Page MenuHome GnuPG
Create Task
Maniphest T6190

GPGSM: Import / Export of raw and p8 certs / containers broken
Closed, InvalidPublic
Actions

Description

With

Edward.Tester_0xF6FCE189_SECRET.p123 KBDownload
password "test" in your keyring:

> gpgsm  --export-secret-key-p8 0xF6FCE189 | gpgsm --status-fd 1 --import 
[GNUPG:] IMPORT_PROBLEM 1 5448908A18925104F7DC6F1B1B1989F14D015C7D
gpgsm: no issuer found in certificate
gpgsm: basic certificate checks failed - not imported
gpgsm: ksba_cert_hash failed: No value
[GNUPG:] IMPORT_PROBLEM 1
gpgsm: total number processed: 2
gpgsm:           not imported: 2
[GNUPG:] IMPORT_RES 2 0 0 0 0 0 0 0 0 0 0 0 0 2
> gpgsm  --export-secret-key-raw 0xF6FCE189 | gpgsm --status-fd 1 --import
gpgsm: basic certificate checks failed - not imported
[GNUPG:] IMPORT_PROBLEM 1 4DB5FD5CC0C5D08BE3C6ADB21056B2E917F731D6
ksba: ERROR: object length field 77 octects too large
gpgsm: total number processed: 1
gpgsm:           not imported: 1
[GNUPG:] IMPORT_RES 1 0 0 0 0 0 0 0 0 0 0 0 0 1

Related Objects
Search...

Event Timeline

aheinecke renamed this task from GPGSM: Import / Epxort of raw and p8 certs / containers broken to GPGSM: Import / Export of raw and p8 certs / containers broken.Sep 6 2022, 1:16 PM
aheinecke triaged this task as Normal priority.
aheinecke created this task.
aheinecke added a subtask: T6189: Secret key backup of S/MIME certificate creates bad result.
aheinecke closed subtask T6189: Secret key backup of S/MIME certificate creates bad result as Resolved.
aheinecke mentioned this in T6189: Secret key backup of S/MIME certificate creates bad result.
aheinecke lowered the priority of this task from Normal to Low.Sep 6 2022, 1:19 PM
aheinecke closed this task as Invalid.Sep 9 2022, 4:17 PM

Nevermind. RTFM.

--import [files]
       Import  the certificates from the PEM or binary encoded files as well as from signed-only messages.
       This command may also be used to import a secret key from a PKCS#12 file.

So import only handles PKCS#12. I checked with openssl at least the pkcs8 is valid. I do not know how to check raw but I assume that it is also valid.