[Cryptography Team] Re: PKCS-12 support in X509

Robert Withers reefedjib at yahoo.com
Fri Mar 30 18:12:33 UTC 2007 

Yeah, the PKCS-12 file which you exported, holds the privateKey of  
your Certificate in encrypted form.  Since you'll want to setup your  
SSL Server with Certificate-PrivateKey pairs, especially since the  
test certificate has expired, we needed a way to get the privateKey  
from the PKCS-12 file.  This is it.

The structure of a PKCS-12 file is bizarre.  Here is an attempt at a  
representation, in order to talk about RC2.  The structure looks like:

ASN1 encoded PFX
    - PkcsContentInfo of type data
       - content: ASN1 encoded AuthSafe, a sequence of PkcsContentInfos
          - first PkcsContentInfo of type data
             - content: ASN1 encoded sequence of Pkcs12SafeBags
                - first Pkcs12SafeBag
                   - bagValue: Pkcs8EncryptedPrivateKeyInfo
                      - encrypted Pkcs8PrivateKeyInfo, encrypted with  
3DES-CBC
                         - encryptionAlgorithm: 3DES-CBC, params  
holds the salt and iterations
                         - encryptedData: hold the ASN1 encoded  
RSAPrivateKey
          - second PkcsContentInfo of type encrypted
             - content: PkcsEncryptedData
                - encryptedContentInfo: PkcsEncryptedContentInfo
                   - contentEncryptionAlgorithm: 40BitRC2, params  
holds the salt and iterations
                   - encryptedContent: contents unknown

As you can see, there are 2 ContentInfos.

The first is plaintext, so I thought, until ASN1 type mappings showed  
it holds a EncryptedPrivateKeyInfo.  I can decrypt 3DES-CBC, once I  
derived the keys from the KDF.  That was a bitch to write, but I got  
it and it just worked.

The second is EncryptedData, so I thought that is the one that needs  
decoding, but it seems we are ok, pending a test of the PrivateKey  
with the corresponding PublicKey.  This one is encrypted with RC2 so  
I thought we needed it.  Maybe not.  I did see the traffic on TLS, so  
its old.  Funny that it is being used, still.  I wonder what data is  
inside of there - probably some SafeBags of some kind or another.   
But I would stop working on RC2 if I were you.

Robert

On Mar 30, 2007, at 10:39 AM, Ron Teitelbaum wrote:

> Hey Rob,
>
> That's terrific!!
>
> Now I get it.  The PKCS-12 file was the file that I exported from  
> MS IIE.  I
> thought you were talking about the signed CSR, that I sent you.
>
> Did you catch the comments on the TLS list?  I'm almost done with  
> RC2 but do
> we really need it?  I see suggestions that we shouldn't use it.  (I'll
> probably finish it anyway, but I don't suggest we add it to  
> supporteSuites
> on SSL.
>
> Ron
>
>> -----Original Message-----
>> From: Robert Withers [mailto:reefedjib at yahoo.com]
>> Sent: Friday, March 30, 2007 1:25 PM
>> To: Ron Teitelbaum
>> Cc: Cryptography Team Development List
>> Subject: PKCS-12 support in X509
>>
>> Ron and all,
>>
>> I just published a framework for decoding and decrypting PKCS12
>> files, in order to gain access t the private key.  It is pretty
>> hackish, since I assume encryption algorithms, the private key is RSA
>> and the like, but it works for the example file you gave me, Ron.
>>
>> Load all current packages from the repository and then run:
>>
>> 	(Pkcs12PrivateKeyFileReader fromFile: pkcs12FileName)
>> 		asPrivateKey
>>
>> and it will return the RSAPrivateKey.  That KDF was a bitch!
>>
>> cheers,
>> Robert
>
>

More information about the Cryptography mailing list