"gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF)
Testing, NormalPublic

Description

$ gpgsm --import crlf.pem
gpgsm: invalid radix64 character 2d skipped
gpgsm: invalid radix64 character 2d skipped
gpgsm: invalid radix64 character 2d skipped
gpgsm: invalid radix64 character 2d skipped
gpgsm: invalid radix64 character 2d skipped
gpgsm: total number processed: 0

This happens when crlf.pem contains CR+LF line endings. It works fine with just LF.

Use case from http://lists.wald.intevation.org/pipermail/gpg4win-users-en/2020-February/001607.html is importing certificates from openkeys.de

thomas created this task.Fri, Feb 14, 4:07 PM
werner added a subscriber: werner.

Thomas, please provide a sample certificate. I can't access the intevation site to see whether one of the links has the cert. And pretty please fix the wald certificates!

Which OS are you using? Is that a Debian version or something?

thomas added a comment.EditedSat, Feb 15, 3:41 PM

Wald certificate will be fixed very soon. But as it is not fixed yet, I provided an http link, not https for you.

And any certificate with CRLF should work to reproduce the problem, that's why I didn't attach one here (just use an editor), but if you want to use the certificate of the OP of the thread on Wald, you can download it at https://api.openkeys.de/api/certificate/brandmauer.de/eric.weis/

The gpgsm version I used is from a system with Debian stretch, I haven't tried newer versions.

werner edited projects, added gnupg (gpg22); removed gnupg.Sat, Feb 15, 7:01 PM

Really interesting: The code didn't changed since since 2003 and the bug must have been there all the time. It does happen only for 25% of the certificates with CR and LF; the others have padding characters at the end '=' which is also an indication of the end of the base64 block. I wonder why this has not been reported more often; maybe because most people import binary certificates.

werner triaged this task as Normal priority.Sat, Feb 15, 7:08 PM
werner claimed this task.
werner changed the task status from Open to Testing.Sat, Feb 15, 7:25 PM

Fixed in master and 2.2