Hi.
The PKCS#12 module of openssl has the convenience function
PKCS12_create() for easy creation of PKCS#12 objects. It builds a
PKCS#12 object with a single key and certificate. Recently we had to
create PKCS#12 objects with more than one key and certificate, and I
made a PKCS12_create_multiple():
PKCS12 *PKCS12_create_multiple(char *pass, char *name,
STACK_OF(EVP_PKEY) *pkeys, STACK_OF(X509) *certs,
STACK_OF(sk_X509) *cas, int nid_key, int nid_cert, int
iter, int mac_iter,
int keytype);
If you think that it would be useful for others, I would be glad to
contribute a patch to pkcs12/p12_crt.c and pkcs12/pkcs12.h.
I have one question, though: I needed a STACK_OF(STACK_OF(X509)) as a
parameter; but the current macro system does not allow such a
construction. util/mkerr.pl even gets trapped in an infinite loop.
Therefore I hardcoded STACK_OF(sk_X509). Is this considered Really Evil,
or will you let me get away with it? :-)
Regards,
Juergen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
