gpgsm 2.4 Fails to import P12 certificate/key
Open, NormalPublic
Actions

Assigned To

Authored By

	lecris
	Oct 10 2023, 5:45 PM

Description

The changelog states that there was a major refactoring of the P12 framework. I hope this module will continue to get attention so that the UX can be smoother.

The issue I have is that the certificate fails to get imported, but the error does not tell much about the source of the error: See https://dev.gnupg.org/T6757#182218 for more recent version

Bellow is the output of openssl storeutl:

0: Pkey
Private-Key: (384 bit)
priv:
    Haha, no.
pub:
    04:f0:d8:d3:85:78:99:a7:a9:52:97:66:bd:b3:b0:
    92:0b:83:7c:3d:d2:cc:e6:48:70:65:7f:bb:3c:b3:
    01:66:69:ba:43:99:96:df:82:2c:df:58:b4:f1:57:
    4b:59:f6:bf:2a:02:19:98:ad:3d:8a:35:42:f0:2c:
    84:44:22:2a:a7:43:b8:cc:47:d0:5c:8d:2d:68:f6:
    c1:fe:d7:3f:42:bb:35:40:7c:f3:6a:6c:1d:5d:24:
    c3:27:8c:d5:60:c6:1f
ASN1 OID: secp384r1
NIST CURVE: P-384
1: Certificate
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            92:da:f1:1e:11:f4:48:79:dc:82:8e:d8:28:59:b5:c9
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=NL, O=GEANT Vereniging, CN=GEANT Personal ECC CA 4
        Validity
            Not Before: Oct 10 00:00:00 2023 GMT
            Not After : Oct  9 23:59:59 2024 GMT
        Subject: C=DE, ST=Bayern, O=Max-Planck-Gesellschaft zur F\xC3\xB6rderung der Wissenschaften e.V./organizationIdentifier=LEIXG-894500C5L6W4ADC12P82/emailAddress=cristian.le@mpsd.mpg.de, SN=Le, GN=Cristian, CN=Cristian Le
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:f0:d8:d3:85:78:99:a7:a9:52:97:66:bd:b3:b0:
                    92:0b:83:7c:3d:d2:cc:e6:48:70:65:7f:bb:3c:b3:
                    01:66:69:ba:43:99:96:df:82:2c:df:58:b4:f1:57:
                    4b:59:f6:bf:2a:02:19:98:ad:3d:8a:35:42:f0:2c:
                    84:44:22:2a:a7:43:b8:cc:47:d0:5c:8d:2d:68:f6:
                    c1:fe:d7:3f:42:bb:35:40:7c:f3:6a:6c:1d:5d:24:
                    c3:27:8c:d5:60:c6:1f
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                A8:2D:6D:81:32:64:8D:E6:B2:4F:AC:FE:11:F2:65:99:85:13:A9:6E
            X509v3 Subject Key Identifier: 
                D5:79:F4:70:5D:80:2F:E8:65:D2:B2:57:BD:39:55:1D:1E:B2:CD:28
            X509v3 Key Usage: critical
                Digital Signature, Key Agreement
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                E-mail Protection, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.1.10.4
                  CPS: https://sectigo.com/SMIMECPS
                Policy: 2.23.140.1.5.3.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://GEANT.crl.sectigo.com/GEANTPersonalECCCA4.crl
            Authority Information Access: 
                CA Issuers - URI:http://GEANT.crt.sectigo.com/GEANTPersonalECCCA4.crt
                OCSP - URI:http://GEANT.ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                email:cristian.le@mpsd.mpg.de
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:46:02:21:00:eb:42:71:63:71:fd:9f:14:26:3c:60:5f:00:
        d7:58:d3:5e:f9:4e:32:78:70:57:d7:8d:75:5f:95:b2:25:68:
        ae:02:21:00:d5:39:9b:a8:a6:2d:fd:60:51:a8:1f:a7:45:92:
        bc:9e:84:e1:73:16:a1:78:63:59:84:bd:48:2f:5d:a6:e6:0d
No Trusted Uses.
No Rejected Uses.
Key Id: B8:C7:87:B3:12:9C:B9:9F:72:C4:D0:A5:93:E8:5D:C0:03:34:42:19
