.
Returns an initialised-but-empty bundle. Use this when building a PKCS#12
structure field-by-field via the raw OpenSSL API. For the common case of
creating a complete bundle from a key and certificate, prefer Pkcs12::create.
§Errors
Returns Err if OpenSSL cannot allocate the structure.
Sourcepub fn from_der(der: &[u8]) -> Result<Self, ErrorStack>
pub fn from_der(der: &[u8]) -> Result<Self, ErrorStack>
Load a PKCS#12 bundle from DER-encoded bytes.
§Errors
Sourcepub fn parse(
&self,
password: &str,
) -> Result<(Pkey<Private>, X509, Vec<X509>), ErrorStack>
pub fn parse( &self, password: &str, ) -> Result<(Pkey<Private>, X509, Vec<X509>), ErrorStack>
Parse the bundle, returning the private key, end-entity certificate, and any additional CA certificates.
password is the MAC / encryption password. Pass "" for an
unencrypted bundle.
§Errors
Sourcepub fn create(
password: &str,
name: &str,
key: &Pkey<Private>,
cert: &X509,
ca: &[X509],
) -> Result<Self, ErrorStack>
pub fn create( password: &str, name: &str, key: &Pkey<Private>, cert: &X509, ca: &[X509], ) -> Result<Self, ErrorStack>
Create a PKCS#12 bundle from a private key and certificate.
password: MAC / encryption passphrase.name: Friendly name stored in the bundle (e.g. the subject CN).ca: Optional slice of additional CA certificates.
Uses AES-256-CBC for key encryption and SHA-256 for the MAC
(nid_key = 0, nid_cert = 0 → OpenSSL defaults).