Home Explore Help
Register Sign In
Apq
/
winscp
mirror of https://github.com/winscp/winscp.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: d1dba72c46
Branches Tags
winscp
/
libs
/
neon
/
doc
/
html
/
refclicert.html

refclicert.html 7.8 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>ne_ssl_client_cert</title><link rel="stylesheet" type="text/css" href="../manual.css"><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="neon HTTP/WebDAV client library"><link rel="up" href="ref.html" title="neon API reference"><link rel="prev" href="refsslvfy.html" title="ne_ssl_set_verify"><link rel="next" href="refstatus.html" title="ne_status"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">ne_ssl_client_cert</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><th width="60%" align="center">neon API reference</th><td width="20%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr></table><hr></div><div class="refentry"><a name="refclicert"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>ne_ssl_clicert_read, ne_ssl_clicert_name, ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt, ne_ssl_clicert_owner, ne_ssl_clicert_free — SSL client certificate handling</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;ne_ssl.h&gt;</pre><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">ne_ssl_client_cert *<b class="fsfunc">ne_ssl_clicert_read</b>(</code></td><td>const char *<var class="pdparam">filename</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">const char *<b class="fsfunc">ne_ssl_clicert_name</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_encrypted</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_decrypt</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var>, </td></tr><tr><td> </td><td>const char *<var class="pdparam">password</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">const ne_ssl_certificate *<b class="fsfunc">ne_ssl_clicert_owner</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">void <b class="fsfunc">ne_ssl_clicert_free</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div></div></div><div class="refsect1"><a name="idm45346980817856"></a><h2>Description</h2><p>The <code class="function">ne_ssl_clicert_read</code> function reads
    2. 

  2.     a <em class="firstterm">client certificate</em> from a
    3. 

  3.     PKCS#12-formatted file, and returns an
    4. 

  4.     <em class="type">ne_ssl_client_cert</em> object.  If the client
    5. 

  5.     certificate is encrypted, it must be decrypted before it is used.
    6. 

  6.     An <em class="type">ne_ssl_client_cert</em> object holds a client
    7. 

  7.     certificate and the associated private key, not just a
    8. 

  8.     certificate; the term "<em class="glossterm">client certificate</em>"
    9. 

  9.     will used to refer to this pair.</p><p>A client certificate can be in one of two states:
    10. 

  10.     <span class="emphasis"><em>encrypted</em></span> or <span class="emphasis"><em>decrypted</em></span>.
    11. 

  11.     The <code class="function">ne_ssl_clicert_encrypted</code> function will
    12. 

  12.     return non-zero if the client certificate is in the
    13. 

  13.     <span class="emphasis"><em>encrypted</em></span> state.  A client certificate object
    14. 

  14.     returned by <code class="function">ne_ssl_clicert_read</code> may be
    15. 

  15.     initially in either state, depending on whether the file was
    16. 

  16.     encrypted or not.</p><p><code class="function">ne_ssl_clicert_decrypt</code> can be used to
    17. 

  17.     decrypt a client certificate using the appropriate password.  This
    18. 

  18.     function must only be called if the object is in the
    19. 

  19.     <span class="emphasis"><em>encrypted</em></span> state; if decryption fails, the
    20. 

  20.     certificate state does not change, so decryption can be attempted
    21. 

  21.     more than once using different passwords.</p><p>A client certificate can be given a "friendly name" when it
    22. 

  22.     is created; <code class="function">ne_ssl_clicert_name</code> will return
    23. 

  23.     this name (or <code class="literal">NULL</code> if no friendly name was specified).
    24. 

  24.     <code class="function">ne_ssl_clicert_name</code> can be used when the
    25. 

  25.     client certificate is in either the encrypted or decrypted state,
    26. 

  26.     and will return the same string for the lifetime of the
    27. 

  27.     object.</p><p>The function <code class="function">ne_ssl_clicert_owner</code>
    28. 

  28.     returns the certificate part of the client certificate; it must
    29. 

  29.     only be called if the client certificate is in the
    30. 

  30.     <span class="emphasis"><em>decrypted</em></span> state.</p><p>When the client certificate is no longer needed, the
    31. 

  31.     <code class="function">ne_ssl_clicert_free</code> function should be used
    32. 

  32.     to destroy the object.</p></div><div class="refsect1"><a name="idm45346980804752"></a><h2>Return value</h2><p><code class="function">ne_ssl_clicert_read</code> returns a client
    33. 

  33.     certificate object, or <code class="literal">NULL</code> if the file could not be read.
    34. 

  34.     <code class="function">ne_ssl_clicert_encrypted</code> returns zero if the
    35. 

  35.     object is in the decrypted state, or non-zero if it is in the
    36. 

  36.     encrypted state. <code class="function">ne_ssl_clicert_name</code> returns
    37. 

  37.     a <code class="literal">NUL</code>-terminated friendly name string, or <code class="literal">NULL</code>.
    38. 

  38.     <code class="function">ne_ssl_clicert_owner</code> returns a certificate
    39. 

  39.     object.</p></div><div class="refsect1"><a name="idm45346980799232"></a><h2>Examples</h2><p>The following code reads a client certificate and decrypts
    40. 

  40.     it if necessary, then loads it into an HTTP session.</p><pre class="programlisting">ne_ssl_client_cert *ccert;
    41. 

  41. 

  42. ccert = ne_ssl_clicert_read("/path/to/client.p12");
    43. 

  43. 

  44. if (ccert == NULL) {
    45. 

  45.    /* handle error... */
    46. 

  46. } else if (ne_ssl_clicert_encrypted(ccert)) {
    47. 

  47.    char *password = prompt_for_password();
    48. 

  48. 

  49.    if (ne_ssl_clicert_decrypt(ccert, password)) {
    50. 

  50.       /* could not decrypt! handle error... */
    51. 

  51.    }
    52. 

  52. }
    53. 

  53. 

  54. ne_ssl_set_clicert(sess, ccert);
    55. 

  55. </pre></div><div class="refsect1"><a name="idm45346980797328"></a><h2>See also</h2><p><a class="xref" href="refsslcertio.html#ne_ssl_cert_read">ne_ssl_cert_read</a></p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="ref.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">ne_ssl_set_verify </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> ne_status</td></tr></table></div></body></html>
    56.