[dev-crypto-csharp] Generate a PKCS#12 container without a password.

Fri, 22 Aug 2014 05:21:29 -0700 

Hello!

I faced some problems when using BC to generate a PKCS#12 container with
public key in certificate and corresponding private key.

I need to generate a container where certificate nor private key are
encrypted.
I tried to pass as passphrase ""(empty string) to Pkcs12Store.Save method,
but when I apply "openssl asn1parse" to content field of generated file I
get the following:

    0:d=0  hl=4 l=1471 cons: SEQUENCE
    4:d=1  hl=4 l= 804 cons: SEQUENCE
    8:d=2  hl=2 l=   9 prim: OBJECT            :pkcs7-data
   19:d=2  hl=4 l= 789 cons: cont [ 0 ]
   23:d=3  hl=4 l= 785 prim: OCTET STRING      [HEX
DUMP]:3082030D30820309060B2A864886F70D010C0A0102A08202B2308202AE3028060A2A864886F70D010C0103301A0414D89C4692815A07AEC3118B9931D839EBDA357AE40202040004820280110DA0AD7C856B36C57A382182EA03747AE0AF2D0F63185EE28F12BB91620708D7358E41B3D9BF0E125AD75B2592E218ECEE99A7D9A85E3FBA5B03D1BC576CD6A7D64D81B99E8B8DF7E6FF3BC29EBA22A1A183FC48EEB3DF7F684A5D95C9B0404FA828FE837DBF656BC59350D8AF0D947EF8DD0F637D851508986FE3BB8FC6141C364EAB63F209E09DD26F4F02E94B6EB61D8AD73441593DE7334CC49DF18CE235C8429E073922C6435C261C0D29C0C0DBE5BF58A166D7574B3A3809837819023EB35E58D12D92AAA7B46C171F05EB92A5017F5F7334E5003DC8779326AB585FC90F90CE53176D07B875C43DB24EE2351967E117E087035E1D72310103D5F6F5520921E0DECA27901B3B9F1ADAC3403B65FD01FB802039096066F1F5C7BB2DE3940F32B7118530FE234FF56329E399771E42865DBCC9A189D95345D8B252243A405BEA0DBE7B3BF35A272AF54345E91311B578500AA820FF226DA2A43B8D1065B03E8966F561DFBD6A513708B3371CB4614836ACC40B2BF956A085CAEBFB3C2B32E6173F2F369E74A97C60BE3FB480B0E27A5310DC70D4004D89560FC08F3B3B66AD4578F58AB2CFF6FEBE74C751D2F177AE7B27273BCFC790615A21294FD8DFFE05C36A2514D3E1D66C120CE353721E98755E5EE94019C5755B8B1D8F5CFF93B7143B2D47078FB2CFFF8BA848F802DE32445F6CE61C7B60F21ADA60900B58227C6C6FFCC00B1D8C9DB3646F90E1B29885C2C3945A07B465DAA0477D5530E19D404F8E3C2E9BBB6B6969AE9A0192E664922115884FA4158E47F75CF68868CBFF7DF70E2B57CB4042DEF8F41DBBC780AE3D02DD3037DB953F086823C8597C6F2B0EA95D17F9D105F738630980ABCA519740604610EC02001A479E1EA80387410E3144301D06092A864886F70D01091431101E0E006D00790041006C006900610073302306092A864886F70D01091531160414FB59ED521AEE5AD0A43C665E199BD9ABF91623AA
  812:d=1  hl=4 l= 659 cons: SEQUENCE
  816:d=2  hl=2 l=   9 prim: OBJECT            :pkcs7-encryptedData
  827:d=2  hl=4 l= 644 cons: cont [ 0 ]
  831:d=3  hl=4 l= 640 cons: SEQUENCE
  835:d=4  hl=2 l=   1 prim: INTEGER           :00
  838:d=4  hl=4 l= 633 cons: SEQUENCE
  842:d=5  hl=2 l=   9 prim: OBJECT            :pkcs7-data
  853:d=5  hl=2 l=  40 cons: SEQUENCE
  855:d=6  hl=2 l=  10 prim: OBJECT            :pbeWithSHA1And40BitRC2-CBC
  867:d=6  hl=2 l=  26 cons: SEQUENCE
  869:d=7  hl=2 l=  20 prim: OCTET STRING      [HEX
DUMP]:B3120BD7CCF0D9A30421225401B67745DAB1B989
  891:d=7  hl=2 l=   2 prim: INTEGER           :0400
  895:d=5  hl=4 l= 576 prim: cont [ 0 ]

As I understand the content is encrypted with empty passphrase.
How can I overcome this issue?

Sincerely, Alexei.

Reply via email to