[openssl-users] Combining certificate and key in PEM format into a P12 file without knowing the key password?

Frank Migge fm at frank4dd.com
Tue Feb 20 16:04:17 UTC 2018


Hi Toby,

>> the question remains: Is there a way to reuse an already-encrypted privkey?

I'd say yes it *could* work, but not with OpenSSL API functions. You'd
have to roll your own code for the PKCS12 creation.

OpenSSL's PKCS12_create() function expects an unencrypted EVP_PKEY
object.  But, internally, that key is turned into a encrypted PKCS8
structure, as expected by the PKCS8ShroudedKeyBag type defined in RFC-7292.

Thats why I think it may be possible to experiment and modify code such
as in crypto/pkcs12/p12_crt.c, trying to pass-through that already
encrypted PKCS8 key "as-is" straight into the pkcs8ShroudedKeyBag
object. If your key is a file in PEM format, you'd need to get that into
an internal structure first (more coding), I don't think there is a
simple API import (without decryption).

If you manage to successfully built that PKCS12, you'd run into trouble
for decoding, which probably fails for all known software. They all
expect to be able to read the private key, when in your case it needs
saving to a file somewhere for further handling, or for entering that
second key-specific password.  You'd again have to code your own PKCS12
unpack program, just for this specific use case.

I may be wrong but to me it looks doable, just a *lot* of work.

Frank
> Tobias Dussa (SCC) <mailto:tobias.dussa at kit.edu>
> Tuesday, February 20, 2018 9:15 PM
> Hi,
>
> On Tue, Feb 20, 2018 at 12:23:14PM +0100, Jakob Bohm wrote:
>>> Googling does not reveal much useful information, unfortunately, and so far we
>>> have been unsuccessfully diving into PKCS12/8/5 specs.  I don't really see a
>>> reason why it should not be possible, but of course that doesn't mean it is. :)
>> In the commonly accepted variants of PKCS#12, private key and all the
>> certificates are encrypted with the same password.  PKCS#12 with
>> different password for private key and certificates is not widely
>> supported.
>
> I see.
>
>> In the concatenated PEM format, only the private key is encrypted, but
>> not the certificates.
>
> Yep.
>
>> So to convert from concatenated PEM format to PKCS#12, even if the
>> encrypted private key could be kept without decrypting the private
>> key, the password for the private key is still needed to encrypt
>> the certificates with the same password.
>
> ... iff you need to retain wide-spread compatibility.  So if that is not
> necessary, the question remains: Is there a way to reuse an already-encrypted
> privkey?
>
> THX & Cheers,
> Toby.
> Jakob Bohm <mailto:jb-openssl at wisemo.com>
> Tuesday, February 20, 2018 8:23 PM
>
> In the commonly accepted variants of PKCS#12, private key and all the
> certificates are encrypted with the same password.  PKCS#12 with
> different password for private key and certificates is not widely
> supported.
>
> In the concatenated PEM format, only the private key is encrypted, but
> not the certificates.
>
> So to convert from concatenated PEM format to PKCS#12, even if the
> encrypted private key could be kept without decrypting the private
> key, the password for the private key is still needed to encrypt
> the certificates with the same password.
>
>
> Enjoy
>
> Jakob
> Tobias Dussa (SCC) <mailto:tobias.dussa at kit.edu>
> Tuesday, February 20, 2018 7:04 PM
> Hi,
>
> I was wondering whether it was possible somehow to take a certificate
> and an
> enciphered private key, both in .pem format, and combine them into a
> PKCS12
> structure without knowing the key passphrase?
>
> Googling does not reveal much useful information, unfortunately, and
> so far we
> have been unsuccessfully diving into PKCS12/8/5 specs. I don't really
> see a
> reason why it should not be possible, but of course that doesn't mean
> it is. :)
>
> THX & Cheers,
> Toby.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180221/3fd57429/attachment.html>


More information about the openssl-users mailing list