2: Certificate
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:90:21:7d:fe:5d:d6:c2:c4:50:27:c5:dc:d1:5a:26
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
        Validity
            Not Before: Feb 18 00:00:00 2020 GMT
            Not After : May  1 23:59:59 2033 GMT
        Subject: C=NL, O=GEANT Vereniging, CN=GEANT Personal ECC CA 4
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:18:67:67:11:e0:ee:6d:7d:db:24:83:63:4d:a3:
                    7e:3a:36:8c:a8:7a:74:23:5a:15:90:12:54:d0:43:
                    e6:eb:98:cc:6b:e6:57:96:d4:07:e9:00:9f:5b:b1:
                    a5:1a:76:c0:89:26:70:39:c9:c1:48:4d:88:d7:7e:
                    5f:d7:bd:f3:e4
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                3A:E1:09:86:D4:CF:19:C2:96:76:74:49:76:DC:E0:35:C6:63:63:9A
            X509v3 Subject Key Identifier: 
                A8:2D:6D:81:32:64:8D:E6:B2:4F:AC:FE:11:F2:65:99:85:13:A9:6E
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, E-mail Protection
            X509v3 Certificate Policies: 
                Policy: X509v3 Any Policy
                  CPS: https://sectigo.com/CPS
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/USERTrustECCCertificationAuthority.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/USERTrustECCAddTrustCA.crt
                OCSP - URI:http://ocsp.usertrust.com
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:82:5f:a3:f7:da:8a:3b:46:20:08:93:50:c8:
        7a:46:4c:9c:51:99:c1:8f:b1:26:86:79:1f:20:a1:19:cd:4d:
        72:eb:a9:9e:1e:c4:ce:e9:2b:d4:49:cb:f8:cc:80:84:d7:02:
        30:3e:83:95:23:16:13:92:3e:f8:e0:6f:ce:79:d7:d6:7a:63:
        be:7b:4b:70:aa:20:02:b0:0f:8c:b8:25:18:67:b2:98:5b:78:
        53:aa:5d:cb:bf:c2:d3:f9:a2:1c:23:ee:0c
3: Certificate
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:67:1d:04:ea:4f:99:4c:6f:10:81:47:59:d2:75:94
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
        Validity
            Not Before: Mar 12 00:00:00 2019 GMT
            Not After : Dec 31 23:59:59 2028 GMT
        Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:1a:ac:54:5a:a9:f9:68:23:e7:7a:d5:24:6f:53:
                    c6:5a:d8:4b:ab:c6:d5:b6:d1:e6:73:71:ae:dd:9c:
                    d6:0c:61:fd:db:a0:89:03:b8:05:14:ec:57:ce:ee:
                    5d:3f:e2:21:b3:ce:f7:d4:8a:79:e0:a3:83:7e:2d:
                    97:d0:61:c4:f1:99:dc:25:91:63:ab:7f:30:a3:b4:
                    70:e2:c7:a1:33:9c:f3:bf:2e:5c:53:b1:5f:b3:7d:
                    32:7f:8a:34:e3:79:79
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                A0:11:0A:23:3E:96:F1:07:EC:E2:AF:29:EF:82:A5:7F:D0:30:A4:B4
            X509v3 Subject Key Identifier: 
                3A:E1:09:86:D4:CF:19:C2:96:76:74:49:76:DC:E0:35:C6:63:63:9A
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Certificate Policies: 
                Policy: X509v3 Any Policy
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.comodoca.com/AAACertificateServices.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.comodoca.com
    Signature Algorithm: sha384WithRSAEncryption
    Signature Value:
        19:ec:eb:9d:89:2c:20:0b:04:80:1d:18:de:42:99:72:99:16:
        32:bd:0e:9c:75:5b:2c:15:e2:29:40:6d:ee:ff:72:db:db:ab:
        90:1f:8c:95:f2:8a:3d:08:72:42:89:50:07:e2:39:15:6c:01:
