tags:

views:

1141

answers:

2
+1  Q: 

How do I create a PKCS12 .p12 file in C#?

Hi, this is probably a n00b question, but I don't really have any experience in this area.

I need to create a p12 bundle containing an X509 certificate and the private key. I currently have two objects, the X509Certificate2, and the RSAParameters object which contains key information. How do I combine these into a p12 file?

I just cannot find any information regarding this.

I also have a RSACryptoServiceProvider object that has the parameters from the RSAParameters imported into it if that helps.

Some additional background. I am getting my certificate from a VeriSign Registration Authority we have installed here. This is done by creating a PCKS#10 certificate request. I create my certificate object by reading in a byte array of data the RA puts into a database.

RsaPrivateCrtKeyParameters KeyParams = (RsaPrivateCrtKeyParameters)this.KeyPair.Private;
RSAParameters rsaParameters = new RSAParameters();

rsaParameters.Modulus = KeyParams.Modulus.ToByteArrayUnsigned();
rsaParameters.P = KeyParams.P.ToByteArrayUnsigned();
rsaParameters.Q = KeyParams.Q.ToByteArrayUnsigned();
rsaParameters.DP = KeyParams.DP.ToByteArrayUnsigned();
rsaParameters.DQ = KeyParams.DQ.ToByteArrayUnsigned();
rsaParameters.InverseQ = KeyParams.QInv.ToByteArrayUnsigned();
rsaParameters.D = KeyParams.Exponent.ToByteArrayUnsigned();
rsaParameters.Exponent = KeyParams.PublicExponent.ToByteArrayUnsigned();

RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();
rsaKey.ImportParameters(rsaParameters);

this.Certificate.PrivateKey = rsaKey;

byte[] p12 = this.Certificate.Export(X509ContentType.Pkcs12, "password");

File.WriteAllBytes(fileName, p12);

PKCS10 generation (using the bouncycastle library)

509Name name = new X509Name(String.Concat(SubjectCommonName, "=", firstName, " ", lastName));
RsaKeyPairGenerator rkpg = new RsaKeyPairGenerator();
rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
this.KeyPair = rkpg.GenerateKeyPair();

// PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA1WITHRSA", name, this.KeyPair.Public, null, this.KeyPair.Private);
byte[] request = Base64.Encode(csr.GetEncoded());
ASCIIEncoding encoder  = new ASCIIEncoding();
return encoder.GetString(request);

The cert request (minus the http post headers). the public_key parameter is the base64 encoded, pkcs10 formatted CSR. (I've put the line breaks after each parameter just so it's easier to read here, they are not there in the actual http post)

operation=AutoAuthOSUserSubmit&
form_file=..%2ffdf%2fclient%2fuserEnrollMS.fdf&
authenticate=NO&
public_key_format=pkcs10&
country=NZ&
mail_firstName=Daniel&
mail_lastName=Mapletoft&
[email protected]&
challenge=1234&
public_key=MIIBTzCBuwIBADAUMRIwEAYDVQQDDAlTaW1vbiBEb2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANZD8M7gjUq1vBWq4w25x3SNhet4T+uCV3ebnAB5ws9f2YQevd9QeSfoPWw/pyJ/mJRDZDLjYzG63VQUzrXyBx3PZhmWqWaDECAYSssOYTfTMWPns0sRsyg1f35f4mh0ZXieiPYdv8r9CVjG9woa15LA1cYI0b93alM/z+OoMLxNAgMBAAEwCwYJKoZIhvcNAQEFA4GBAIB9buu5sycjdAgyV+UMAlzYKlENrQmI2/36ZZ4q3sx5bIyLm9tOEexbNzkk86kcGQhL2w/0oA5UpUCUU4IIf9u+lhpMoUlbHKH4tosswMwVEiFpfIWrL4M9X7+TW4Lj1aGf2T+xgKhWeo+cBSGexxvHo27OaH9d1NVDozEJ6c7i

This is the output from Certificate.GetRawCertDataString()

