How to encode an RSA key using PKCS12 in Python?

StackOverflow https://stackoverflow.com/questions/1647568

Question

I'm using Python (under Google App Engine), and I have some RSA private keys that I need to export in PKCS#12 format. Is there anything out there that will assist me with this? I'm using PyCrypto/KeyCzar, and I've figured out how to import/export RSA keys in PKCS8 format, but I really need it in PKCS12.

Can anybody point me in the right direction? If it helps, the reason I need them in PKCS12 format is so that I can import them on the iPhone, which seems to only allow key-import in that format.

Was it helpful?

Solution

If you can handle some ASN.1 generation, you can relatively easily convert a PKCS#8-file into a PKCS#12-file. A PKCS#12-file is basically a wrapper around a PKCS#8 and a certificate, so to make a PKCS#12-file, you just have to add some additional data around your PKCS#8-file and your certificate.

Usually a PKCS#12-file will contain the certificate(s) in an encrypted structure, but all compliant parsers should be able to read it from an unencrypted structure. Also, PKCS#12-files will usually contain a MacData-structure for integrity-check, but this is optional and a compliant parser should work fine without it.

OTHER TIPS

The standard tool for the job is typically OpenSSL.

See the openssl pkcs12 command.

This mailing list posting tends to suggest that PKCS12 is not planned for a future feature of that package, and is not currently implemented.

http://lists.dlitz.net/pipermail/pycrypto/2009q2/000104.html

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top