Fw: problem in pkcs12_parse

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Fw: problem in pkcs12_parse

Víctor Torres - UPF
I would be grateful if someone could help me.
 
I have tried to parse the attached pkcs12 file using the code below and openssl 0.9.8a. The PKCS12 file contains a private key, a user certificate and the root CA certificate used to sign the user certificate. All of them have a localKeyID field, which is the same in the private key and in tha user certificate. CA certificate has a different localKeyID value.
 
Openssl correctly retrieves the private key into "pkey", but in "cert" it places the CA certificate instead of the final user certificate. Finally, in "ca" it does not place anything, so it remains empty.
 
I have tried to use command line commands and when using "pkcs12 -in pkcs12_out.p12 -passin pass:USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb -nodes -clcerts" it returns the two certificates (CA and final) and the private key, whereas when using "pkcs12 -in pkcs12_out.p12 -passin pass:USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb -nodes -cacerts" it does not return any certificate but the private key!
 
Thanks a lot.
 
/**********************************************/
/*********** CODE *************************/
/**********************************************/
 
std::ifstream inStream("pkcs12_out.p12", std::ios::in | std::ios::binary);
unsigned long length=0;
inStream.seekg(0L,std::ios::end);
length=inStream.tellg();
inStream.seekg(0L,std::ios::beg);
data=new char[length];
inStream.read(data,length);
inStream.close();
 
BIO *mem;
EVP_PKEY *pkey;
X509 *cert;
STACK_OF(X509) *ca = NULL;
PKCS12 *p12;
unsigned long error;
 
SSLeay_add_all_algorithms();
ERR_load_crypto_strings();
 
mem = BIO_new_mem_buf(data, length);
p12 = d2i_PKCS12_bio(mem, NULL);
BIO_free(mem);
if (!p12){
        std::cout << "Error reading PKCS#12 file" << std::endl;
}
if (!PKCS12_parse(p12, "USR_1b4e28ba-2fa1-11d2-883f-b9a761dbe3fb", &pkey, &cert, &ca)){
 std::cout << "Error parsing PKCS#12 file" << std::endl;
}
 
/**********************************************/
/********** PKCS12 contents *************/
/**********************************************/
 