        87:d9:16:1a:f5:c0:75:2b:c5:e6:56:11:07:df:d8:98:bc:7c:
        9f:19:39:df:8b:ca:00:64:73:bc:46:10:9b:93:23:8d:be:16:
        c3:2e:08:82:9c:86:33:74:76:3b:28:4c:8d:03:42:85:b3:e2:
        b2:23:42:d5:1f:7a:75:6a:1a:d1:7c:aa:67:21:c4:33:3a:39:
        6d:53:c9:a2:ed:62:22:a8:bb:e2:55:6c:99:6c:43:6b:91:97:
        d1:0c:0b:93:02:1d:d2:bc:69:77:49:e6:1b:4d:f7:bf:14:78:
        03:b0:a6:ba:0b:b4:e1:85:7f:2f:dc:42:3b:ad:74:01:48:de:
        d6:6c:e1:19:98:09:5e:0a:b3:67:47:fe:1c:e0:d5:c1:28:ef:
        4a:8b:44:31:26:04:37:8d:89:74:36:2e:ef:a5:22:0f:83:74:
        49:92:c7:f7:10:c2:0c:29:fb:b7:bd:ba:7f:e3:5f:d5:9f:f2:
        a9:f4:74:d5:b8:e1:b3:b0:81:e4:e1:a5:63:a3:cc:ea:04:78:
        90:6e:bf:f7
4: Certificate
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
        Validity
            Not Before: Jan  1 00:00:00 2004 GMT
            Not After : Dec 31 23:59:59 2028 GMT
        Subject: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:40:9d:f4:6e:e1:ea:76:87:1c:4d:45:44:8e:
                    be:46:c8:83:06:9d:c1:2a:fe:18:1f:8e:e4:02:fa:
                    f3:ab:5d:50:8a:16:31:0b:9a:06:d0:c5:70:22:cd:
                    49:2d:54:63:cc:b6:6e:68:46:0b:53:ea:cb:4c:24:
                    c0:bc:72:4e:ea:f1:15:ae:f4:54:9a:12:0a:c3:7a:
                    b2:33:60:e2:da:89:55:f3:22:58:f3:de:dc:cf:ef:
                    83:86:a2:8c:94:4f:9f:68:f2:98:90:46:84:27:c7:
                    76:bf:e3:cc:35:2c:8b:5e:07:64:65:82:c0:48:b0:
                    a8:91:f9:61:9f:76:20:50:a8:91:c7:66:b5:eb:78:
                    62:03:56:f0:8a:1a:13:ea:31:a3:1e:a0:99:fd:38:
                    f6:f6:27:32:58:6f:07:f5:6b:b8:fb:14:2b:af:b7:
                    aa:cc:d6:63:5f:73:8c:da:05:99:a8:38:a8:cb:17:
                    78:36:51:ac:e9:9e:f4:78:3a:8d:cf:0f:d9:42:e2:
                    98:0c:ab:2f:9f:0e:01:de:ef:9f:99:49:f1:2d:df:
                    ac:74:4d:1b:98:b5:47:c5:e5:29:d1:f9:90:18:c7:
                    62:9c:be:83:c7:26:7b:3e:8a:25:c7:c0:dd:9d:e6:
                    35:68:10:20:9d:8f:d8:de:d2:c3:84:9c:0d:5e:e8:
                    2f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A0:11:0A:23:3E:96:F1:07:EC:E2:AF:29:EF:82:A5:7F:D0:30:A4:B4
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.comodoca.com/AAACertificateServices.crl
                Full Name:
                  URI:http://crl.comodo.net/AAACertificateServices.crl
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        08:56:fc:02:f0:9b:e8:ff:a4:fa:d6:7b:c6:44:80:ce:4f:c4:
        c5:f6:00:58:cc:a6:b6:bc:14:49:68:04:76:e8:e6:ee:5d:ec:
        02:0f:60:d6:8d:50:18:4f:26:4e:01:e3:e6:b0:a5:ee:bf:bc:
        74:54:41:bf:fd:fc:12:b8:c7:4f:5a:f4:89:60:05:7f:60:b7:
        05:4a:f3:f6:f1:c2:bf:c4:b9:74:86:b6:2d:7d:6b:cc:d2:f3:
        46:dd:2f:c6:e0:6a:c3:c3:34:03:2c:7d:96:dd:5a:c2:0e:a7:
        0a:99:c1:05:8b:ab:0c:2f:f3:5c:3a:cf:6c:37:55:09:87:de:
        53:40:6c:58:ef:fc:b6:ab:65:6e:04:f6:1b:dc:3c:e0:5a:15:
        c6:9e:d9:f1:59:48:30:21:65:03:6c:ec:e9:21:73:ec:9b:03:
        a1:e0:37:ad:a0:15:18:8f:fa:ba:02:ce:a7:2c:a9:10:13:2c:
        d4:e5:08:26:ab:22:97:60:f8:90:5e:74:d4:a2:9a:53:bd:f2:
        a9:68:e0:a2:6e:c2:d7:6c:b1:a3:0f:9e:bf:eb:68:e7:56:f2:
        ae:f2:e3:2b:38:3a:09:81:b5:6b:85:d7:be:2d:ed:3f:1a:b7:
        b2:63:e2:f5:62:2c:82:d4:6a:00:41:50:f1:39:83:9f:95:e9:
        36:96:98:6e
Total found: 5

