I want to add crlbag into p12 file, but openssl and keytool can't read the P7 data in command。I don't know if I have successfully added the p12 file.
there is my some code in test class:
// when I add BC provider in getInstance, it will print extra in data OID(CrlBag's)
KeyStore store = KeyStore.getInstance("PKCS12");
// initialize keystore with pfx
store.load(new ByteArrayInputStream(pfx.toASN1Structure().getEncoded()), passwd);
store.setKeyEntry("Eric's Key", privKey, passwd, chain);
FileOutputStream fout = new FileOutputStream(certPath);
// add CRL Bag
/* CrlBag() is raed a crl file from disk*/
X509CRL crl = CrlBag();
X509CRLHolder acrl = new X509CRLHolder(crl.getEncoded());
PKCS12SafeBagBuilder crlBagBuilder = new PKCS12SafeBagBuilder(acrl.toASN1Structure());
// construct the actual key store
PKCS12PfxPduBuilder pfxPduBuilder = new PKCS12PfxPduBuilder();
Some code I was copy from the PfxPduTest.java.
How can I add the CRLBag or other Bag type in PKCS12 to p12?
There's no way to pick this up via the KeyStore API, the only way to check for this is to write some corresponding code to do the task using
the PKIX API for PKCS#12 that used to create the file. To be honest I'm not really sure how either the KeyStore or the openssl command will
behave if it finds a CrlBag in a PKCS#12 file.
On 12/01/18 14:07, J Gsealy wrote:
Not using the KeyStore API. The bcpkix API will allow you to do it though.
On 16/01/18 19:43, J Gsealy wrote:
|Free forum by Nabble||Edit this page|