3082036F30820257A003020102021034914BB0AF5A48704B56C89DE8B1BBFD300D06092A864886F70D0101050500304D310B3009060355040613024E5A31283026060355040A131F4669727374204D6F727467616765205365727669636573204C696D69746564311430120603550403130B464D5320526F6F74204341301E170D3130303132313030303030305A170D3131303132313233353935395A305B31243022060355040A141B4669727374204D6F727467616765205365727669636573204C7464311F301D060355040B1416466F72205465737420507572706F736573204F6E6C79311230100603550403140953696D6F6E20446F6530819F300D06092A864886F70D010101050003818D0030818902818100D643F0CEE08D4AB5BC15AAE30DB9C7748D85EB784FEB8257779B9C0079C2CF5FD9841EBDDF507927E83D6C3FA7227F9894436432E36331BADD5414CEB5F2071DCF661996A966831020184ACB0E6137D33163E7B34B11B328357F7E5FE2687465789E88F61DBFCAFD0958C6F70A1AD792C0D5C608D1BF776A533FCFE3A830BC4D0203010001A381C03081BD30090603551D1304023000300E0603551D0F0101FF0404030205A030600603551D1F0101FF045630543052A050A04E864C687474703A2F2F6F6E7369746563726C2E766572697369676E2E636F6D2F46697273744D6F72746761676553657276696365734C746450726F70656C6C632F4C617465737443524C2E63726C301F0603551D230418301680148B2A2C583903B2619F16E73D3DF1704DB1F3D4E2301D0603551D0E0416041411A6D5EBC14D7C226502EC340F70237D23431D0B300D06092A864886F70D010105050003820101008EFD93EF777F2D196FC8633C5A8347CA886320E59AF8AF8D3AA901AEF0ADF75EDD2D3C4495CF70F1E4516AA224F3731B6EE66DCB332FD88C03255DA9D12202DD3DF619EE55443F53773FD03C808B5B66AEEB39A3E20B866DC22D92010785A2729C269E35ED6B2036014628850B8E8A40A501F3C7EECA49A4B7E957B496ECD8A27702D7230C40580F94C69E83A0AEFD9347625B529E3ACDD2A5FEB7B946BEE9BE9DA9AA52E14AEC790C66E8A670AA1D53518DEFB66FE6BC33A57BB6A59C75C6DFADE5E961A9A03C3FFDC559FC9ADD565D345975B99BEF5F973D331E60A3FEFEF713C6C630D80222AD9541BC12F1E92379EF5CBECE81CA5E327FD32FDC28AB52D7

this is the contents of array from byte[] array1 = certKey.ExportCspBlob(false);

6,2,0,0,0,164,0,0,82,83,65,49,0,4,0,0,1,0,1,0,77,188,48,168,227,207,63,83,106,119,191,209,8,198,213,192,146,215,26,10,247,198,88,9,253,202,191,29,246,136,158,120,101,116,104,226,95,126,127,53,40,179,17,75,179,231,99,49,211,55,97,14,203,74,24,32,16,131,102,169,150,25,102,207,29,7,242,181,206,20,84,221,186,49,99,227,50,100,67,148,152,127,34,167,63,108,61,232,39,121,80,223,189,30,132,217,95,207,194,121,0,156,155,119,87,130,235,79,120,235,133,141,116,199,185,13,227,170,21,188,181,74,141,224,206,240,67,214

this is the contents of the array from byte[] array2 = rsaKey.ExportCspBlob(false);

6,2,0,0,0,164,0,0,82,83,65,49,0,4,0,0,1,0,1,0,77,188,48,168,227,207,63,83,106,119,191,209,8,198,213,192,146,215,26,10,247,198,88,9,253,202,191,29,246,136,158,120,101,116,104,226,95,126,127,53,40,179,17,75,179,231,99,49,211,55,97,14,203,74,24,32,16,131,102,169,150,25,102,207,29,7,242,181,206,20,84,221,186,49,99,227,50,100,67,148,152,127,34,167,63,108,61,232,39,121,80,223,189,30,132,217,95,207,194,121,0,156,155,119,87,130,235,79,120,235,133,141,116,199,185,13,227,170,21,188,181,74,141,224,206,240,67,214
A: 

Please, take a look here: PKCS #12 File Types: Portable Protected Keys in .NET

Also here: Creating a PKCS12 File

Rubens Farias  2010-01-11 01:22:25
that link only talks about reading from a PKCS#12 file, not creating one.
GregS  2010-01-11 01:25:57
DangerMice  2010-01-11 02:53:37
+1  A: 

