Skip to content

ancwrd1/p12-keystore

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 
rustfmt.toml
rustfmt.toml
 
 

Repository files navigation

PKCS#12 library written in pure Rust

github actions crates license license docs.rs

Overview

This project contains a simple to use high-level library to work with PKCS#12/PFX keystores, written in pure Rust, modeled after Java KeyStore API.

Features:

  • Single- and multi-keychain PKCS#12
  • Support for 'truststores' with only CA root certificates
  • Modern and legacy encryption schemes
  • Able to read and write Java-compatible keystores
  • Support for secret keys and generation of secret keys compatible to Java

Limitations:

  • MD5-based encryption schemes are not supported
  • Single password is used to encrypt both private keys and certificate data in one store
  • Non-encrypted stores are not supported

Documentation

Usage example:

use p12_keystore::KeyStore;

const PASSWORD: &str = "changeit";

fn main() -> Result<(), Box<dyn std::error::Error>> {
    let data = std::fs::read(std::env::args().nth(1).unwrap())?;

    let keystore = KeyStore::from_pkcs12(&data, PASSWORD)?;

    if let Some((alias, chain)) = keystore.private_key_chain() {
        println!(
            "Private key chain found, alias: {}, subject: {}",
            alias,
            chain.certs()[0].subject()
        );
    }

    Ok(())
}

License

Licensed under MIT or Apache license (LICENSE-MIT or LICENSE-APACHE)

About

Rust library to read and write PFX (PKCS#12) files

Resources

Readme
Activity

Stars

19 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

7 tags

Packages

No packages published

Contributors 5

Languages