|
| 'Wrong password' is returned from pfx | |
| Bryn Lewis 2026-06-30 05:06:12 Registered user |
hi
I am using rtc and steamsec 4. smSimpleTLSInternalServer1.ImportFromPFX(global.APP_PATH+'Server.pfx',PW) and it is returning 'Wrong password' I am sure i am using the correct password. It also fails if password is ''. if macData.Verify(lContent,aPW) then begin returns false I can provide the pfx and password by email. thanks, Bryn |
| Bryn Lewis 2026-06-30 08:03:42 Registered user |
It has something to do with the OpenSSL export (used to create the pfx).
I get the 'Wrong password' exception when using openSSL 3.6, but I don't get it with an older version (2019) |
| Henrick Wibell Hellström 2026-06-30 09:24:27 Registered user |
The certificate.pfx file you sent me opens with the implementation in my working dir. I haven't checked with older version of StreamSec 4.x. But the only thing I noticed when parsing the pfx structure was that you probably have to add stPkcs5 to a project uses clause, and then pass the password using the tDualSecretKey class instead of the tSecretKey. Let us know if that leads to any progress.
|
| Bryn Lewis 2026-07-01 01:54:40 Registered user |
There is no TDualSecret in the stPkcs5 unit that I have - I can't find it in the Streamsec code at all.
|
| Henrick Wibell Hellström 2026-07-01 06:38:17 Registered user |
The tDualSecretKey class lives in unit stSecUtils, next to tSecretKey and the iSecretKey interface, which it implements.
Unit stPkcs5 has to be added because it registers a class that StreamSec.DSI.Pkcs12 needs for decrypting PFX files generated by more recent OpenSSL versions. |
| Bryn Lewis 2026-07-01 22:34:49 Registered user |
tDualSecretKey is not in my stSecUtils either.
|
| Henrick Wibell Hellström 2026-07-01 22:49:10 Registered user |
OK, then I am sorry, but you have to update to a later version. But on the flip side there are a lot of new features in the latest version, such as TLS 1.3, support for post quantum cryptography, OCSP, automatic CRL refresh, revamped SSH tunneling, updated SNIF remoting, a ton of bug fixes, and more.
|