Try this:

RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();
rsaKey.ImportParameters(rsaParameters);

X509Certificate2 cert = ...

cert.PrivateKey = rsaKey;

cert.Export(X509ContentType.Pkcs12, "password");

Since you still get the mismatch, but cannot find any difference between the keys, try to insert this check (it should replicate what the .NET framework does internally):

RSACryptoServiceProvider certKey = (RSACryptoServiceProvider) cert.PublicKey.Key;
byte[] array1 = certKey.ExportCspBlob(false);
byte[] array2 = rsaKey.ExportCspBlob(false);
if(array1.Length!=array2.Length)
  throw new Exception("key mismatch");
for (int i = 8; i < array1.Length; i++){ // skip blobheader
  if (array1[i] != array2[i]){
    throw new Exception("key mismatch");
  }
}

It looks like something is going wrong with your keys. Are you perhaps generating a new RSA key between issuing the certificate-request and receiving the certificate?

Here is a dump of your certificate-request: 

0 30  342: SEQUENCE {
   4 30  194:   SEQUENCE {
   7 02    1:     INTEGER 0
  10 30   27:     SEQUENCE {
  12 31   25:       SET {
  14 30   23:         SEQUENCE {
  16 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
  21 0C   16:           UTF8String 'Daniel Mapletoft'
            :           }
            :         }
            :       }
  39 30  159:     SEQUENCE {
  42 30   13:       SEQUENCE {
  44 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
  55 05    0:         NULL
            :         }
  57 03  141:       BIT STRING 0 unused bits, encapsulates {
  61 30  137:           SEQUENCE {
  64 02  129:             INTEGER
            :               00 95 83 2A AB 16 9D 7F 16 87 40 A4 09 74 5F 9D
            :               81 04 B0 41 C1 75 9C C9 CD D0 52 EF 61 09 EF F5
            :               9B 40 1D D4 79 E0 4B 17 6C 1E 62 73 38 D8 69 92
            :               31 C4 E0 84 07 4B 2E FD 53 6D 24 95 59 12 43 8E
            :               82 35 1D 62 79 89 C2 88 38 57 3D 1F 15 8D B9 CC
            :               FA F4 41 23 BA FD ED 51 69 F7 7A E7 03 72 A2 DA
            :               A9 08 65 17 DA 90 E3 7B C4 2C 85 6A 3F AF 83 AC
            :               E5 00 37 7A 98 14 03 EE 68 37 CB E7 0A 1A 49 5F
            :                       [ Another 1 bytes skipped ]
 196 02    3:             INTEGER 65537
            :             }
            :           }
            :       }
            :     }
 201 30   11:   SEQUENCE {
 203 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :     }
 214 03  129:   BIT STRING 0 unused bits
            :     70 D5 29 EB F3 2A 34 13 3F E6 DE 78 35 FB 79 BD
            :     6D ED 8E 89 D9 B0 8F C1 7C 7D 42 37 B8 3E 5B 00
            :     C2 26 A4 E5 77 26 01 86 63 E1 BB 4D 9C CE 7A 10
            :     FF 8E BF 77 1B 0E F9 EE 38 1F 1F A1 04 24 D7 6A
            :     B6 28 3A 88 F5 54 D0 88 46 92 6E 5D 7E 7C CE 87
            :     99 F9 DC 85 99 33 8C 9D BD 73 E2 23 8A 9A 97 B0
            :     3A 9B 36 51 58 FD B7 0F 60 3D FB 5F 4F 06 A0 CE
            :     30 7F 56 B6 53 5E FE 64 7D 8A 30 92 FB BA A4 C6
            :   }

and here is a dump of your certificate:

   0 30  886: SEQUENCE {
   4 30  606:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       6E F0 A9 78 7D 3C D4 05 4E 90 13 DC 9D 34 77 2C
  31 30   13:     SEQUENCE {
  33 06    9:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
  44 05    0:       NULL
            :       }
  46 30   77:     SEQUENCE {
  48 31   11:       SET {
  50 30    9:         SEQUENCE {
  52 06    3:           OBJECT IDENTIFIER countryName (2 5 4 6)
  57 13    2:           PrintableString 'NZ'
            :           }
            :         }
  61 31   40:       SET {
  63 30   38:         SEQUENCE {
  65 06    3:           OBJECT IDENTIFIER organizationName (2 5 4 10)
  70 13   31:           PrintableString 'First Mortgage Services Limited'
            :           }
            :         }
 103 31   20:       SET {
 105 30   18:         SEQUENCE {
 107 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
 112 13   11:           PrintableString 'FMS Root CA'
            :           }
            :         }
            :       }
 125 30   30:     SEQUENCE {
 127 17   13:       UTCTime '091222000000Z'
 142 17   13:       UTCTime '101222235959Z'
            :       }
 157 30   98:     SEQUENCE {
 159 31   36:       SET {
 161 30   34:         SEQUENCE {
 163 06    3:           OBJECT IDENTIFIER organizationName (2 5 4 10)
 168 14   27:           TeletexString 'First Mortgage Services Ltd'
            :           }
            :         }
 197 31   31:       SET {
 199 30   29:         SEQUENCE {
 201 06    3:           OBJECT IDENTIFIER organizationalUnitName (2 5 4 11)
 206 14   22:           TeletexString 'For Test Purposes Only'
            :           }
            :         }
 230 31   25:       SET {
 232 30   23:         SEQUENCE {
 234 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
 239 14   16:           TeletexString 'Daniel Mapletoft'
            :           }
            :         }
            :       }
 257 30  159:     SEQUENCE {
 260 30   13:       SEQUENCE {
 262 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
 273 05    0:         NULL
            :         }
 275 03  141:       BIT STRING 0 unused bits, encapsulates {
 279 30  137:           SEQUENCE {
 282 02  129:             INTEGER
            :               00 CD 08 AE 3E E3 5A E4 5E 50 28 29 5E 65 05 DA
            :               1A E1 9C 50 44 4A F0 06 AA 75 1A 8F F0 75 4C AA
            :               47 4B D5 8F 04 B5 CE 98 C5 0D 99 54 36 E9 EF 2E
            :               7D CD DF FA 46 B2 7D 76 E5 74 19 AD 3E F0 52 52
            :               C7 F8 86 E6 78 32 90 EB 2F 12 3F 7A 31 4B 15 E9
            :               2A 9D 75 91 EA 31 9F 4E 98 A6 06 81 DD 98 1B 1A
            :               DB FE 1F 2E BD 2E 32 60 5A 54 7C 0E 48 6A AB 6C
            :               C6 F6 E2 F2 FD 4A BE 5A BD E0 DF 0C 21 B6 4C 9E
            :                       [ Another 1 bytes skipped ]
 414 02    3:             INTEGER 65537
            :             }
            :           }
            :       }
 419 A3  192:     [3] {
 422 30  189:       SEQUENCE {
 425 30    9:         SEQUENCE {
 427 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
 432 04    2:           OCTET STRING, encapsulates {
 434 30    0:               SEQUENCE {}
            :               }
            :           }
 436 30   14:         SEQUENCE {
 438 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
 443 01    1:           BOOLEAN TRUE
 446 04    4:           OCTET STRING, encapsulates {
 448 03    2:               BIT STRING 5 unused bits
            :                 '101'B
            :               }
            :           }
 452 30   96:         SEQUENCE {
 454 06    3:           OBJECT IDENTIFIER cRLDistributionPoints (2 5 29 31)
 459 01    1:           BOOLEAN TRUE
 462 04   86:           OCTET STRING, encapsulates {
 464 30   84:               SEQUENCE {
 466 30   82:                 SEQUENCE {
 468 A0   80:                   [0] {
 470 A0   78:                     [0] {
 472 86   76:                       [6]
            :                   'http://onsitecrl.verisign.com/FirstMortgageServi'
            :                   'cesLtdPropellc/LatestCRL.crl'
            :                       }
            :                     }
            :                   }
            :                 }
            :               }
            :           }
 550 30   31:         SEQUENCE {
 552 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
 557 04   24:           OCTET STRING, encapsulates {
 559 30   22:               SEQUENCE {
 561 80   20:                 [0]
            :                   8B 2A 2C 58 39 03 B2 61 9F 16 E7 3D 3D F1 70 4D
            :                   B1 F3 D4 E2
            :                 }
            :               }
            :           }
 583 30   29:         SEQUENCE {
 585 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
 590 04   22:           OCTET STRING, encapsulates {
 592 04   20:               OCTET STRING
            :                 3E 91 DB A0 9C B4 A1 CB 68 CC 70 D0 0A 29 D6 BF
            :                 4E 68 10 AB
            :               }
            :           }
            :         }
            :       }
            :     }
 614 30   13:   SEQUENCE {
 616 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
 627 05    0:     NULL
            :     }
 629 03  257:   BIT STRING 0 unused bits
            :     3E C3 A3 F3 5F 3E 29 37 4D 33 E3 F5 F2 89 42 78
            :     AC CD 59 14 E9 CC FF 20 8F 98 34 7B F0 F4 D2 96
            :     EC 58 53 61 E4 3E D0 02 CF FF 30 C8 77 D0 6F 94
            :     37 72 3C B7 90 6E 38 10 59 8C F8 06 B0 61 55 65
            :     58 96 30 7B 9A 58 FF DB 15 7C FA F9 1F 64 5E DC
            :     E8 63 EE EE 90 B1 18 3C 6A 11 62 73 91 CF DE DB
            :     34 F5 67 4F C9 89 77 5C 36 71 FC 11 27 07 C5 76
            :     BB 79 B8 8E 19 E8 E2 5B D7 A5 23 BA D8 19 7C 74
            :             [ Another 128 bytes skipped ]
            :   }