I have tried:

The usual importing/exporting through firefox, but I think that should be irrelevant after the refactor, and it didn't work anyway.
Stripping out the trust chain and importing only the leaf certificate
Clearing out the database and importing it again

Details

Version: 2.4.3

Revisions and Commits

rG GnuPG
	rGcbe0956df0f9 gpgsm: Increase salt size in pkcs#12 parser.
	rG214d3ffe0f91 gpgsm: Increase salt size in pkcs#12 parser.

Related Objects
Search...

		Status	Assigned	Task
		Resolved	• werner	T6752 New minip12 does not import from Firefox anymore
		Open	• werner	T6757 gpgsm 2.4 Fails to import P12 certificate/key

Event Timeline

lecris created this task.Oct 10 2023, 5:45 PM

lecris added a project: S/MIME.

lecris updated the task description. (Show Details)Oct 10 2023, 5:47 PM

Recent Mozilla again changed some things. Please see T6752. Can you please provide a sample in case this is not the same problem as in T6752?

• werner added a parent task: T6752: New minip12 does not import from Firefox anymore.Oct 16 2023, 1:23 PM

Thanks, what should I look out for? I don't think I can provide the .p12 directly because it is from a production provider that I do not have full access. I can provide the log and x509 public certificate again using the firefox generated one.

Any clues of which firefox/thunderbird is safe to use, and I will try it in a virtual environment.

@werner Any news on when will 2.4.4 will land? I cannot figure out how to build the project from source, and I couldn't adapt the Fedora packaging to build it either. I would like to have a way to finally sign my git commits.

We were hoping before christmas. But it is unlikely due to some other stuff we had to do. Early Jan. Definitely a priority for us right now to get it out.

We can't test this but assume that the fix for T6752 is sufficient here.

Hope so too. If there was a docker image or something I would gladly test it, otherwise I'll report back as soon as a release is out

We meanwhile have a lot of test cases in our test suite and we see no issue. Closing this bug; feel free to re-open if it is not fixed for your case in 2.4.4.

• werner moved this task from QA to gnupg-2.4.4 on the gnupg24 board.Jan 24 2024, 11:36 AM

• werner edited projects, added gnupg24 (gnupg-2.4.4); removed gnupg24.

@werner I have just tested this, and although it fixed it for one certificate, this one in this issue still fails. Here is the new debug given

gpgsm: bad length of salt (32)
gpgsm: parse_bag_encrypted_data(pkcs5PBES2-params): lvl=13 (tlv_expect_octet_string): Success - Invalid length
gpgsm: p12_parse(bag.encryptedData): @0129 lvl=13 tlv_expect_octet_string: Success - Invalid length
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 0
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 0/16384 bytes in 0 blocks

See https://dev.gnupg.org/T6757#182218 for more recent

Can you please try this patch:

diff --git a/sm/minip12.c b/sm/minip12.c
index 2e7b50e1c..9b6ff1182 100644
--- a/sm/minip12.c
+++ b/sm/minip12.c
@@ -677,7 +677,7 @@ parse_bag_encrypted_data (struct p12_parse_ctx_s *ctx, tlv_parser_t tlv)
   const unsigned char *data;
   size_t datalen;
   int intval;
-  char salt[20];
+  char salt[32];
   size_t saltlen;
   char iv[16];
   unsigned int iter;

We got a bit further, not sure what debug level you want, guru I've found to be too excessive:

PS: Keep me up to speed with the final patch so I port it in Fedora as well: https://src.fedoraproject.org/rpms/gnupg2/pull-request/19, unless you will want to add a quick bugfix release?

