I have ported the OpenSSL (0.9.8a) to Windows CE (Pocket PC 2003). For
some unkown reason, I cannot always extract the private key from a PFX
file. What puzzle me are that the following PFX files (eng2a.pfx and
eng2b.pfx) were saved from the same certificate and on the same
machine, just at different time, and that the failed PFX file
(eng2a.pfx) workes fine if I extract the key with the regular Windows
XP build.

Other pkcs12 commands (-clcerts and -cacerts) work fine on Windows CE.

I have posted this question in user forum before so far no one has
replyed my post. Any help will be greatly appreciated. Thanks a lot.

PS. During the WCE porting, I found out that Dr. Stephen N. Henson's
PVK tool had a memory leak and it was a minor fix.


=====================
# 1. Failure Version
=====================
C:\PROJECTS\openssl-0.9.8a>cerun CE:\OpenSSL\openssl pkcs12 -in
\OpenSSL\user\eng2a.pfx -nocerts -nodes -out \OpenSSL\user\userkey.pem
-info
>>>> apps_startup()
>>>>>>> process cmd: 8.
>>>> lh_retrieve found: 1/pkcs12

>>222>> apps_startup()

MAC Iteration 2000
MAC verified OK
PKCS7 Data
dump_certs_pkeys_bags: #1.
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
26 22 87 35 41 44 220 131 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0
Error outputting keys and certificates
860487610:error:06065064:digital envelope
routines:func(101):reason(100):c:\projects\openssl-0.9.8a\crypto\evp\evp_enc.c:463:
860487610:error:23077074:PKCS12
routines:func(119):reason(116):c:\projects\openssl-0.9.8a\crypto\pkcs12\p12_decr.c:100:
860487610:error:2306A075:PKCS12
routines:func(106):reason(117):c:\projects\openssl-0.9.8a\crypto\pkcs12\p12_decr.c:129:
<<<<<<< do_cmd() returns: 1.
>>>> apps_shutdown()



=====================
# 2. Success Version
=====================
C:\PROJECTS\openssl-0.9.8a>cerun CE:\OpenSSL\openssl pkcs12 -in
\OpenSSL\user\eng2b.pfx -nocerts -nodes -out \OpenSSL\user\userkey.pem
-info
>>>> apps_startup()
>>>>>>> process cmd: 8.
>>>> lh_retrieve found: 1/pkcs12

>>222>> apps_startup()

MAC Iteration 2000
MAC verified OK
PKCS7 Data
dump_certs_pkeys_bags: #1.
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
8 8 8 8 8 8 8 8 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2000
86 30 190 132 49 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
dump_certs_pkeys_bags: #2.
Certificate bag
Certificate bag
<<<<<<< do_cmd() returns: 0.
>>>> apps_shutdown()