Page MenuHome GnuPG

GPGSM: Import / Export of raw and p8 certs / containers broken
Closed, InvalidPublic

Description

With

password "test" in your keyring:

> gpgsm  --export-secret-key-p8 0xF6FCE189 | gpgsm --status-fd 1 --import 
[GNUPG:] IMPORT_PROBLEM 1 5448908A18925104F7DC6F1B1B1989F14D015C7D
gpgsm: no issuer found in certificate
gpgsm: basic certificate checks failed - not imported
gpgsm: ksba_cert_hash failed: No value
[GNUPG:] IMPORT_PROBLEM 1
gpgsm: total number processed: 2
gpgsm:           not imported: 2
[GNUPG:] IMPORT_RES 2 0 0 0 0 0 0 0 0 0 0 0 0 2
> gpgsm  --export-secret-key-raw 0xF6FCE189 | gpgsm --status-fd 1 --import
gpgsm: basic certificate checks failed - not imported
[GNUPG:] IMPORT_PROBLEM 1 4DB5FD5CC0C5D08BE3C6ADB21056B2E917F731D6
ksba: ERROR: object length field 77 octects too large
gpgsm: total number processed: 1
gpgsm:           not imported: 1
[GNUPG:] IMPORT_RES 1 0 0 0 0 0 0 0 0 0 0 0 0 1

Event Timeline

aheinecke renamed this task from GPGSM: Import / Epxort of raw and p8 certs / containers broken to GPGSM: Import / Export of raw and p8 certs / containers broken.Tue, Sep 6, 1:16 PM
aheinecke triaged this task as Normal priority.
aheinecke created this task.
aheinecke lowered the priority of this task from Normal to Low.Tue, Sep 6, 1:19 PM

Nevermind. RTFM.

--import [files]
       Import  the certificates from the PEM or binary encoded files as well as from signed-only messages.
       This command may also be used to import a secret key from a PKCS#12 file.

So import only handles PKCS#12. I checked with openssl at least the pkcs8 is valid. I do not know how to check raw but I assume that it is also valid.