J'ai trouvé cette question Converting .PFX to .PEM programmatically? et j'ai le même problème de programme d'exportation de certificats et de clé privée au format pfx à partir du magasin de clés de Windows et de les convertir en fichier/mémoire au format PEM.convertir des certificats pfx au format PEM
lien ci-dessus semble le faire, mais aucune information réelle comment il a été fait et les liens internes à github semblent être cassé
Nous ne pouvons pas utiliser le format PFX, car il contient la chaîne de certificats et API de bibliothèque OpenSSL pour le chargement cette chaîne de certificats fonctionne uniquement sur le fichier PEM.
Lorsque le fichier pfx a été importé dans le magasin de clés Windows, la clé privée a été vérifiée comme exportable. J'ai réussi à exporter les certificats en les copiant dans un nouveau magasin de mémoire, à les exporter en mémoire et à les sauvegarder dans un fichier dans différents formats (base64 et binaire) - voir le code ci-dessous - mais je ne suis pas sûr de le faire, si toute la chaîne a été exportée et je ne sais pas aussi comment convertir au format PEM
Merci d'avance pour toute aide
#pragma comment(lib, "crypt32.lib")
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
char *base64_encode(const unsigned char *data,
size_t input_length,
size_t *output_length);
void main(void)
{
//-------------------------------------------------------------------
// Declare and initialize variables.
HCERTSTORE hSystemStore;
HCERTSTORE hTempStore;
PCCERT_CONTEXT pCertContext = NULL;
char pszStoreName[256] = "root";
char pszNameString[256] = "xyzabcfkjvfkvnrg";
//-------------------------------------------------------------------
// Open a system certificate store.
if(hSystemStore = CertOpenSystemStore(
0,
pszStoreName))
{
printf("The %s system store is open. Continue.\n", pszStoreName);
}
else
{
MyHandleError("The first system store did not open.");
}
//-------------------------------------------------------------------
// Open a temporary certificate store.
if(hTempStore = CertOpenStore(
CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, 0))
{
printf("Temp certificate store was created. Continue.\n");
}
else
{
MyHandleError("The temp store wasn't not created.");
}
//-------------------------------------------------------------------
// Get a certificate that has the desired friendly name.
if(pCertContext=CertFindCertificateInStore(
hSystemStore,
MY_ENCODING_TYPE, // Use X509_ASN_ENCODING
0, // No dwFlags needed
CERT_NAME_FRIENDLY_DISPLAY_TYPE, // Find a certificate
pszNameString, // The Unicode string to be found
// in a certificate's subject
NULL)) // NULL for the first call
{
printf("The %s certificate was found. \n", pszNameString);
}
else
{
MyHandleError("Could not find the %s certificate.");
}
//------------------------------------------------------------------
// add selected certificate into temporary store in memory
if(CertAddCertificateContextToStore(hTempStore, pCertContext, CERT_STORE_ADD_NEW, 0))
{
printf("The %s certificate was added. \n", pszNameString);
}
else
{
MyHandleError("Could not add %s ce
#pragma comment(lib, "crypt32.lib")
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
char *base64_encode(const unsigned char *data,
size_t input_length,
size_t *output_length);
void main(void)
{
//-------------------------------------------------------------------
// Declare and initialize variables.
HCERTSTORE hSystemStore;
HCERTSTORE hTempStore;
PCCERT_CONTEXT pCertContext = NULL;
char pszStoreName[256] = "root";
char pszNameString[256] = "xyzabcfkjvfkvnrg";
//-------------------------------------------------------------------
// Open a system certificate store.
if(hSystemStore = CertOpenSystemStore(
0,
pszStoreName))
{
printf("The %s system store is open. Continue.\n", pszStoreName);
}
else
{
MyHandleError("The first system store did not open.");
}
//-------------------------------------------------------------------
// Open a temporary certificate store.
if(hTempStore = CertOpenStore(
CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, 0))
{
printf("Temp certificate store was created. Continue.\n");
}
else
{
MyHandleError("The temp store wasn't not created.");
}
//-------------------------------------------------------------------
// Get a certificate that has the desired friendly name.
if(pCertContext=CertFindCertificateInStore(
hSystemStore,
MY_ENCODING_TYPE, // Use X509_ASN_ENCODING
0, // No dwFlags needed
CERT_NAME_FRIENDLY_DISPLAY_TYPE, // Find a certificate
pszNameString, // The Unicode string to be found
// in a certificate's subject
NULL)) // NULL for the first call
{
printf("The %s certificate was found. \n", pszNameString);
}
else
{
MyHandleError("Could not find the %s certificate.");
}
//------------------------------------------------------------------
// add selected certificate into temporary store in memory
if(CertAddCertificateContextToStore(hTempStore, pCertContext, CERT_STORE_ADD_NEW, 0))
{
printf("The %s certificate was added. \n", pszNameString);
}
else
{
MyHandleError("Could not add %s certificate.");
}
//------------------------------------------------------------------------------
CRYPT_DATA_BLOB* db= new (CRYPT_DATA_BLOB);
LPCWSTR szPassword = NULL;
db->cbData = 0;
if((!PFXExportCertStoreEx(
hTempStore,
db,
szPassword,
0,
EXPORT_PRIVATE_KEYS|REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY))&&(GetLastError()==0))
{
printf("The %s certificate blob size is %d. \n", pszNameString, db->cbData);
}
else
{
MyHandleError("Could not calculate size of certificate.");
}
//-------------------------------------------------------
// Allocate memory
if(db->pbData = (BYTE*)malloc(db->cbData+1))
{
printf("Memory has been allocated. Continue.\n");
}
else
{
MyHandleError("The allocation of memory failed.");
}
// Export certificate from temporary store to blob
if(PFXExportCertStoreEx(
hTempStore,
db,
szPassword,
0,
EXPORT_PRIVATE_KEYS|REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY))
{
printf("The %s certificate blob was exported %d. \n", pszNameString);
}
else
{
MyHandleError("Could not export certificate.");
}
//-------------------------------------------------------------------
//Write blob to files
FILE *fp;
errno_t err;
if ((err = fopen_s(&fp, "cert_bin.p12", "wb")) != 0)
printf("File was not opened\n");
else
for (int i=0; i<db->cbData; i++)
fprintf(fp,"%c", db->pbData + i);
fclose(fp);
size_t t;
char* c = base64_encode(db->pbData, db->cbData, &t);
if ((err = fopen_s(&fp, "cert_base64.p12", "w")) != 0)
printf("File was not opened\n");
else
fprintf(fp, "%s", c);
fclose(fp);
//-------------------------------------------------------------------
// Free memory.
//free(pbElement);
CertCloseStore(hSystemStore,0);
printf("The program ran without error to the end.\n");
} // End of main
//-------------------------------------------------------------------
void MyHandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // End of MyHandleError