tags:

views:

51

answers:

2
Q: 

Information regarding .crt file

Hi
I have a x.crt file which is used to sign certain contents and a signature file is generated x.sig the x.crt is having a Certificate part which contains a public key a content signature field etc. when i try to parse the x,crt and when i try to generate a x509 certificate its showing invalid DER format if try to extract public key alone also it throwing exception. I am not getting how to parse the x.crt as i am new to security part.

A: 

May be your crt file is in PEM format? Open it in notepad and you will see.

Try openssl x509 -in cert.crt -inform PEM -out cert.pem -outform PEM in this case.

And what is your openssl command line?

Donz  2010-10-05 19:51:54
Hi Actually crt file is a digitally signed certificate. I dont know how to verify it java Its semantics is like a Certificate part and Signature part. I Certificate part contains the public key which i need to obtain to verify the signature
 2010-10-06 18:37:51
ITYM: "openssl x509 -in cert.crt -inform PEM -out cert.der -outform DER" ... that's if this file really is just a certificate.
dajames  2010-10-08 10:51:00
Yes, it may be not just certificate. user466388, at first you should determine format of this file. And then you can choice right way to parse it.
Donz  2010-10-08 14:58:36
A: 

It's really hard to give a useful answer from so little information. Where did the x.crt file come from (that is: what software produced it) and what are you trying to do with it?

Files with .crt extensions are usually digital certificates -- just certificates, not something "having a certificate part". Is your file actually a certificate, or is it something else?

As Donz suggests, if your file is a certificate then it may be in PEM format, in which you would need to convert it to binary DER format in order to parse it as DER.

You say that your file is used "to sign certain contents". You don't use a certificate to sign things, you use a certificate to verify signatures on things that are already signed. You need a private key to sign things. Perhaps what you have is some sort of container that contains a private key AND its corresponding certificate? It might be a PKCS#12 (PFX) file, for example, Is that possible?

dajames  2010-10-08 10:49:12

related questions

How to implement password protection for individual files?
Encrypting appSettings in web.config
Usefulness of SQL Server "with encryption" statement
How can I use a key blob generated from Win32 CryptoAPI in my .NET application?
CodeReview: Tiny Encryption Algorithm for arbitrary sized data
Simple encryption implementation in C
Which hard disk encryption software to choose?
Passing untampered data from Flash app to server?
How do I prevent replay attacks?
Is there a best .NET algorithm for credit card encryption?
Encrypt data from users in web applications
How to encrypt one message for multiple recipients?
Two-way password encryption without ssl
What's the answer to this Microsoft PDC challenge?
GPG: How does key signing work and how is it done?
Secure Online Highscore Lists for Non-Web Games
Programmatically encrypting a config-file in .NET
How do I use 3des encryption/decryption in Java?
Encryption in C# Web-Services
Suitable alternative to CryptEncrypt
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
C# - CryptographicException: Padding is invalid and cannot be removed
How can I encode xml files to xfdl (base64-gzip)?
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Encrypting Passwords