1<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>ne_ssl_client_cert</title><link rel="stylesheet" type="text/css" href="../manual.css"><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="neon HTTP/WebDAV client library"><link rel="up" href="ref.html" title="neon API reference"><link rel="prev" href="refsslvfy.html" title="ne_ssl_set_verify"><link rel="next" href="refstatus.html" title="ne_status"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">ne_ssl_client_cert</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><th width="60%" align="center">neon API reference</th><td width="20%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr></table><hr></div><div class="refentry" title="ne_ssl_client_cert"><a name="refclicert"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>ne_ssl_clicert_read, ne_ssl_clicert_name, ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt, ne_ssl_clicert_owner, ne_ssl_clicert_free — SSL client certificate handling</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="funcsynopsis"><pre class="funcsynopsisinfo">#include <ne_ssl.h></pre><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">ne_ssl_client_cert *<b class="fsfunc">ne_ssl_clicert_read</b>(</code></td><td>const char *<var class="pdparam">filename</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">const char *<b class="fsfunc">ne_ssl_clicert_name</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_encrypted</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">int <b class="fsfunc">ne_ssl_clicert_decrypt</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var>, </td></tr><tr><td> </td><td>const char *<var class="pdparam">password</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">const ne_ssl_certificate *<b class="fsfunc">ne_ssl_clicert_owner</b>(</code></td><td>const ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" class="funcprototype-table"><tr><td><code class="funcdef">void <b class="fsfunc">ne_ssl_clicert_free</b>(</code></td><td>ne_ssl_client_cert *<var class="pdparam">ccert</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div></div></div><div class="refsect1" title="Description"><a name="id463433"></a><h2>Description</h2><p>The <code class="function">ne_ssl_clicert_read</code> function reads 2 a <em class="firstterm">client certificate</em> from a 3 PKCS#12-formatted file, and returns an 4 <em class="type">ne_ssl_client_cert</em> object. If the client 5 certificate is encrypted, it must be decrypted before it is used. 6 An <em class="type">ne_ssl_client_cert</em> object holds a client 7 certificate and the associated private key, not just a 8 certificate; the term "<em class="glossterm">client certificate</em>" 9 will used to refer to this pair.</p><p>A client certificate can be in one of two states: 10 <span class="emphasis"><em>encrypted</em></span> or <span class="emphasis"><em>decrypted</em></span>. 11 The <code class="function">ne_ssl_clicert_encrypted</code> function will 12 return non-zero if the client certificate is in the 13 <span class="emphasis"><em>encrypted</em></span> state. A client certificate object 14 returned by <code class="function">ne_ssl_clicert_read</code> may be 15 initially in either state, depending on whether the file was 16 encrypted or not.</p><p><code class="function">ne_ssl_clicert_decrypt</code> can be used to 17 decrypt a client certificate using the appropriate password. This 18 function must only be called if the object is in the 19 <span class="emphasis"><em>encrypted</em></span> state; if decryption fails, the 20 certificate state does not change, so decryption can be attempted 21 more than once using different passwords.</p><p>A client certificate can be given a "friendly name" when it 22 is created; <code class="function">ne_ssl_clicert_name</code> will return 23 this name (or <code class="literal">NULL</code> if no friendly name was specified). 24 <code class="function">ne_ssl_clicert_name</code> can be used when the 25 client certificate is in either the encrypted or decrypted state, 26 and will return the same string for the lifetime of the 27 object.</p><p>The function <code class="function">ne_ssl_clicert_owner</code> 28 returns the certificate part of the client certificate; it must 29 only be called if the client certificate is in the 30 <span class="emphasis"><em>decrypted</em></span> state.</p><p>When the client certificate is no longer needed, the 31 <code class="function">ne_ssl_clicert_free</code> function should be used 32 to destroy the object.</p></div><div class="refsect1" title="Return value"><a name="id463544"></a><h2>Return value</h2><p><code class="function">ne_ssl_clicert_read</code> returns a client 33 certificate object, or <code class="literal">NULL</code> if the file could not be read. 34 <code class="function">ne_ssl_clicert_encrypted</code> returns zero if the 35 object is in the decrypted state, or non-zero if it is in the 36 encrypted state. <code class="function">ne_ssl_clicert_name</code> returns 37 a <code class="literal">NUL</code>-terminated friendly name string, or <code class="literal">NULL</code>. 38 <code class="function">ne_ssl_clicert_owner</code> returns a certificate 39 object.</p></div><div class="refsect1" title="Examples"><a name="id463590"></a><h2>Examples</h2><p>The following code reads a client certificate and decrypts 40 it if necessary, then loads it into an HTTP session.</p><pre class="programlisting">ne_ssl_client_cert *ccert; 41 42ccert = ne_ssl_clicert_read("/path/to/client.p12"); 43 44if (ccert == NULL) { 45 /* handle error... */ 46} else if (ne_ssl_clicert_encrypted(ccert)) { 47 char *password = prompt_for_password(); 48 49 if (ne_ssl_clicert_decrypt(ccert, password)) { 50 /* could not decrypt! handle error... */ 51 } 52} 53 54ne_ssl_set_clicert(sess, ccert); 55</pre></div><div class="refsect1" title="See also"><a name="id463609"></a><h2>See also</h2><p><a class="xref" href="refsslcertio.html#ne_ssl_cert_read">ne_ssl_cert_read</a></p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="refsslvfy.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="ref.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="refstatus.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">ne_ssl_set_verify </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> ne_status</td></tr></table></div></body></html> 56