(C) Get a .pfx/.p12 Safe Bag Attribute

Demonstrates how to get the value of a private key or certificate safe bag attribute. Safe bag attributes are associated with a key or certificate. They are attributes stored in the .p12/.pfx alongside a key or certificate.

Note: This example requires Chilkat v11.0.0 or greater.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <C_CkPfx.h>
#include <C_CkJsonObject.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkPfx pfx;
    HCkJsonObject json;
    BOOL getPrivateKeyAttr;
    int privateKeyIdx;

    success = FALSE;

    pfx = CkPfx_Create();

    success = CkPfx_LoadPfxFile(pfx,"qa_data/pfx/test_ecdsa_secret.pfx","secret");
    if (success == FALSE) {
        printf("%s\n",CkPfx_lastErrorText(pfx));
        CkPfx_Dispose(pfx);
        return;
    }

    json = CkJsonObject_Create();
    CkPfx_GetLastJsonData(pfx,json);

    CkJsonObject_putEmitCompact(json,FALSE);
    printf("%s\n",CkJsonObject_emit(json));

    // The last JSON data provides information about the what is contained in the PFX.  It was collected in the call to LoadPfxFile.
    // For example:

    // {
    //   "authenticatedSafe": {
    //     "contentInfo": [
    //       {
    //         "type": "Data",
    //         "safeBag": [
    //           {
    //             "type": "pkcs8ShroudedKeyBag",
    //             "attrs": {
    //               "localKeyId": "16777216",
    //               "keyContainerName": "{B99EB9E7-6AF7-42AF-A43A-D4B2225B7605}",
    //               "msStorageProvider": "Microsoft Software Key Storage Provider"
    //             }
    //           }
    //         ]
    //       },
    //       {
    //         "type": "EncryptedData",
    //         "safeBag": [
    //           {
    //             "type": "certBag",
    //             "attrs": {
    //               "localKeyId": "16777216"
    //             },
    //             "subject": "EE",
    //             "serialNumber": "1a9da86df17ad411bb413b2aa724fe56fc71242d"
    //           },
    //           {
    //             "type": "certBag",
    //             "subject": "CA",
    //             "serialNumber": "02742228acbf3dd2e71f403abd8281ab6d70d490"
    //           }
    //         ]
    //       }
    //     ]
    //   }
    // }

    // Use this online tool to generate parsing code from sample JSON: 
    // Generate Parsing Code from JSON

    // In the above JSON, we can see the .pfx contains one private key (a pkcs8ShroudedKeyBag) and two certificates (each in a certBag).
    // The certificates in a .pfx/.p12 are typicaly a single certificate with associated private key, along with the other certificates
    // in the chain of authentication.

    // We can see that the private key has 3 safebag attributes: localKeyId, keyContainerName, and msStorageProvider.
    // The certificate associated with the private key contains one safebag attribute: localKeyId.
    // Notice the localKeyId is the same.  The localKeyId helps associate the private key that corresponds to the given certificate.

    // Let's demonstrate the GetSafeBagAttr method:

    // Get each of the private key safebag attributes:
    getPrivateKeyAttr = TRUE;
    privateKeyIdx = 0;
    printf("---- private key safebag attributes ----\n");
    printf("%s\n",CkPfx_getSafeBagAttr(pfx,getPrivateKeyAttr,privateKeyIdx,"localKeyId"));
    printf("%s\n",CkPfx_getSafeBagAttr(pfx,getPrivateKeyAttr,privateKeyIdx,"keyContainerName"));
    printf("%s\n",CkPfx_getSafeBagAttr(pfx,getPrivateKeyAttr,privateKeyIdx,"storageProvider"));

    // Get the localKeyId attribute for the 1st certificate.
    getPrivateKeyAttr = FALSE;
    printf("---- cert safebag attributes ----\n");
    printf("%s\n",CkPfx_getSafeBagAttr(pfx,getPrivateKeyAttr,0,"localKeyId"));


    CkPfx_Dispose(pfx);
    CkJsonObject_Dispose(json);

    }