How to get private key from PKCS#12 (.p12) file using C#

Question

Im trying to sign some data using PKCS#12 certificate ,however i have problem with obtaining private key from PKCS#12 (.p12) file.

    public byte[] sign(str         


        

Answer 1

Have a look at this question. It looks very similar.

Answer 2

This was done for using Android - so the R.raw.key below was my file in the Android Raw folder.

I opened key.p12 as as input stream. Which I then converted to the private key using the libraries as seen in the example.

http://www.flexiprovider.de/examples/ExampleSMIMEsign.html

My code looks like this

Security.addProvider(new de.flexiprovider.core.FlexiCoreProvider());
    // Next, we have to read the private PKCS #12 file, since the the
    // private key used for signing is contained in this file:
    DERDecoder dec = new DERDecoder(getResources().openRawResource(
            R.raw.key));
    PFX pfx = new PFX();
    try {
        pfx.decode(dec);
        SafeBag safeBag = pfx.getAuthSafe().getSafeContents(0)
                .getSafeBag(0);
        PKCS8ShroudedKeyBag kBag = (PKCS8ShroudedKeyBag) safeBag
                .getBagValue();
        char[] password = "my password for the p12".toCharArray();
        privKey = kBag.getPrivateKey(password);
        new AsyncLoadStorage(this).execute();
    } catch (ASN1Exception e) {

Answer 3

I had a similar problem which I posted here, although it is not the same thing for you, the problem may be also permissions.
My suggestions are, first, you have to make sure (which I suppose you already did) that the private key is exportable and you have permissions to the file.
Next, try exporting the content type as X509ContentType.Pkcs12 instead of X509ContentType.Pfx
Finally, if it is possible, why don't you try importing it to the certstore. I believe that's more secure. The steps are in the link above.

Answer 4

In the docs, it says that .export() doesn't support the Pfx type, only Cert, SerializedCert, and Pkcs12.