CODEWITHSUNDEEP
pythongoogle-app-enginecryptographyrsapkcs#12
Dave Watson
Dave Watson

Reputation: 23

How to encode an RSA key using PKCS12 in Python?

I'm using Python (under Google App Engine), and I have some RSA private keys that I need to export in PKCS#12 format. Is there anything out there that will assist me with this? I'm using PyCrypto/KeyCzar, and I've figured out how to import/export RSA keys in PKCS8 format, but I really need it in PKCS12.

Can anybody point me in the right direction? If it helps, the reason I need them in PKCS12 format is so that I can import them on the iPhone, which seems to only allow key-import in that format.

Upvotes: 2

Views: 2535

Answers (3)

Rasmus Faber
Rasmus Faber

Reputation: 49677

If you can handle some ASN.1 generation, you can relatively easily convert a PKCS#8-file into a PKCS#12-file. A PKCS#12-file is basically a wrapper around a PKCS#8 and a certificate, so to make a PKCS#12-file, you just have to add some additional data around your PKCS#8-file and your certificate.

Usually a PKCS#12-file will contain the certificate(s) in an encrypted structure, but all compliant parsers should be able to read it from an unencrypted structure. Also, PKCS#12-files will usually contain a MacData-structure for integrity-check, but this is optional and a compliant parser should work fine without it.

Upvotes: 2

Paul McMillan
Paul McMillan

Reputation: 20117

This mailing list posting tends to suggest that PKCS12 is not planned for a future feature of that package, and is not currently implemented.

http://lists.dlitz.net/pipermail/pycrypto/2009q2/000104.html

Upvotes: 0

yfeldblum
yfeldblum

Reputation: 65445

The standard tool for the job is typically OpenSSL.

See the openssl pkcs12 command.

Upvotes: 0

Related Questions