The INTEGERs starting with "00 95 83 2A" in the request and with "00 CD 08 AE" in the certificate are the RSA moduluses of the public key.

The values in the output from ExportCspBlob are reversed, since Microsoft uses little-endian format, but if you start from the end of certKey.ExportCspBlob(false), you should recognize: 205=0xCD, 8=0x08, 174=0xAE. rsaKey.ExportCspBlob(false) on the other hand contains 166=0xA6, 154=0x9A, 180=0xB4, which is yet another RSA modulus.

Are you sure that all of your dumped values were from the same certificate-issuing-process?

Rasmus Faber  2010-01-11 06:46:09
is this any different than doing Certificate.Export(X509ContentType.Pkcs12, password)? Examples I've looked at for this don't show how to include the private key. Note my certificate.HasPrivateKey property is Null.
DangerMice  2010-01-11 22:12:15
DangerMice  2010-01-13 02:35:45
Hi Rasmus, yes I tried the cert.Export method first, as you describe above, however on cert.PrivateKey = rsaKey I get the error "The public key of the certificate does not match the value specified." See the code I added to the question. The RsaPrivateCrtKeyParameters object is from the BouncyCastle library with I used to create my keys and include them in my certificate request.
DangerMice  2010-01-13 02:47:35
It sounds like the key and the certificate does not match. Double-check that the values in rsaParameters.Modulus and rsaParameters.PublicExponent matches the ones in the certificate. In the certificate the modulus will have an extra zero in front, that zero should not be used in the RsaParameters. If you can't find the public-key in the certificate, just check that rsaParameters.Modulus-Length is exactly the key-size (i.e. 128 bytes for a 1024 bit key) and that rsaParameters.PublicExponent is either {03} or {01, 00, 01}.
Rasmus Faber  2010-01-13 07:07:39
The class from dcook's blog will generate a new self-signed certificate to include in the PKCS12-file. You want to use CertCreateCertificateContext (http://msdn.microsoft.com/en-us/library/aa376033%28VS.85%29.aspx) instead of CertCreateSelfSignCertificate.
Rasmus Faber  2010-01-13 07:13:01
"It sounds like the key and the certificate does not match.." They look identical to me. Very strange!
DangerMice  2010-01-14 02:07:56
Try to insert the code I added to the answer.
Rasmus Faber  2010-01-14 14:05:29
DangerMice  2010-01-18 21:15:36
If you want, you could supply a dump of the certificate-request, the certificate and the two exported public-key-blobs (hex or base64 please). Then I will be happy to help you figure out where the incorrect key is being used.
Rasmus Faber  2010-01-19 06:06:03
DangerMice  2010-01-21 22:15:17

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?