SV: SV: SV: SV: SV: [Mono-list] PKCS#12 example

[Sebastien Pouliot]

Hello Kim,

On Tue, 2005-27-09 at 09:25 +0200, Hellan.Kim KHE wrote:
> Hi Sebastien
> 
> I'm almost there with my PKCS#12 conversion and there's only one small
> thing left :)
> I've added a friendly name, by using some code I found in your
> examples:
> 
> ....
> ArrayList attrValues = new ArrayList ();
> attrValues.Add(System.Text.Encoding.BigEndianUnicode.GetBytes("My
> friendly name"));
> attrs.Add( PKCS9.friendlyName, attrValues );
> .....
> 
> This works just fine.

Looks ok too ;)

> I've tried to add a localKeyId the same way and it seems to work, but
> I'm not 100% sure what encoding to use. 

AFAIK there are no special encoding. 

> I want to do it right, so can you help me there?

The only* rule is that the certificate and the private key must have the
*same* id (a, potentially very large, integer). It can be a fixed value
(I use 0x1 in makecert), a random value ...

* unless you requires some interop with other tools that define extra
requirements.

> The localKeyId I want to add is the subjectKeyIdentifier from the
> certificate.

Hmmm... not sure if I understand the problem correctly. Are you unsure
about the encoding and/or how to get the SKI ?

> Thank you,
> Kim
> 
> 
> 
> -----Oprindelig meddelelse-----
> Fra: mono-list-bounces at lists.ximian.com
> [mailto:mono-list-bounces at lists.ximian.com] På vegne af Sebastien
> Pouliot
> Sendt: 23. september 2005 14:15
> Til: Julien Gilli
> Cc: mono-list at lists.ximian.com
> Emne: Re: SV: SV: SV: SV: [Mono-list] PKCS#12 example
> 
> Hello Julien, Kim,
> 
> On Fri, 2005-23-09 at 09:53 +0200, Julien Gilli wrote:
> > Hellan.Kim KHE wrote:
> > 
> > >I also took a look at the code, but I really don't know enough
> about crypto standards to be able to see what goes wrong.
> > >
> > >  
> > >
> > I guess that the code doesn't add the localKeyID attribute to the 
> > "keyBag" safeBag, but i may be wrong.
> 
> You were right. 
> It's now fixed in SVN.