Well, i have to convert the .P12 into .PEMs and there are different steps with openssl.exe the convert a .P12 (RSA) or a .P12 (ECC). The steps are clear and everything works fine, but instead of offering two options ("Import .P12 (RSA)" and "Import .P12 (ECC)") I would like to offer only one import option and the import routine analyse the .P12 to decide RSA or ECC import routine.
Regards
Michael
-----Ursprüngliche Nachricht-----
Von: openssl-users <openssl-users-bounces@xxxxxxxxxxx> Im Auftrag von Viktor Dukhovni
Gesendet: Donnerstag, 9. Juni 2022 14:40
An: openssl-users@xxxxxxxxxxx
Betreff: Re: How to figure out if .P12 is RSA or ECC crypted
On Thu, Jun 09, 2022 at 10:16:24AM +0000, Beilharz, Michael wrote:
> I retrieve .P12 certificates, they can be RSA or ECC crypted
PKCS#12 objects are encrypted with a *symmetric* password: 3DES, AES, ... Perhaps you're confusing the public key algorithm in the certificate (or corresponding private key) with the encryption algorithm of the PKCS#12 object?
> so I offer two methods, to convert them into .PEMs.
The extraction of PEM formatted (PKCS#8) private keys and certificate chains (a sequence of X.509 certificate objects) from a PKCS#12 object does not require any public key algorithm-dependent techniques. The same basic steps work for both RSA and ECDSA.
> I would like to detect, if a P12 is RSA or ECC crypted, so that I
> offer only one Method and the method itself decide the correct way to
> convert the P12.
What actual problem are you trying to solve?
--
Viktor.