OpenSSL> pkcs12 -in pkcs12_out.p12 -passin pass:USR_1b4e28ba-2fa1-11d2-883f-b9a7
61dbe3fb -nodes
MAC verified OK
Bag Attributes
    localKeyID: 87 F7 F0 DF 39 3F A1 CE B5 56 D8 BA E8 EC B1 72 BF A7 2D 6F
    friendlyName: ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCJFXO9WbjfRxOWvhJfNPbwbndScOF7A7WgO92/EDqfcKjtUniB
clgCirk83j8f70/RvI+cUrQNuROzR5ye9duB1ln4yvjkR5xDO0e86WFFDN0Q6gJJ
tMrfvTM6sV6jzPDCorOIMOh4JQqLNwe7tWrQBqwZW92dSr2AkdQT8CGb1wIDAQAB
AoGASBHOKpN8HW7JvqupDwLSfK8m7mHIOZtGproyp5uJpn9dYH/GOQ/7c0KphnW1
rD1tsm+29NGKNdjCobOZhPzu7Lc5UEwS8qSJVBpErtqC+bSua0Sw3Y9tjXo8sMVI
7zklTxsoQ/83YwVCdJPeDa8zMIpF59KTvZmrwMWa4WCG6YECQQDovdXSOpStRKeA
EAPyqUFpTD/3Rt3ykGTmBOrvQehmpJ0nzZDyaJJSPvWEvidnRHLCg2RlEPbSvu3b
06p737PBAkEAlshuJxrLRXZbNHYxYUfm0Cq8buS+n4PFFwSfMyWQAB+yyZQ8H7jF
whyFT5kEPlUWAmDJpUI0w8Fcks0Kil/VlwJBAOPegUucaVafYjOi+oqKJm3W5sXO
z50evHrsk6x+5fAg+XEv9dswgRofZDh8CI412PoStKezDUXXA4D34vH3WsECQAcz
h19CvlaQ8oYs5urYfkOO5vT848XGi1EwHVJaBuiamvVZqQ1yy68boZpNmpBHjAeN
C9RitxZqU7uHI2u8a/0CQQCtSQHnMAesSKe4dL3Sxq79DTo0bwHFWOnd6R0UxrnR
GGfHaRGaZp9vOoz9esSCWzZNysXyNx/zzt7Dp1RREnq/
-----END RSA PRIVATE KEY-----
Bag Attributes
    localKeyID: 87 F7 F0 DF 39 3F A1 CE B5 56 D8 BA E8 EC B1 72 BF A7 2D 6F
    friendlyName: ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c
subject=/O=AXMEDIS/CN=ITO_26adfe3d-165f-3fb2-ad8c-665aa3ec4e0c
issuer=/O=AXMEDIS/OU=AXMEDIS AXCS CA
-----BEGIN CERTIFICATE-----
MIICTDCCAbWgAwIBAgIEO5rKUzANBgkqhkiG9w0BAQUFADAsMRAwDgYDVQQKEwdB
WE1FRElTMRgwFgYDVQQLEw9BWE1FRElTIEFYQ1MgQ0EwHhcNMDYwMTIzMTYxOTEx
WhcNMDYwMzI0MTYxOTExWjBFMRAwDgYDVQQKEwdBWE1FRElTMTEwLwYDVQQDDChJ
VE9fMjZhZGZlM2QtMTY1Zi0zZmIyLWFkOGMtNjY1YWEzZWM0ZTBjMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCJFXO9WbjfRxOWvhJfNPbwbndScOF7A7WgO92/
EDqfcKjtUniBclgCirk83j8f70/RvI+cUrQNuROzR5ye9duB1ln4yvjkR5xDO0e8
6WFFDN0Q6gJJtMrfvTM6sV6jzPDCorOIMOh4JQqLNwe7tWrQBqwZW92dSr2AkdQT
8CGb1wIDAQABo2IwYDAdBgNVHQ4EFgQUh/fw3zk/oc61Vti66Oyxcr+nLW8wHwYD
VR0jBBgwFoAUwDYZB63EiJeoXnJvawnr5ebxKVwwEQYJYIZIAYb4QgEBBAQDAgQw
MAsGA1UdDwQEAwIDiDANBgkqhkiG9w0BAQUFAAOBgQAkIz6k/t/oCyM3aPUw2aTn
C9ckiz0s2qH33ZvKi+nTTgf4XWx3kPTk8g5cICdqm1CCupQwhLh0bIyJE6ENxAs6
vPteRbIWG4IkgQyQOtQtC21vImndP+fmJanVnrfxaC4fhwJ6Ie21cAmnDkjUqAdN
3ylLDAfzkjLtYD2ITWx53g==
-----END CERTIFICATE-----
Bag Attributes
    localKeyID: C0 36 19 07 AD C4 88 97 A8 5E 72 6F 6B 09 EB E5 E6 F1 29 5C
    friendlyName: AXMEDIS AXCS CA
subject=/O=AXMEDIS/OU=AXMEDIS AXCS CA
issuer=/O=AXMEDIS/OU=AXMEDIS AXCS CA
-----BEGIN CERTIFICATE-----
MIICATCCAWqgAwIBAgIBATANBgkqhkiG9w0BAQUFADAsMRAwDgYDVQQKEwdBWE1F
RElTMRgwFgYDVQQLEw9BWE1FRElTIEFYQ1MgQ0EwHhcNMDUwODIyMTQxNjI1WhcN
MTIwNDE3MTQxNjI2WjAsMRAwDgYDVQQKEwdBWE1FRElTMRgwFgYDVQQLEw9BWE1F
RElTIEFYQ1MgQ0EwgZ0wDQYJKoZIhvcNAQEBBQADgYsAMIGHAoGBALJZ0tbmJ6do
yUvjYWTC2fx52XqrklMUDlvxd1EZdzHW91QNJQnnuf/uCnCm4m1W6S0u3X+Fq6hW
ALaQifNfa9vzwpjgWEJTXZ8GTmsDkct9MG4KLSDE37TntJqWQL3qJsEK1pw/BQB8
4lE87kTP4BmY5itsNjfT/AORB5sm7jbVAgERozUwMzAdBgNVHQ4EFgQUwDYZB63E
iJeoXnJvawnr5ebxKVwwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQUF
AAOBgQBjBNX/E3WsEjqKQ+4D2/gBhExlcIdsiNHhuGeGVDtQMJXnsiqmN35mqZGt
1LSKxaBk0whQAe2VvIUF5THwfVvr+roIwxUBzCGJkHhXuocYgfaaENvQSk4L6Zgh
F4yio+eBQy0RIjZMh3tZCjnothwLBfBRt5Kfvu9nlSep5nx/zQ==
-----END CERTIFICATE-----
 
 
 
 

pkcs12_out.p12 (3K) Download Attachment