Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Objective-C) Set .pfx/.p12 Safe Bag AttributesDemonstrates how to set safebag attributes in a .pfx/.p12. This example creates a .pfx from a .pem containing a private key and certificates, but also sets PFX safebag attributes before writing the .pfx.
#import <CkoPfx.h> #import <CkoStringBuilder.h> #import <NSString.h> #import <CkoJsonObject.h> // We have a PEM containing one private key, and two certificates: // The private key is an ECDSA private key. // The private key is associated with the 1st certificate. // The 2nd certificate is the issuer of the 1st certificate. // -----BEGIN PRIVATE KEY----- // ME0CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEMzAxAgEBBCDgAn4Dal+0iEhIsYBk // 6SdSR344vyj0suhOIxsjmM19s6AKBggqhkjOPQMBBw== // -----END PRIVATE KEY----- // -----BEGIN CERTIFICATE----- // MIIBXzCCAQSgAwIBAgIUGp2obfF61BG7QTsqpyT+VvxxJC0wCgYIKoZIzj0EAwIw // DTELMAkGA1UEAwwCQ0EwHhcNMjAwMzI5MTU1MTEwWhcNMzAwMzI3MTU1MTEwWjAN // MQswCQYDVQQDDAJFRTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEil+DhBUss8 // kMCjEWvZHA+jdy1mQ76a2HFd+5p+AcFGQxNeG8/HXZax7FFzcrczWrli25R8P8j1 // cqhwPY4HtwujQjBAMB0GA1UdDgQWBBTenwm6x4A4W5BzZ2OckKA2IFtPSTAfBgNV // HSMEGDAWgBTx1U/gWiRhAASl6FV04DxP3XmcazAKBggqhkjOPQQDAgNJADBGAiEA // rkqbz5t1M/CjqXSKE5ebBLQ3npF+q7GRC8C2ovDi/xoCIQDGve7OP/ppIDcCNonr // +WSRf5M/6Wvw1lnEsAXf3nLTeQ== // -----END CERTIFICATE----- // -----BEGIN CERTIFICATE----- // MIIBcDCCARWgAwIBAgIUAnQiKKy/PdLnH0A6vYKBq21w1JAwCgYIKoZIzj0EAwIw // DTELMAkGA1UEAwwCQ0EwHhcNMjAwMzI5MTU1MTEwWhcNMzAwMzI3MTU1MTEwWjAN // MQswCQYDVQQDDAJDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPB6yVvqt8cL // EneRtnjoi87H0ATi+JP1w2qkz4GLOaPtFxAnV0LdQCuN91SGbAlKrSkhFyWWimjh // Rqe9+b/1WCijUzBRMB0GA1UdDgQWBBTx1U/gWiRhAASl6FV04DxP3XmcazAfBgNV // HSMEGDAWgBTx1U/gWiRhAASl6FV04DxP3XmcazAPBgNVHRMBAf8EBTADAQH/MAoG // CCqGSM49BAMCA0kAMEYCIQCcIfssfrOruVYvqhxbLGeyc5ppEX53zUU35wIE2t7C // fAIhAKhOTEvN+pdEn+cNwW3AEi7D08ZUQx3P80i4EnFPs0OQ // -----END CERTIFICATE----- CkoPfx *pfx = [[CkoPfx alloc] init]; CkoStringBuilder *sbPem = [[CkoStringBuilder alloc] init]; BOOL success = [sbPem LoadFile: @"qa_data/pfx/test_ecdsa.pem" charset: @"utf-8"]; if (success == NO) { NSLog(@"%@",@"Failed to load the PEM file."); return; } // The PEM in this example is unencrypted. There is no password. NSString *password = @""; success = [pfx LoadPem: [sbPem GetAsString] password: password]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } // Let's add some safebag attributes for the private key... BOOL forPrivateKey = YES; int keyIdx = 0; success = [pfx SetSafeBagAttr: forPrivateKey index: [NSNumber numberWithInt: keyIdx] name: @"localKeyId" value: @"16777216" encoding: @"decimal"]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } success = [pfx SetSafeBagAttr: forPrivateKey index: [NSNumber numberWithInt: keyIdx] name: @"keyContainerName" value: @"{B99EB9E7-6AF7-42AF-A43A-D4B2225B7605}" encoding: @"ascii"]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } success = [pfx SetSafeBagAttr: forPrivateKey index: [NSNumber numberWithInt: keyIdx] name: @"storageProvider" value: @"Microsoft Software Key Storage Provider" encoding: @"ascii"]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } // Add the localKeyId safebag attribute to the 1st certificate. forPrivateKey = NO; int certIdx = 0; success = [pfx SetSafeBagAttr: forPrivateKey index: [NSNumber numberWithInt: certIdx] name: @"localKeyId" value: @"16777216" encoding: @"decimal"]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } // Write the pfx. success = [pfx ToFile: @"secret" path: @"qa_output/ee.pfx"]; if (success == NO) { NSLog(@"%@",pfx.LastErrorText); return; } // Let's load the .pfx we just wrote to see if the safebag attributes exist. CkoPfx *pfx2 = [[CkoPfx alloc] init]; success = [pfx2 LoadPfxFile: @"qa_output/ee.pfx" password: @"secret"]; if (success == NO) { NSLog(@"%@",pfx2.LastErrorText); return; } // After calling LoadPfxFile, the LastJsonData shows what's in the loaded PFX. CkoJsonObject *json = [pfx2 LastJsonData]; json.EmitCompact = NO; NSLog(@"%@",[json Emit]); // The LastJsonData shows what's in the PFX just loaded: // { // "authenticatedSafe": { // "contentInfo": [ // { // "type": "Data", // "safeBag": [ // { // "type": "pkcs8ShroudedKeyBag", // "attrs": { // "keyContainerName": "{B99EB9E7-6AF7-42AF-A43A-D4B2225B7605}", // "msStorageProvider": "Microsoft Software Key Storage Provider", // "localKeyId": "16777216" // } // } // ] // }, // { // "type": "EncryptedData", // "safeBag": [ // { // "type": "certBag", // "attrs": { // "localKeyId": "16777216" // }, // "subject": "EE", // "serialNumber": "1a9da86df17ad411bb413b2aa724fe56fc71242d" // }, // { // "type": "certBag", // "subject": "CA", // "serialNumber": "02742228acbf3dd2e71f403abd8281ab6d70d490" // } // ] // } // ] // } // } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.