Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP Extension) Export a Private Key from an MS Storage ProviderDemonstrates how to export a private key from a Microsoft Storage Provider. Note: This example requires Chilkat v9.5.0.83 or greater.
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); // This example requires Chilkat v9.5.0.83 or greater. // We'll export a certificate's private key from the MS storage provider. // It is assumed the certificate + private key is already installed on the Windows system. // The export does not remove the key from the Windows storage provider. // First, let's get a certificate in one of the many ways we can do it. // (I ran certmgr.msc, opened a certificate, and noted it's thumbprint.) $cert = new CkCert(); $success = $cert->LoadByThumbprint('ea5a129c1919a52d238ee28d9f3a8f345b768388','hex'); if ($success == false) { print $cert->lastErrorText() . "\n"; exit; } print 'Found: ' . $cert->subjectDN() . "\n"; // First export the private key the easy way. // privKey is a CkPrivateKey $privKey = $cert->ExportPrivateKey(); if ($cert->get_LastMethodSuccess() == false) { print $cert->lastErrorText() . "\n"; exit; } // OK.. we have the private key. Do whatever we want with it.. // ------------------------------------------------------------- // Now let's export in a more roundabout way by getting information about the // storage provider and key name and then we'll export completely independent // of the certificate. // // Remember: The private key is not contained within the certificate. An X.509 certificate // embeds the public key, but the counterpart private key is stored elsewhere, such // as in a .pfx/.p12, or as in this case, in the Windows "protected store", or perhaps on // a smartcard or hardware token. (But a private key stored on a smartcard or token cannot // be exported. It must remain on the hardware.) // $storageProvider = $cert->cspName(); $keyName = $cert->keyContainerName(); print 'Information about the certificate's private key:' . "\n"; print 'Storage Provider: ' . $storageProvider . "\n"; print 'Key Name: ' . $keyName . "\n"; // Export using just the name of the storage provider and key. $keyCon = new CkKeyContainer(); $privKey2 = new CkPrivateKey(); $silentFlag = false; $success = $keyCon->ExportKey($keyName,$storageProvider,$silentFlag,$privKey2); if ($success == false) { print $keyCon->lastErrorText() . "\n"; exit; } // OK.. we have the private key in privKey2. Do whatever we want with it.. // Perhaps we save as encrypted PKCS8 PEM. $success = $privKey2->SavePkcs8EncryptedPemFile('myPassword','qa_output/privKey2.pem'); if ($success == false) { print $privKey2->lastErrorText() . "\n"; exit; } print 'Success.' . "\n"; ?> |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.