Extending and exporting pkcs12 at runtime not possible?
jgrenda opened this issue · comments
Use-case: take existing pkcs12, extend it with a new entry and save to filesystem as p12.
Issue: PKCS#12 PFX object
cannot be converted to asn1 object
Looking at the available documentation I've proceeded in the following for parsing the pkcs12:
var p12File = fs.readFileSync('truststore.p12', 'binary');
var pkcs12Asn1 = forge.asn1.fromDer(p12File);
var pkcs12 = forge.pkcs12.pkcs12FromAsn1(pkcs12Asn1, false, "password");
At this point I am unsure how I can extend the pkcs12 with an additional entry, like a certificate in case of a truststore.
Building a new one with forge.pkcs12.toPkcs12Asn1
only allows one private key and a cert chain, not multiple entries.
Furthermore, to export the pkcs12 I would use:
var p12Der = forge.asn1.toDer(pkcs12Asn1).getBytes();
fs.writeFile('writtenP12.p12', p12Der, 'binary', (err) => {})
Doing this with the PKCS#12 PFX object
instead of the asn1 object
results in TypeError: Cannot read properties of undefined (reading 'tbsCertificate')
.
Is there any way to convert the PKCS#12 PFX object back to ASN1 for exporting?
Any help would be greatly appreciated.