X509.PKCS12
PKCS12 archive files
val decode_der : string -> (t, [> `Msg of string ]) Stdlib.result
decode_der buffer
is t
, the PKCS12 archive of buffer
.
val encode_der : t -> string
encode_der t
is buf
, the PKCS12 encoded archive of t
.
val verify :
string ->
t ->
([ `Certificate of Certificate.t
| `Crl of CRL.t
| `Private_key of Private_key.t
| `Decrypted_private_key of Private_key.t ]
list,
[> `Msg of string ])
Stdlib.result
verify password t
verifies and decrypts the PKCS12 archive t
. The result is the contents of the archive.
val create :
?mac:[ `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ] ->
?algorithm:[ `AES128_CBC | `AES192_CBC | `AES256_CBC ] ->
?iterations:int ->
string ->
Certificate.t list ->
Private_key.t ->
t
create ~mac ~algorithm ~iterations password certificates private_key
constructs a PKCS12 archive with certificates
and private_key
. They are encrypted with algorithm
(using PBES2, PKCS5v2) and integrity protected using mac
. A local key id
is always embedded in the private key and matching certificate.