I want to extract x509 cert and private key from pkcs12 file using a C lib. I found lot of .net utils to do this, but did not find any C libraries. My code will run in WinPE environment, so .net will not work.
A:
Openssl allows you to do that. If you know the format of your your certificate you can browse through the code and get the APIs to do so.
Specifically you will have to create a SSL context with the input file and extract the certificate from it.
Praveen S
2010-07-19 04:06:02
You don't need to create an SSL context just to parse a PKCS#12 file.
caf
2010-07-19 04:30:35
+2
A:
You can use OpenSSL to do this. The function d2i_PKCS12_fp() can be used to load a PKCS#12 file into a PKCS12 object, and the function PKCS12_parse() can be used to parse the resulting object to extract the certificate and private key:
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
See the PKCS12_parse() man page for more details.
caf
2010-07-19 04:30:08