开发者

Export snk from non-exportable key container

I have created a snk file using sn -k KeyFile.snk

I installed it on my test machine and signed a couple of files for use as a license file.

I exported the public key and embed it in my application in order to verify the license.

Now the problem is that i lost my Keyfile.snk and i want to install the key pair on a production server. I can't generate a new keypair since i have already issued licenses using the old keypair and the application is already installed on several customer's PCs.

I tried exporting it from my test machine's key container but it is set as non-exportable.

I used mimikatz to force an export. It worked, but it returned a .pvk file.

And now i'm stuck.

Any idea 开发者_运维百科to how i should proceed?

Thank you.


I'm the author of mimikatz, don't you know that you can convert PVK with OpenSSL ?

http://blog.gentilkiwi.com/cryptographie/openssl-conversion-pvk-microsoft-privatekey-blob

You can also make a pfx/p12 with the public certificate (sn -p) and the converted PEM key :)


The .pvk format was often used for storing Authenticode(tm) private keys. It's a simple format and the Mono project has tools to read it. Mono also has tools to read and write .snk files.

However I don't recall any tool doing the conversion so you'll likely need to write a small piece of code to read the PVK and write it as an SNK (with an RSA instance in-between).

Everything you need exists inside the Mono.Security assembly that Mono provides (or that you can compile on your own).

Disclaimer: I'm the main author of the Mono code discussed above and it is all available under the MIT.X11 license

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