PKCS12_gen_mac.pod 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. =pod
  2. =head1 NAME
  3. PKCS12_gen_mac, PKCS12_setup_mac, PKCS12_set_mac,
  4. PKCS12_verify_mac - Functions to create and manipulate a PKCS#12 structure
  5. =head1 SYNOPSIS
  6. #include <openssl/pkcs12.h>
  7. int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
  8. unsigned char *mac, unsigned int *maclen);
  9. int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
  10. int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
  11. unsigned char *salt, int saltlen, int iter,
  12. const EVP_MD *md_type);
  13. int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
  14. int saltlen, const EVP_MD *md_type);
  15. =head1 DESCRIPTION
  16. PKCS12_gen_mac() generates an HMAC over the entire PKCS#12 object using the
  17. supplied password along with a set of already configured parameters.
  18. The default key generation mechanism used is PKCS12KDF.
  19. PKCS12_verify_mac() verifies the PKCS#12 object's HMAC using the supplied
  20. password.
  21. PKCS12_setup_mac() sets the MAC part of the PKCS#12 structure with the supplied
  22. parameters.
  23. PKCS12_set_mac() sets the MAC and MAC parameters into the PKCS#12 object.
  24. I<pass> is the passphrase to use in the HMAC. I<salt> is the salt value to use,
  25. I<iter> is the iteration count and I<md_type> is the message digest
  26. function to use.
  27. =head1 NOTES
  28. If I<salt> is NULL then a suitable salt will be generated and used.
  29. If I<iter> is 1 then an iteration count will be omitted from the PKCS#12
  30. structure.
  31. PKCS12_gen_mac(), PKCS12_verify_mac() and PKCS12_set_mac() make assumptions
  32. regarding the encoding of the given passphrase. See L<passphrase-encoding(7)>
  33. for more information.
  34. =head1 RETURN VALUES
  35. All functions return 1 on success and 0 if an error occurred.
  36. =head1 CONFORMING TO
  37. IETF RFC 7292 (L<https://tools.ietf.org/html/rfc7292>)
  38. =head1 SEE ALSO
  39. L<d2i_PKCS12(3)>,
  40. L<EVP_KDF-PKCS12KDF(7)>,
  41. L<PKCS12_create(3)>,
  42. L<passphrase-encoding(7)>
  43. =head1 COPYRIGHT
  44. Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
  45. Licensed under the Apache License 2.0 (the "License"). You may not use
  46. this file except in compliance with the License. You can obtain a copy
  47. in the file LICENSE in the source distribution or at
  48. L<https://www.openssl.org/source/license.html>.
  49. =cut