Best way to decode PKCS12 file and get encrypted private key using JavaScript

Question

Best way to decode PKCS12 file and get encrypted private key using JavaScript

Please suggest any idea to decode the PKCS12 file and get the encrypted private key using JavaScript. I know that this can be done very easily with the Java Keytool command and the Java Security suite. But I want this to be done using Java Script. Dust is my actual requirement.

I have a .p12 extension file, which is one of the pkcs12 formats. First, it must be decoded and you need to trace the decoded file, where the private key is encrypted exactly. You must obtain this encrypted secret key and decrypt it and send it to the recipient. And all this should be done only in JAVASCRIPT.

+4

javascript decode public-key-encryption private-key

user2099644 Jun 19 '13 at 4:24

source share

3 answers

hoonto · Answer 1 · 2013-06-19T05:00:59+0000

I think this may be what you are looking for:

"Native implementation of TLS (and various other cryptographic tools) in JavaScript."

https://github.com/digitalbazaar/forge#pkcs12

This example seems to be close:

// decode p12 from base64 var p12Der = forge.util.decode64(p12b64); // get p12 as ASN.1 object var p12Asn1 = forge.asn1.fromDer(p12Der); // decrypt p12 var p12 = forge.pkcs12.pkcs12FromAsn1(p12Asn1, 'password'); // look at pkcs12.safeContents // generate p12, base64 encode var p12Asn1 = forge.pkcs12.toPkcs12Asn1( privateKey, certificateChain, 'password'); var p12Der = forge.asn1.ToDer(p12Asn1).getBytes(); var p12b64 = forge.util.encode64(p12Der);

Rgds .... Hoonto / Matt

Ujjawal solanki · Answer 2 · 2017-10-31T08:27:29+0000

This will work fine

  // get p12 as ASN.1 object var p12Asn1 = forge.asn1.fromDer(buffer); // decrypt p12 using the password 'password' var p12 = forge.pkcs12.pkcs12FromAsn1(p12Asn1, password); // get bags by type var certBags = p12.getBags({bagType: forge.pki.oids.certBag}); var pkeyBags = p12.getBags({bagType: forge.pki.oids.pkcs8ShroudedKeyBag}); // fetching certBag var certBag = certBags[forge.pki.oids.certBag][0]; // fetching keyBag var keybag = pkeyBags[forge.pki.oids.pkcs8ShroudedKeyBag][0]; // generate pem from private key var privateKeyPem = forge.pki.privateKeyToPem(keybag.key); // generate pem from cert var certificate = forge.pki.certificateToPem(certBag.cert);

Tim · Answer 3 · 2019-10-02T03:37:54+0000

Thanks to the examples from @Ujjawal and @hoonto, I was able to do the following well.

 const decodePKCS12 = ( file // Dom File object ) => { return new Promise((resolve, reject) => { const reader = new FileReader() reader.onload = evt => { try { const binary = evt && evt.target ? evt.target.result : null if (!binary) { reject(new Error('No file data')) } const p12Asn1 = asn1.fromDer(binary) const p12 = pkcs12.pkcs12FromAsn1(p12Asn1) const certBags = p12.getBags({bagType: pki.oids.certBag}) const pkeyBags = p12.getBags({bagType: pki.oids.pkcs8ShroudedKeyBag}) const certBag = certBags[pki.oids.certBag][0] const keybag = pkeyBags[pki.oids.pkcs8ShroudedKeyBag][0] const certificate = pki.certificateToPem(certBag.cert) const privateKey = pki.privateKeyToPem(keybag.key) resolve({certificate, privateKey}) } catch (e) { reject(e) } } reader.onerror = reject reader.readAsBinaryString(file) }) }

Best way to decode PKCS12 file and get encrypted private key using JavaScript

More articles: