I would be grateful if someone could help
me.
I have tried to parse the attached pkcs12 file
using the code below and openssl 0.9.8a. The PKCS12 file contains a private key,
a user certificate and the root CA certificate used to sign the user
certificate. All of them have a localKeyID field, which is the same in the
private key and in tha user certificate. CA certificate has a different
localKeyID value.
Openssl correctly retrieves the private key into
"pkey", but in "cert" it places the CA certificate instead of the final user
certificate. Finally, in "ca" it does not place anything, so it remains
empty.
I have tried to use command line commands and when
using "pkcs12 -in pkcs12_out.p12 -passin
pass:USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb -nodes -clcerts" it returns the
two certificates (CA and final) and the private key, whereas when using "pkcs12
-in pkcs12_out.p12 -passin pass:USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb -nodes
-cacerts" it does not return any certificate but the private
key!
Thanks a lot.
/**********************************************/
/*********** CODE
*************************/
/**********************************************/
std::ifstream inStream("pkcs12_out.p12",
std::ios::in | std::ios::binary);
unsigned long length=0; inStream.seekg(0L,std::ios::end); length=inStream.tellg(); inStream.seekg(0L,std::ios::beg); data="" char[length]; inStream.read(data,length); inStream.close(); BIO *mem;
EVP_PKEY *pkey; X509 *cert; STACK_OF(X509) *ca = NULL; PKCS12 *p12; unsigned long error; SSLeay_add_all_algorithms();
ERR_load_crypto_strings(); mem = BIO_new_mem_buf(data, length);
p12 = d2i_PKCS12_bio(mem, NULL); BIO_free(mem); if (!p12){ std::cout << "Error reading PKCS#12 file" << std::endl; } if (!PKCS12_parse(p12, "USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb", &pkey, &cert, &ca)){ std::cout << "Error parsing PKCS#12 file" << std::endl; } /**********************************************/
/********** PKCS12 contents
*************/
/**********************************************/
OpenSSL> pkcs12 -in pkcs12_out.p12 -passin
pass:USR_1b4e28ba-2fa1-11d2-883f-b9a7
61dbe3fb -nodes MAC verified OK
Bag Attributes localKeyID: 87 F7 F0 DF 39 3F A1 CE B5 56 D8 BA E8 EC B1 72 BF A7 2D 6F friendlyName: ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c Key Attributes: <No Attributes> -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQCJFXO9WbjfRxOWvhJfNPbwbndScOF7A7WgO92/EDqfcKjtUniB clgCirk83j8f70/RvI+cUrQNuROzR5ye9duB1ln4yvjkR5xDO0e86WFFDN0Q6gJJ tMrfvTM6sV6jzPDCorOIMOh4JQqLNwe7tWrQBqwZW92dSr2AkdQT8CGb1wIDAQAB AoGASBHOKpN8HW7JvqupDwLSfK8m7mHIOZtGproyp5uJpn9dYH/GOQ/7c0KphnW1 rD1tsm+29NGKNdjCobOZhPzu7Lc5UEwS8qSJVBpErtqC+bSua0Sw3Y9tjXo8sMVI 