0

I'm trying to understand more about X.509 Digital Certificates. There seems to be lots of contradiction around. I am using Bouncy Castle to generate a key pair, using

public static void SaveToFile(X509Certificate newCert, AsymmetricCipherKeyPair kp, string filePath, string certAlias, string password)
{
    var newStore = new Pkcs12Store();
    var certEntry = new X509CertificateEntry(newCert);
    newStore.SetCertificateEntry(certAlias, certEntry);
    newStore.SetKeyEntry(certAlias, 
          new AsymmetricKeyEntry(kp.Private), new[] { certEntry });

    using (var certFile = File.Create(filePath))
        newStore.Save(certFile, password.ToCharArray(), new SecureRandom(new CryptoApiRandomGenerator()));
}

This saves the generated certificate to disk. Some articles tell us there is no need to password protect the certificate as there is no PRIVATE KEY stored in there. Then this article says the certificate does indeed contain the PRIVATE KEY.

I guess I have two questions that will hopefully help me understand this:

  1. If I generate my keys in this way, should the password be the SAME as the passphrase for the PRIVATE KEY?
  2. Do I distribute the X.509 certificate to prove the PUBLIC KEY is mine (being paired to my name in the certificate) or should the certificate be kept as safe and secret as the PRIVATE KEY and what use is a self-signed certificate?
Community
  • 1
  • 1
JDubya13
  • 95
  • 1
  • 1
  • 5

2 Answers2

1

A PKCS#12 file can contain both the certificate and the private key. They are, however, stored as separate, distinct objects. The certificate itself has the public key embedded within it. Since the certificate only contains the public key, it is considered "public" as well. You can feel free to distribute the certificate, as it does not contain the private key, which should be kept confidential. This is the basis of the security in asymmetric cryptography.

Because a PKCS#12 file contains both items, it is encrypted with a password to protect the private key within it. That said, you would use the private key to prove that the certificate you distribute belongs to you. For example, through the use of a digital signature on a document.

Hope that helps!

Shadowman
  • 11,150
  • 19
  • 100
  • 198
  • Thank you! Just a quick clarification if I may? You said `it is considered "public" as well`. So I can distribute the .p12 file (via a secure channel) and if I provide the password, people can (1) use this to confirm my name/email match (2) encrypt information intended solely for me and (3) cannot breach/access my `private key` as a result of it's distribution? – JDubya13 Jul 24 '13 at 10:07
  • 1
    No. Only the CERTIFICATE is considered public. You should not distribute a .p12 file to anyone, since it contains your private key. Keep the PRIVATE key PRIVATE, and make the PUBLIC key (or certificate) PUBLIC. You NEVER want to distribute the private key or PKCS#12 (.p12) file. Just the certificate. – Shadowman Jul 24 '13 at 13:43
  • 1
    PKI is a hard field. I'm going to risk sounding stupid, I was of the understanding the .p12 file was my certificate? Do I need to 'extract' the certificate from this file to distribute for verification? – JDubya13 Jul 24 '13 at 15:41
  • 1
    Correct on both counts. PKI knowledge is not as widespread as other fields. You are also correct that you would need to extract the certificate from the PKCS#12 file for the purposes of providing it to other people. They can, in turn, use it to confirm things like your digital signature. OpenSSL's command line utility provides an easy way to do this. You can google for the actual commands. – Shadowman Jul 24 '13 at 17:24
  • Fantastic! I'll get looking. Thanks for your patience! :) – JDubya13 Jul 24 '13 at 17:28
0

Certificate is actually the block of information which binds your identity (i.e. your name, email, whatever else) to some public key. It is public so everyone can know that this key belongs to you. So when you will sign something they will know that actually you signed this. The other thing is validating certificate - that's for what trusted root certificates are used.

Private key is your own secret information, and MUST be kept secret.

Nickolay Olshevsky
  • 13,706
  • 1
  • 34
  • 48
  • Ah, I see. So am I right in saying I would distribute my Public Key as normal but should this/I need to be verified, I can supply my Certificate to confirm who I am? If this is the case, should the Certificate be protected with a different password than the Private Key? So my Priaae Key remains totally private. – JDubya13 Jul 21 '13 at 21:07
  • Certificate IS your public key. And it should not be protected with password. It should be distributed over the trusted channel, or it should be signed by root certificate which is trusted by other parties. – Nickolay Olshevsky Jul 22 '13 at 07:30
  • I don't understand. The key generation has produced three distinct parts. A private key, public key and a certificate which I've saved with a .p12 extension. I can import and view this .p12 file using Windows Certificate Manager. My public key is formatted as I would expect to see a public key but I cannot create the certificate without a password and it is subsequently encrypted. I distribute my actual public key (containing BEGIN/END PUBLIC KEY header/footer) which is used for encryption. How is this extra file (the certificate) my public key? Apologies if I'm missing the point. – JDubya13 Jul 22 '13 at 10:18
  • The certificate CONTAINS the public key. As Nickolay said, the certificate binds your identity information to the public key and is signed. I think your confusion is the .p12 file, which is MORE than just a certificate. It is a keystore which can contain multiple keys/certs. Often, a .p12 file will contain a private key and its matching public key within a certificate. Keystores are often protected by a password. The private key may also have a password. You do not want to distribute your .p12 file. You want to extract the cert from the .p12 and distribute that instead. – gtrig Jul 22 '13 at 21:57
  • Aahhhhh! Now this is making sense (sorry if I'm slow!). So I have imported my .p12 file (keystore!) into Windows. Then exported my .cer file. When I double click this, it is recognised and tells me this certificate is for: (.)Ensures the identity of a remote computer and (.) All issuance policies. My .p12 is kept SAFE and SECRET, my .cer cane be dished out to anybody wanting to confirm the signing/identity of me? I'm on the right track now aren't I? – JDubya13 Jul 24 '13 at 16:14