Export snk from non-exportable key container
Question
I have created a snk file using sn -k KeyFile.snk
I installed it on my test machine and signed a couple of files for use as a license file.
I exported the public key and embed it in my application in order to verify the license.
Now the problem is that i lost my Keyfile.snk and i want to install the key pair on a production server. I can't generate a new keypair since i have already issued licenses using the old keypair and the application is already installed on several customer's PCs.
I tried exporting it from my test machine's key container but it is set as non-exportable.
I used mimikatz to force an export. It worked, but it returned a .pvk file.
And now i'm stuck.
Any idea to how i should proceed?
Thank you.
2 answers
solution1
1 ACCPTED 2011-12-17 12:56:21
I'm the author of mimikatz, don't you know that you can convert PVK with OpenSSL ?
http://blog.gentilkiwi.com/cryptographie/openssl-conversion-pvk-microsoft-privatekey-blob
You can also make a pfx/p12 with the public certificate (sn -p) and the converted PEM key :)
solution2
0 2011-10-13 01:45:35
The .pvk format was often used for storing Authenticode(tm) private keys. It's a simple format and the Mono project has tools to read it. Mono also has tools to read and write .snk files.
However I don't recall any tool doing the conversion so you'll likely need to write a small piece of code to read the PVK and write it as an SNK (with an RSA instance in-between).
Everything you need exists inside the Mono.Security assembly that Mono provides (or that you can compile on your own).
Disclaimer: I'm the main author of the Mono code discussed above and it is all available under the MIT.X11 license
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.