EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Exporting to PFX file: result not usable by windows

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#621
Posted: 07/04/2006 09:10:18
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

Hello,

I have self-signed X509 certificates stored in a database (two blobs, on encrpyted password field).

I want to allow the user to export the certificate in PFX format and include the private key.

I have code that works like this:

Code
Certificate.LoadFromStream(CertDataBLOB);
Certificate.LoadKeyFromStreamPEM(keyDataBLOB, KeyPasswordField);
FileStream := TFileStream.Create(FileName, fmCreate or fmShareExclusive);
try
  FileStream.Position := 0;
  FileStream.Size := 0;
  if Certificate.SaveToStreamPFX(FileStream, '', SB_ALGORITHM_PBE_SHA1_3DES, SB_ALGORITHM_PBE_SHA1_RC4_128) <> 0 then
            ShowMessage('Error saving certificate to PFX file');
finally
  FileStream.Free;
end;


This seems to work, but when I try to load the resulting PFX file (that is, when I double-click on it), the windows wizard never let me pass the key password.

I have tried assigning a different password to the SaveToStreamPFX call: nothing changes.

What am I doing wrong ?
#623
Posted: 07/04/2006 09:21:26
by Ken Ivanov (EldoS Corp.)

Windows cryptographic providers do not understand RC4/128 bit cipher. Please consider using 40-bit cipher (e.g., SB_ALGORITHM_PBE_SHA1_RC2_40) instead.
#624
Posted: 07/04/2006 09:47:57
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 170

fast, clear, to the point and exact answer: I couldn't ask for better support :)

Thanks a lot: it works now.

Reply

Statistics

Topic viewed 3035 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!