1<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>ne_ssl_client_cert</title><link rel="stylesheet" type="text/css" href="../manual.css"><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="neon HTTP/WebDAV client library"><link rel="up" href="ref.html" title="neon API reference"><link rel="prev" href="refsslvfy.html" title="ne_ssl_set_verify"><link rel="next" href="refstatus.html" title="ne_status"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">ne_ssl_client_cert</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><th width="60%" align="center">neon API reference</th><td width="20%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr></table><hr></div><div class="refentry" title="ne_ssl_client_cert"><a name="refclicert"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>ne_ssl_clicert_read, ne_ssl_clicert_name, ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt, ne_ssl_clicert_owner, ne_ssl_clicert_free — SSL client certificate handling</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;ne_ssl.h&gt;</pre><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">ne_ssl_client_cert *<b class="fsfunc">ne_ssl_clicert_read</b>(</code></td><td>const char *<var class="pdparam">filename</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">const char *<b class="fsfunc">ne_ssl_clicert_name</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_encrypted</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_decrypt</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var>, </td></tr><tr><td> </td><td>const char *<var class="pdparam">password</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">const ne_ssl_certificate *<b class="fsfunc">ne_ssl_clicert_owner</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">void <b class="fsfunc">ne_ssl_clicert_free</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div></div></div><div class="refsect1" title="Description"><a name="id463433"></a><h2>Description</h2><p>The <code class="function">ne_ssl_clicert_read</code> function reads
2    a <em class="firstterm">client certificate</em> from a
3    PKCS#12-formatted file, and returns an
4    <em class="type">ne_ssl_client_cert</em> object.  If the client
5    certificate is encrypted, it must be decrypted before it is used.
6    An <em class="type">ne_ssl_client_cert</em> object holds a client
7    certificate and the associated private key, not just a
8    certificate; the term "<em class="glossterm">client certificate</em>"
9    will used to refer to this pair.</p><p>A client certificate can be in one of two states:
10    <span class="emphasis"><em>encrypted</em></span> or <span class="emphasis"><em>decrypted</em></span>.
11    The <code class="function">ne_ssl_clicert_encrypted</code> function will
12    return non-zero if the client certificate is in the
13    <span class="emphasis"><em>encrypted</em></span> state.  A client certificate object
14    returned by <code class="function">ne_ssl_clicert_read</code> may be
15    initially in either state, depending on whether the file was
16    encrypted or not.</p><p><code class="function">ne_ssl_clicert_decrypt</code> can be used to
17    decrypt a client certificate using the appropriate password.  This
18    function must only be called if the object is in the
19    <span class="emphasis"><em>encrypted</em></span> state; if decryption fails, the
20    certificate state does not change, so decryption can be attempted
21    more than once using different passwords.</p><p>A client certificate can be given a "friendly name" when it
22    is created; <code class="function">ne_ssl_clicert_name</code> will return
23    this name (or <code class="literal">NULL</code> if no friendly name was specified).
24    <code class="function">ne_ssl_clicert_name</code> can be used when the
25    client certificate is in either the encrypted or decrypted state,
26    and will return the same string for the lifetime of the
27    object.</p><p>The function <code class="function">ne_ssl_clicert_owner</code>
28    returns the certificate part of the client certificate; it must
29    only be called if the client certificate is in the
30    <span class="emphasis"><em>decrypted</em></span> state.</p><p>When the client certificate is no longer needed, the
31    <code class="function">ne_ssl_clicert_free</code> function should be used
32    to destroy the object.</p></div><div class="refsect1" title="Return value"><a name="id463544"></a><h2>Return value</h2><p><code class="function">ne_ssl_clicert_read</code> returns a client
33    certificate object, or <code class="literal">NULL</code> if the file could not be read.
34    <code class="function">ne_ssl_clicert_encrypted</code> returns zero if the
35    object is in the decrypted state, or non-zero if it is in the
36    encrypted state. <code class="function">ne_ssl_clicert_name</code> returns
37    a <code class="literal">NUL</code>-terminated friendly name string, or <code class="literal">NULL</code>.
38    <code class="function">ne_ssl_clicert_owner</code> returns a certificate
39    object.</p></div><div class="refsect1" title="Examples"><a name="id463590"></a><h2>Examples</h2><p>The following code reads a client certificate and decrypts
40    it if necessary, then loads it into an HTTP session.</p><pre class="programlisting">ne_ssl_client_cert *ccert;
41
42ccert = ne_ssl_clicert_read("/path/to/client.p12");
43
44if (ccert == NULL) {
45   /* handle error... */
46} else if (ne_ssl_clicert_encrypted(ccert)) {
47   char *password = prompt_for_password();
48
49   if (ne_ssl_clicert_decrypt(ccert, password)) {
50      /* could not decrypt! handle error... */
51   }
52}
53
54ne_ssl_set_clicert(sess, ccert);
55</pre></div><div class="refsect1" title="See also"><a name="id463609"></a><h2>See also</h2><p><a class="xref" href="refsslcertio.html#ne_ssl_cert_read">ne_ssl_cert_read</a></p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="ref.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">ne_ssl_set_verify </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> ne_status</td></tr></table></div></body></html>
56