Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic CkPython Chilkat2-Python Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel Go
(CkPython) Export a Private Key from an MS Storage Provider
Demonstrates how to export a private key from a Microsoft Storage Provider.
Note: This example requires Chilkat v184.108.40.206 or greater.
import sys import chilkat # This example requires Chilkat v220.127.116.11 or greater. # We'll export a certificate's private key from the MS storage provider. # It is assumed the certificate + private key is already installed on the Windows system. # The export does not remove the key from the Windows storage provider. # First, let's get a certificate in one of the many ways we can do it. # (I ran certmgr.msc, opened a certificate, and noted it's thumbprint.) cert = chilkat.CkCert() success = cert.LoadByThumbprint("ea5a129c1919a52d238ee28d9f3a8f345b768388","hex") if (success == False): print(cert.lastErrorText()) sys.exit() print("Found: " + cert.subjectDN()) # First export the private key the easy way. # privKey is a CkPrivateKey privKey = cert.ExportPrivateKey() if (cert.get_LastMethodSuccess() == False): print(cert.lastErrorText()) sys.exit() # OK.. we have the private key. Do whatever we want with it.. # ------------------------------------------------------------- # Now let's export in a more roundabout way by getting information about the # storage provider and key name and then we'll export completely independent # of the certificate. # # Remember: The private key is not contained within the certificate. An X.509 certificate # embeds the public key, but the counterpart private key is stored elsewhere, such # as in a .pfx/.p12, or as in this case, in the Windows "protected store", or perhaps on # a smartcard or hardware token. (But a private key stored on a smartcard or token cannot # be exported. It must remain on the hardware.) # storageProvider = cert.cspName() keyName = cert.keyContainerName() print("Information about the certificate's private key:") print("Storage Provider: " + storageProvider) print("Key Name: " + keyName) # Export using just the name of the storage provider and key. keyCon = chilkat.CkKeyContainer() privKey2 = chilkat.CkPrivateKey() silentFlag = False success = keyCon.ExportKey(keyName,storageProvider,silentFlag,privKey2) if (success == False): print(keyCon.lastErrorText()) sys.exit() # OK.. we have the private key in privKey2. Do whatever we want with it.. # Perhaps we save as encrypted PKCS8 PEM. success = privKey2.SavePkcs8EncryptedPemFile("myPassword","qa_output/privKey2.pem") if (success == False): print(privKey2.lastErrorText()) sys.exit() print("Success.")
© 2000-2020 Chilkat Software, Inc. All Rights Reserved.