Extract Public/Private Keys and Certs from PFX into String Variables

Downloads:

MS Windows Visual C/C++ Libraries

Linux/CentOS C/C++ Libraries

MAC OS X C/C++ Libraries

Solaris C/C++ Libraries

C++ Builder Libraries

Demonstrates how to export certificates and public/private keys from a PFX file into in-memory strings.

#include <CkCertStore.h>
#include <CkString.h>
#include <CkCert.h>
#include <CkPrivateKey.h>
#include <CkPublicKey.h>

void ChilkatSample(void)
    {
    bool success;
    CkCertStore certStore;

    //  Load the PFX file into a certificate store object
    CkString password;
    password = "*myPassword2*";
    success = certStore.LoadPfxFile("chilkat.pfx",password);
    if (success != true) {
        printf("%s\n",certStore.lastErrorText());
        return;
    }

    int i;
    int numCerts;
    numCerts = certStore.get_NumCertificates();

    //  Loop over each certificate in the PFX.
    CkCert *cert = 0;
    CkString fname;
    for (i = 0; i <= numCerts - 1; i++) {

        cert = certStore.GetCertificate(i);

        printf("%s\n",cert->subjectDN());
        printf("---\n");

        CkString encodedCert;
        encodedCert = cert->getEncoded();

        //  This string may now be stored in a relational database string field.
        //  To re-create the cert, do this:
        CkCert cert2;
        cert2.SetFromEncoded(encodedCert);

        //  Does this cert have a private key?
        if (cert->HasPrivateKey() == true) {

            //  Get the private key.
            CkPrivateKey *pvkey = 0;
            pvkey = cert->ExportPrivateKey();

            //  The private key can be exported into
            //  a string in PKCS8, RSA PEM, or XML format:
            CkString pemPvKey;
            CkString pkcs8PvKey;
            CkString xmlPvKey;

            pemPvKey = pvkey->getRsaPem();
            pkcs8PvKey = pvkey->getPkcs8Pem();
            xmlPvKey = pvkey->getXml();

            printf("%s\n",(const char *)pemPvKey);
            printf("%s\n",(const char *)pkcs8PvKey);
            printf("%s\n",(const char *)xmlPvKey);

            //  Any of these formatted strings may
            //  be stored in a relational database field.
            //  to restore, call LoadPem or LoadXml
            //  LoadPem accepts either RSA PEM or
            //  PKCS8 PEM:
            CkPrivateKey pvKey2;

            pvKey2.LoadPem(pemPvKey);
            pvKey2.LoadPem(pkcs8PvKey);
            pvKey2.LoadXml(xmlPvKey);

            delete pvkey;

        }

        //  Now for the public key:
        CkPublicKey *pubkey = 0;
        pubkey = cert->ExportPublicKey();

        //  It can be exported to a string as OpenSSL PEM
        //  or XML:
        CkString pubKeyPem;
        CkString pubKeyXml;

        pubKeyPem = pubkey->getOpenSslPem();
        pubKeyXml = pubkey->getXml();

        printf("%s\n",(const char *)pubKeyPem);
        printf("%s\n",(const char *)pubKeyXml);

        //  To re-load a PublicKey object, call LoadXml
        //  or LoadOpenSslPem:
        CkPublicKey pubKey2;

        pubKey2.LoadOpenSslPem(pubKeyPem);
        pubKey2.LoadXml(pubKeyXml);
        fname = ERROR-CONCAT;
        pubkey->SaveOpenSslDerFile(fname);

        delete pubkey;

        delete cert;
    }

    //  The Chilkat Certificate, Certificate Store, Private Key,
    //  Public Key, and Key Container classes / objects are freeware.

    //  They are used by and included with the Chilkat Email,
    //  Crypt, S/MIME, and other commercial Chilkat components.

    }