Hi, I've a program that extracts private key and cert from the input pfx file loaded into the system and then create a p12 file out of this private key and cert using a different password to add it to a local keystore.
/*code to extract key*/ p12Key = d2i_PKCS12_fp(fp, NULL); PKCS12_parse(p12Key, pass, pkey, NULL, NULL); /*code to extract cert*/ p12Cert = d2i_PKCS12_fp(fp, NULL); PKCS12_parse(p12Cert, pass, NULL, pCert, NULL); /*creating p12 from the extracted key and cert*/ p12 = PKCS12_create(password, name, pkey, pCert, NULL,NID_pbe_WithSHA1And40BitRC4,NID_pbe_WithSHA1And3_Key_TripleDES_CBC,0, 0, 0); I observe the following things: 1. The attributes ptr in pkey extracted using PKCS12_parse is null. Note that the input pfx does have local Key ID and friendly name. The cert extracted using PKCS12_parse have local Key ID attribute which is same as in input pfx file. 2. The p12 file created using PKCS12_create has a local KeyID attribute for private key and is different from that of cert. Can any one please explain the reason for this? Is there any issue in my code? or Is this an openssl issue? Thanks Shafeek
