Revision 1 as of 2007-01-28 11:12:29
converted to 1.6 markup
|Deletions are marked like this.||Additions are marked like this.|
|Line 42:||Line 42:|
|* attachment:SampleCaptures/pkcs12.pfx||* [[attachment:SampleCaptures/pkcs12.pfx]]|
|Line 44:||Line 44:|
|There are many more samples available within the ''Certificate Builder and Test Utilities'' package available at the [http://www.digitalnet.com/knowledge/download.htm BAe Systems website].||There are many more samples available within the ''Certificate Builder and Test Utilities'' package available at the [[http://www.digitalnet.com/knowledge/download.htm|BAe Systems website]].|
|Line 47:||Line 47:|
|A complete list of PROTO display filter fields can be found in the [http://www.wireshark.org/docs/dfref/p/pkcs12.html display filter reference]||A complete list of PROTO display filter fields can be found in the [[http://www.wireshark.org/docs/dfref/p/pkcs12.html|display filter reference]]|
|Line 55:||Line 55:|
|PKCS12 may also be seen in an ["LDAP"] capture within a ''userPKCS12'' attribute.||PKCS12 may also be seen in an [[LDAP]] capture within a ''userPKCS12'' attribute.|
|Line 59:||Line 59:|
| * [ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf] ''PKCS 12 v1.0: Personal Information Exchange Syntax''
* [ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12.asn] ''ASN.1 Module''
| * [[ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf]] ''PKCS 12 v1.0: Personal Information Exchange Syntax''
* [[ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12.asn]] ''ASN.1 Module''
Personal Information Exchange Syntax (pkcs12)
(Public Key Cryptography Standard 12)
This standard describes a transfer syntax for personal identity information, including private keys, certificates, miscellaneous secrets, and extensions. Machines, applications, browsers, Internet kiosks, and so on, that support this standard will allow a user to import, export, and exercise a single set of personal identity information.
This standard supports direct transfer of personal information under several privacy and integrity modes. The most secure of the privacy and integrity modes require the source and destination platforms to have trusted public/private key pairs usable for digital signatures and encryption, respectively. The standard also supports lower security, password-based privacy and integrity modes for those cases where trusted public/private key pairs are not available.
PKCS12 was developed by RSA Laboratories in 1999, based upon PKCS8.
There are no protocol dependencies for PKCS12.
XXX - Add example decoded traffic for this protocol here (as plain text or Wireshark screenshot).
The PKCS12 dissector is fully functional though it is not capable of decrypting and displaying the encrypted components.
There are no preference settings for PKCS12.
Example capture file
Below is a sample PKCS12 file, which is a raw ASN.1 file and not a network capture file.
There are many more samples available within the Certificate Builder and Test Utilities package available at the BAe Systems website.
A complete list of PROTO display filter fields can be found in the display filter reference
Show only the PKCS12 based traffic:
There is no specific capture filter for the PKCS12. However, PKCS12 may be dissected by loading .pfx or .p12 files directly into Wireshark. PKCS12 may also be seen in an LDAP capture within a userPKCS12 attribute.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf PKCS 12 v1.0: Personal Information Exchange Syntax