Page 1 of 1
Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Mon 12 Sep 2016 17:52
by Xepol
I have a certificate in my MS crypto store (user the personal certificates) which has a private key attached.
I can find and list it using TScCryptoAPIStorage, but it only shows the cert and the public key. It does not make the private key available for use at all - in fact, there is no indication whatsoever that the private key exists using SecureBridge - but the windows dialogs CLEARLY show it attached, and the imported files definitely has the cert and the private key in the .p12 file (I used openSSL to export it to another format to verify that)
How would I go about using a private key from a certificate for ANYTHING that takes a PrivateKeyName property???
Thanks.
Re: Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Tue 13 Sep 2016 14:16
by ViktorV
SecureBridge doesn't support p12 formats. So you need to import it to another format.
To import and relate a private key with an existing certificate, you can use the following code:
Code: Select all
var
Cert: TScCertificate;
...
Cert := CryptoStorage.Certificates.CertificateByName(CertName);
Cert.Key.ImportFrom(APrivateKeyName);
To import a new certificate and a private key related to it, you can use the following code:
Code: Select all
var
Cert: TScCertificate;
...
Cert := TScCertificate.Create(CryptoStorage.Certificates);
Cert.ImportFrom(AFileName, APwd);
Cert.Key.ImportFrom(APrivateKeyName);
To define private key privacy, you can use the TScKey.IsPrivate property. See more details about this property in SecureBridge help:
https://www.devart.com/sbridge/docs/tsc ... =isprivate
Re: Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Tue 13 Sep 2016 17:19
by aradtech
I have the same issue, I have a cert stored in the MSCrypto store and it shows a private key when I look at it or export it with ssl (including in the mscrypto store) but I don't get the private key checkbox shown in securebrige even when I double click the component and load the cert, I was under the impression that we could just use whatever was in the mscrypto without reimporting it in another format. I think the code for showing private key in mscrypto is broken perhaps ?
Re: Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Thu 15 Sep 2016 12:33
by ViktorV
Thank you for the information. We have reproduced the issue with retrieving private key from certificate - and investigation is in progress. We will inform you when we have any results.
Re: Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Wed 21 Mar 2018 14:52
by wheathoff
What is the status on this? I'm having similar issues.
Re: Using TScCryptoAPIStorage, I can not get(and use) the private key from a certificate
Posted: Wed 21 Mar 2018 15:27
by ViktorV
Bug with reading a private key of a stored certificate in TScCryptoAPIStorage was fixed in SecureBridge 7.2.3 from 10-Nov-16.
Please, make sure that you are using the version of SecureBridge not lower than 7.2.3. If so, please compose a small sample demonstrating the issue and send it to us via form e-support:
https://devart.com/company/contactform.html.