bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard
verified publisher icon bcgit

Pkcs12Store can't parse PFX file which doesn't contain certificate

Open qinl-li opened this issue 5 years ago • 1 comments

Here is my scenario: Using the following openssl command to generate the pfx file which doesn't contains cert:

openssl.exe genrsa -aes256 -out E:\Temp\test.pem -passout pass:123456 2048 2

openssl.exe pkcs12 -keypbe PBE-SHA1-3DES -aes256 -export -nocerts -inkey E:\Temp\test.pem -out E:\Temp\test.pfx -passin pass:123456 -passout pass:123456

I am trying to parse the key out of the pfx file using bouncy castle. here is the simple code:

    string psw = "123456";
    string pfxPath = @"E:\Temp\test.pfx";
    using (Stream stream = File.Open(pfxPath, FileMode.Open))
    {
        Pkcs12Store pkcs = new Pkcs12StoreBuilder().Build();
        pkcs.Load(stream, psw.ToArray());
    }

However, pkcs is empty. I think it is because the PFX file doesn't have a certificate. So my question is: is there a way that bouncy castle can handle this situation?

qinl-li avatar May 14 '20 18:05 qinl-li

Pkcs12Store

It looks like in the pkcs "src" folder there is no implementation/logic for SymmetricKey (SecretKey) retrieval! It would be really great if it can have something like - public SymmetricKeyEntry GetKey(string alias) { ... } and/or related properties & methods to handle "SymmetricKey / SecretKey" entries! Thanks in advance to the x-man who will be contributing to this one :)

faroque-hossain avatar Sep 01 '21 19:09 faroque-hossain