Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extending and exporting pkcs12 at runtime not possible? #1052

Open
jgrenda opened this issue Oct 10, 2023 · 0 comments
Open

Extending and exporting pkcs12 at runtime not possible? #1052

jgrenda opened this issue Oct 10, 2023 · 0 comments

Comments

@jgrenda
Copy link

jgrenda commented Oct 10, 2023

Use-case: take existing pkcs12, extend it with a new entry and save to filesystem as p12.
Issue: PKCS#12 PFX object cannot be converted to asn1 object
Looking at the available documentation I've proceeded in the following for parsing the pkcs12:

var p12File = fs.readFileSync('truststore.p12', 'binary');
var pkcs12Asn1 = forge.asn1.fromDer(p12File);
var pkcs12 = forge.pkcs12.pkcs12FromAsn1(pkcs12Asn1, false, "password");

At this point I am unsure how I can extend the pkcs12 with an additional entry, like a certificate in case of a truststore.
Building a new one with forge.pkcs12.toPkcs12Asn1 only allows one private key and a cert chain, not multiple entries.
Furthermore, to export the pkcs12 I would use:

var p12Der = forge.asn1.toDer(pkcs12Asn1).getBytes();
fs.writeFile('writtenP12.p12', p12Der, 'binary', (err) => {})

Doing this with the PKCS#12 PFX object instead of the asn1 object results in TypeError: Cannot read properties of undefined (reading 'tbsCertificate').
Is there any way to convert the PKCS#12 PFX object back to ASN1 for exporting?

Any help would be greatly appreciated.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jgrenda