Hello Dirk,

We have some support for parsing a PKCS12 file that has a matching private key and certificate stored. This code is in our main github repo and scheduled to be in the next release. https://github.com/wolfSSL/wolfssl. Currently only supporting parsing of the file and not creating it. To get the most use out of it wolfSSL should be configured with "./configure --enable-opensslextra --enable-des3 --enable-arc4". We do not currently support RC2, so encryption done with RC2 can not be decrypted by the API.

Command line to create a pkcs12 certificate to use.
$ openssl pkcs12 -des3 -descert -inkey certs/server-key.pem -in certs/server-cert.pem -CAfile certs/server-cert.pem -out pkcs12.p12 -export

Sudo code for reading WC_PKCS12 from WOLFSSL_BIO and parsing it

WC_PKCS12* pkcs
WOLFSSL_BIO* bio
WOLFSSL_X509* cert
WOLFSSL_EVP_PKEY* pkey
STACK_OF(X509) certs

//bio loads in PKCS12 file
wolfSSL_d2i_PKCS12_bio(bio, &pkcs)
ret = wolfSSL_PKCS12_parse(pkcs, “a password”, &pkey, &cert, &certs)
//check ret value
wc_PKCS12_free(pkcs)

//use cert, pkey, and optional certs stack

Parsing can be done without using WOLFSSL_BIO by calling wc_PKCS12_parse directly with the DER PKCS12 buffer. Sorry we don't have better documentation of it up yet online, these functions were added just recently. If further questions on use come up feel free to contact us through support@wolfssl.com and we can dedicate an engineer to helping out.

Regards,
Jacob