PKCS12 to OpenPGP Conversion

[Justin Wienckowski]

As part of a project at my company, I've developed a program that converts =
a PKCS#12 certificate produced by Microsoft's CryptoAPI (CPS v1.0) into a =
format suitable for import into an OpenPGP-compliant program (like gpg, =
cheer!).

This is an EXTREME ALPHA release for those of you who are masochistic but =
wanna see how the conversion works.  It was done as a proof of concept.  =
The code is messy, hacked up, and hard to read.  It may very well not work =
for your certificates.    As soon as I clean it up and make it work right =
I'll release a package containing the nice source code, utilities, and =
sample files to show how to adapt it for your certificate formats.

You can grab the source at http://filebox.vt.edu/users/jwiencko/extract_key=
.c=20

NOTES
--------

1) DOES NOT ENCRYPT THE PRIVATE KEY.  I'm lazy and busy so I havn't =
implemented that yet.  You can use gpg to set a passphrase on the key =
after you import it.

2) Requires cryptlib to compile.  Also uses a bunch of .h files from the =
cryptlib source so it can use the low-level SHA-1 and BIGNUM functions.

3) To import the key pair into gpg after you run it, use gpg --allow-secret=
-key-import --import my_key.pgp

4) Much of the PKCS processing code is directly adapted from Peter =
Gutmann's breakms.c code - thanks Peter!  He did some great work on the =
terrible nature of Microsoft's PKCS12 implementation.


I'm happy to answer any questions you may have about the program or PKCS =
or OpenPGP in general - just send them to me directly and not to the list =
:)

Cheers!
-Justin Wienckowski
justin.wienckowski@trw.com