Question: Can PKIjs create universal PFX?

[microshine]

Is it possible to create PFX file which can be used in Windows CAPI, OSX KeyChain, NSS and OpenSSL?

I've tried examples from pkijs.org. Created PFX files work with OpenSSL only

[YuryStrozhevsky]

It possible but only for Node. There is specific example for it in pkijs.

[rmhrisk]

Yury, I recall you made an example working in browser later? Am I wrong?

If not please describe again what is missing, if I recall correctly we need 3des and rc2?

A polyfill with software implementions of these algorithms would be all that’s needed?

Any links you can provide would be appreciated.

[YuryStrozhevsky]

The Windows PFX requires 3DES which is absent in browser. And yes, a polyfill could help but anyway existing engine should be modified for this case - existing engine is a "Node-specific".

[YuryStrozhevsky]

And I made a browser example - now existing PKIjs live example could make a correct OpenSSL PFX containers and also could parse any OpenSSL input PFXs.

[rmhrisk]

@YuryStrozhevsky we need to create a Windows compatible PFX in the browser, do you have examole of this? Its hard to understand from your response.

[YuryStrozhevsky]

Existing browser example can only make and parse OpenSSL-like data. Node example can make and parse also Windows-like PFXs.

_{Sent with GitHawk}

[spacewrench]

Are there any new developments in PFX capability? Using PKI.js, I have created 3 keypairs and 3 certificates: one CA, which signs the other two certificates. Then I can put all 3 certificates and private keys in a PFX, and OpenSSL can read it correctly. But MacOS and Windows don't like the PFX.

Ideally, I would like to create the PFX in the browser and then send it to the OS security manager directly (should not need encryption, since it goes from browser memory directly to security manager, but password-protected would be OK too.)

Is the lack of 3DES and RC2 in SubtleCrypto still the problem?

(I have attached the PKCS#12 that my Javascript creates.) 3PKCS12_pem.txt

[rmhrisk]

You should still encrypt.

You can get 3DES with: https://github.com/PeculiarVentures/webcrypto-liner/blob/master/README.md

See the Node example of how to do it.

Modern Windows also supports AES p12s now.

[spacewrench]

Do you know of a reference or example PKCS#12 structure that PKI.js can make, and Windows can import? (MacOS and Linux too, if possible!) I've tried to adapt the examples in PKCS12SimpleExample, but not having luck getting the right configuration of SafeContents{SafeBags[SafeBag{PKCS8ShroudedKeyBag},SafeBag{CertBag}]} ... etc.

[rmhrisk]

The node example produces a file Windows, OSX and Firefox can open.

https://github.com/PeculiarVentures/PKI.js/tree/master/examples/NodePKCS12Example

For broad compatability with one file you have to use the suites in that sample.

Once you see that work use liner to modify it for use in browser.

https://github.com/PeculiarVentures/webcrypto-liner/blob/master/README.md

Also maybe useful: https://unmitigatedrisk.com/?p=543

[ikreb7]

@rmhrisk Could you please go into more detail?

[rdoepke]

Pushing this issue. I have tried to get this to work the last days without success. It is hard to tell where and when things break to get an universal PFX working with Windows and Java/KeystoreExplorer. I just had to fell back to using that one library that hasn't received updates for over two years.

I fully agree that weak crypto in pkcs12 is a huge problem no one is aware of. However, in many use cases this format is used more of a container to transport keys and leaf certificates where the cryptography involved is not much of an issue. Even if it gets finally addressed in windows, we will still have to deal with legacy systems for many years.

This issue was raised 6 years ago, and as far I can tell, not much has changed. However, some links in that blog post from 9 years ago are broken and the examples in the code seem to not work any longer. I would really appreciate some weak crypto mode for this (great!) library that floods you with warnings that make you aware you shouldn't use it for secure transfer - or at least some up to date working example to achieve this with webcrypto-liner.