Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.
This function reads a private key from disk and sets the phase2_private_key property with the private key file data if using the nm_setting_802_1x_ck_scheme_blob scheme, or with the path to the private key file if using the nm_setting_802_1x_ck_scheme_path scheme.
If password
is given, this function attempts to decrypt the private key to verify that password
is correct, and
if it is, updates the phase2_private_key_password
property with the given password
. If the decryption is unsuccessful, false is returned,
throws is set, and no internal data is changed. If no password
is given, the private key is
assumed to be valid, no decryption is performed, and the password may be set at a later time.
WARNING: the "phase2" private key property is not a "secret" property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.
this |
the Setting8021x |
value |
when |
password |
password used to decrypt the private key, or null if the password is unknown. If the password is given but fails to decrypt the private key, an error is returned. |
scheme |
desired storage scheme for the private key |
out_format |
on successful return, the type of the private key added |
true if the operation succeeded, false if it was unsuccessful |