You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by Alfred Zhou
Pages 1
Hi Kaleb,
It works very well.
Thank and Best Regards,
Alfred
Hi Kaleb,
I will have a try for the pkcs7.
Thanks and Best Regards,
Alfred
Hi,
Does wolfSSL support loading certificates in the .p7b/.p7c file? If support, how can I parse and verify the certificate?
Thanks,
Alfred
Hi Kaleb,
I have regenerated the PFX file and it can be parsed successfully!
Thank you very much and Best Regards,
Alfred
Hi Kaleb,
When I debug my code, I find that in function wc_PKCS12_parse, a call for DecryptContent returns error. The error message is "Decryption failed, algorithm not compiled in?".
In function DecryptContent in asn.c, a call for CheckAlgo returns error. Is there someting wrong with my pfx file? My password of the pfx file is just a word like "password". The file is generated by cmd like below:
openssl req -newkey rsa:2048 -nodes -keyout test.key -x509 -days 365 -out test.cer
openssl pkcs12 -export -in test.cer -inkey test.key -out test.pfx
It will be required to set password for the pfx file and input a word like "password".
My code is from function test_wolfSSL_PKCS12 in wolfssl/tests/api.c. It is for .p12 file. But my test file is .pfx. I have test the file with some openssl cmd, it could be simply transfered into .pem file with certificate and private key.
So shall I firstly transfer the .pfx file into .p12 file? Is there something wrong with the code or shall I change to use another piece of sample code?
Thanks,
Alfred
Hi Kaleb,
I have used the code to verify my certificate files. It's great.
Thank you for your quick response,
Alfred
Hi,
I have investigated on the topic on page: https://www.wolfssl.com/forums/topic892 … rmat.html. But I still have some questions.
Can you give me detailed sample code for parsing PFX certificate file? I have created WOLFSSL_BIO and called wolfSSL_d2i_PKCS12_bio to get WC_PKCS12. But wolfSSL_PKCS12_parse function returns 0. pkey, cert and certs are null.
What kind of WOLFSSL_BIO shall I create?
Thanks,
Alfred
Hi,
I have generated a private key file as private.pem. I have received a CA signed public key file as public.der. Well how can I use API in C++ project verify these two files valid and matching each other? After verification, I will use the key pair as outgoing certificate in my demo application.
PS: The private key is usually RSAKey and could also be other type like ECC key. For RSAKey, can I use the sample code in function in source file "openssl_evpSig_test in wolfssl\wolfcrypt\test\test.c"?
Thanks,
Alfred
Hi Kaleb,
Really appreciate your quick response. I have written my own OCTET string in altNames and it works.
Thank you very much and Best Regards,
Alfred
Hi Kaleb,
Thank you for your quick response. It is only an investigation on a prototype. I have to create certificate files. I have set altNames with code below:
Cert myCert;
char myAltNames[] = "URL=urn: ... ... \r\nDNS Name= ... ...";
XMEMCPY(myCert.altNames, myAltNames, XSTRLEN(myAltNames));
myCert.alNameSz = XSTRLEN(myAltNames);
But the der file cannot be opened correctly with a message "The file is invalid for use as the following: Security Certificate.".
Without these code, the certificate file can be opened. I think the altNames might have its format. It doesn't accept custom strings.
Thanks,
Alfred
Hi,
In my C++ project, I have used API functions to create a new RSAKey and write the private key into a pem file. And then I call API wc_MakeSelfCert to create new certificate files. But I really want to know how I can set the Subject Alternative Name property in the Details tab of der certficate. I don't know how to configure member altNames in class Cert.
PS I don't have any generated key files to be used to read the properties and I have to write my own string into the certificate files.
The Subject Alternative Name looks like below:
URL=urn: ... ...(This line is required.)
DNS Name= ... ...(This line is required.)
IP Address= ... ... (This line is optional.)
Thank you in advance.
Pages 1
wolfSSL - Embedded SSL Library → Posts by Alfred Zhou
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.016 seconds (95% PHP - 5% DB) with 4 queries