7zklTxsoQ/83YwVCdJPeDa8zMIpF59KTvZmrwMWa4WCG6YECQQDovdXSOpStRKeA EAPyqUFpTD/3Rt3ykGTmBOrvQehmpJ0nzZDyaJJSPvWEvidnRHLCg2RlEPbSvu3b 06p737PBAkEAlshuJxrLRXZbNHYxYUfm0Cq8buS+n4PFFwSfMyWQAB+yyZQ8H7jF whyFT5kEPlUWAmDJpUI0w8Fcks0Kil/VlwJBAOPegUucaVafYjOi+oqKJm3W5sXO z50evHrsk6x+5fAg+XEv9dswgRofZDh8CI412PoStKezDUXXA4D34vH3WsECQAcz h19CvlaQ8oYs5urYfkOO5vT848XGi1EwHVJaBuiamvVZqQ1yy68boZpNmpBHjAeN C9RitxZqU7uHI2u8a/0CQQCtSQHnMAesSKe4dL3Sxq79DTo0bwHFWOnd6R0UxrnR GGfHaRGaZp9vOoz9esSCWzZNysXyNx/zzt7Dp1RREnq/ -----END RSA PRIVATE KEY----- Bag Attributes localKeyID: 87 F7 F0 DF 39 3F A1 CE B5 56 D8 BA E8 EC B1 72 BF A7 2D 6F friendlyName: ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c subject=/O=AXMEDIS/CN=ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c issuer=/O=AXMEDIS/OU=AXMEDIS AXCS CA -----BEGIN CERTIFICATE----- MIICTDCCAbWgAwIBAgIEO5rKUzANBgkqhkiG9w0BAQUFADAsMRAwDgYDVQQKEwdB WE1FRElTMRgwFgYDVQQLEw9BWE1FRElTIEFYQ1MgQ0EwHhcNMDYwMTIzMTYxOTEx WhcNMDYwMzI0MTYxOTExWjBFMRAwDgYDVQQKEwdBWE1FRElTMTEwLwYDVQQDDChJ VE9fMjZhZGZlM2QtMTY1Zi0zZmIyLWFkOGMtNjY1YWEzZWM0ZTBjMIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQCJFXO9WbjfRxOWvhJfNPbwbndScOF7A7WgO92/ EDqfcKjtUniBclgCirk83j8f70/RvI+cUrQNuROzR5ye9duB1ln4yvjkR5xDO0e8 6WFFDN0Q6gJJtMrfvTM6sV6jzPDCorOIMOh4JQqLNwe7tWrQBqwZW92dSr2AkdQT 8CGb1wIDAQABo2IwYDAdBgNVHQ4EFgQUh/fw3zk/oc61Vti66Oyxcr+nLW8wHwYD VR0jBBgwFoAUwDYZB63EiJeoXnJvawnr5ebxKVwwEQYJYIZIAYb4QgEBBAQDAgQw MAsGA1UdDwQEAwIDiDANBgkqhkiG9w0BAQUFAAOBgQAkIz6k/t/oCyM3aPUw2aTn C9ckiz0s2qH33ZvKi+nTTgf4XWx3kPTk8g5cICdqm1CCupQwhLh0bIyJE6ENxAs6 vPteRbIWG4IkgQyQOtQtC21vImndP+fmJanVnrfxaC4fhwJ6Ie21cAmnDkjUqAdN 3ylLDAfzkjLtYD2ITWx53g== -----END CERTIFICATE----- Bag Attributes localKeyID: C0 36 19 07 AD C4 88 97 A8 5E 72 6F 6B 09 EB E5 E6 F1 29 5C friendlyName: AXMEDIS AXCS CA subject=/O=AXMEDIS/OU=AXMEDIS AXCS CA issuer=/O=AXMEDIS/OU=AXMEDIS AXCS CA -----BEGIN CERTIFICATE----- MIICATCCAWqgAwIBAgIBATANBgkqhkiG9w0BAQUFADAsMRAwDgYDVQQKEwdBWE1F RElTMRgwFgYDVQQLEw9BWE1FRElTIEFYQ1MgQ0EwHhcNMDUwODIyMTQxNjI1WhcN MTIwNDE3MTQxNjI2WjAsMRAwDgYDVQQKEwdBWE1FRElTMRgwFgYDVQQLEw9BWE1F RElTIEFYQ1MgQ0EwgZ0wDQYJKoZIhvcNAQEBBQADgYsAMIGHAoGBALJZ0tbmJ6do yUvjYWTC2fx52XqrklMUDlvxd1EZdzHW91QNJQnnuf/uCnCm4m1W6S0u3X+Fq6hW ALaQifNfa9vzwpjgWEJTXZ8GTmsDkct9MG4KLSDE37TntJqWQL3qJsEK1pw/BQB8 4lE87kTP4BmY5itsNjfT/AORB5sm7jbVAgERozUwMzAdBgNVHQ4EFgQUwDYZB63E iJeoXnJvawnr5ebxKVwwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQUF AAOBgQBjBNX/E3WsEjqKQ+4D2/gBhExlcIdsiNHhuGeGVDtQMJXnsiqmN35mqZGt 1LSKxaBk0whQAe2VvIUF5THwfVvr+roIwxUBzCGJkHhXuocYgfaaENvQSk4L6Zgh F4yio+eBQy0RIjZMh3tZCjnothwLBfBRt5Kfvu9nlSep5nx/zQ== -----END CERTIFICATE----- |
pkcs12_out.p12
Description: application/pkcs12