Hello,is mbedtls support pkcs12?
I use stm32 and C to decrypt RSA,and have a encrypted pkcs12 cert(also have password),enc and dec with RSA was already OK,but can not parse the pkcs12 cert. Now I already get the pkcs8 priKey date from pkcs12 cert,and know the algorithm is MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC,but it seems cant decrypt it with RC2_40_CBC. I am not sure,does it have some ways? Thanks.
MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC is not supported in mbed TLS. RC2 has its disadvantages, security being one of them. You can use other PKCS12 algorithms, such as
mbed TLS Team member
hi mayahs: i want to get pubkey and prikey from pfx certificate,Which interface or algorithm can be implemented？ thanks.
is there an example how to use the mbedtls-stack with PKCS#12?
I tried the following stepps, but I had no luck:
I generated a key + cetificate with openssl:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
I generated pkcs#12 with these files:
openssl pkcs12 -export -out ssl_pkcs12.pfx -inkey key.pem -in cert.pem -certpbe PBE-SHA1-RC4-128 -keypbe PBE-SHA1-RC4-128
I tried do decode the pkcs#12 file with the mbedtls example "pk_decrypt".
This throws the error "PK - Invalid key tag or value". (-0x3D00)
It seems that the ASN1-Parser has a problem with the version tag of the pkcs#12-file.
What am I doing wrong?