I try to manage in a C library multiple RSA keys and certificates in a PKCS#12 structure. Managing a single key with the primitives PKCS12_create and PKCS12_parse works fine, but I can't find anything about managing multiple keys. I tried to use the safes and bags primitives but I only succeed to corrupt my PKCS12.
Does OpenSSL's PKCS#12 allow multiple keys and certificates in PKCS#12 structure? If so, then how do I manage multiple keys and certificates using the PKCS#12 API?
Thanks all
I finally succeed to add/parse multiple RSA keys and they certs into/from a PKCS12 structure/file.
My parse function is based on the OpenSSL parse_pk12 function in p12_kiss.c file. This function seems to return the last bag only. I adapt it to check each bags friendly name and return the one who match.
The add function begin with unpacking the safes (STACK_OF(PKCS7)) from the existing PKCS12, and then working on this safes in order to add a new stack of bags to it. I then create a new PKCS12 with the PKCS12_add_safes function and delete the previous one.
Thanks all