$ gpgsm --debug x509 --import cristian.le@mpsd.mpg.de.p12 
gpgsm: reading options from '[cmdline]'
gpgsm: enabled debug flags: x509
gpgsm: enabled compatibility flags:
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1948: @0000 class=0 tag=16 len=5025 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0004 lvl=1 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1954: @0004 class=0 tag=2 len=1 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1960: @0007 class=0 tag=16 len=4897 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0011 lvl=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1965: @0011 class=0 tag=6 len=9 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1972: @0022 class=2 tag=0 len=4882 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0026 lvl=3 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1977: @0026 class=0 tag=4 len=4878 nhdr=4 
gpgsm: DBG: p12_parse:_tlv_push:0: @0030 lvl=4 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1992: @0030 class=0 tag=16 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0032 lvl=5  in-ndef
gpgsm: DBG: p12_parse:bags/beginloop:1998: @0032 lvl=5  in-ndef
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1999: @0032 class=0 tag=16 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:bag-sequence:2002: @0034 lvl=5  in-ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0034 lvl=6  in-ndef
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:2006: @0034 class=0 tag=6 len=9 nhdr=2 
gpgsm: processing bag.encryptedData
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:698: @0045 class=2 tag=0 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0047 lvl=7  in-ndef
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:703: @0047 class=0 tag=16 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0049 lvl=8  in-ndef
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:709: @0049 class=0 tag=2 len=1 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:719: @0052 class=0 tag=16 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0054 lvl=9  in-ndef
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:725: @0054 class=0 tag=6 len=9 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:733: @0065 class=0 tag=16 len=111 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0067 lvl=10 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:738: @0067 class=0 tag=6 len=9 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:765: @0078 class=0 tag=16 len=98 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0080 lvl=11 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:770: @0080 class=0 tag=16 len=65 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0082 lvl=12 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:775: @0082 class=0 tag=6 len=9 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:786: @0093 class=0 tag=16 len=52 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0095 lvl=13 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:792: @0095 class=0 tag=4 len=32 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:806: @0129 class=0 tag=2 len=2 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:820: @0133 class=0 tag=16 len=12 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0135 lvl=14 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:824: @0135 class=0 tag=6 len=8 nhdr=2 
gpgsm: DBG: kdf digest algo = 8
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:841: @0145 class=0 tag=5 len=0 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @0147 lvl=13 
gpgsm: DBG: p12_parse:_tlv_pop:0: @0147 lvl=12 
gpgsm: DBG: p12_parse:_tlv_pop:0: @0147 lvl=11 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:848: @0147 class=0 tag=16 len=29 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0149 lvl=12 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:853: @0149 class=0 tag=6 len=9 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:871: @0160 class=0 tag=4 len=16 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @0178 lvl=11 
gpgsm: DBG: p12_parse:_tlv_pop:0: @0178 lvl=10 
gpgsm: DBG: p12_parse:_tlv_pop:0: @0178 lvl=9  in-ndef
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:916: @0178 class=2 tag=0 len=0 nhdr=2  cons ndef
gpgsm: DBG: p12_parse:_tlv_push:0: @0180 lvl=10  in-ndef
gpgsm: 4240 bytes of AES256 encrypted text
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:956: @0000 class=0 tag=16 len=4227 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0004 lvl=1 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:970: @0004 class=0 tag=16 len=1123 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0008 lvl=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:981: @0008 class=0 tag=6 len=11 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1007: @0021 class=2 tag=0 len=1067 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0025 lvl=3 
gpgsm: processing certBag
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1117: @0025 class=0 tag=16 len=1063 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0029 lvl=4 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1122: @0029 class=0 tag=6 len=10 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1135: @0041 class=2 tag=0 len=1047 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @0045 lvl=5 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1145: @0045 class=0 tag=4 len=1043 nhdr=4 
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @1092 lvl=4 
gpgsm: DBG: p12_parse:_tlv_pop:0: @1092 lvl=3 
gpgsm: DBG: p12_parse:_tlv_pop:0: @1092 lvl=2 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:1159: @1092 class=0 tag=17 len=37 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @1094 lvl=3 
gpgsm: skipping bag.attribute_set
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @1131 lvl=2 
gpgsm: DBG: p12_parse:_tlv_pop:0: @1131 lvl=1 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:970: @1131 class=0 tag=16 len=941 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @1135 lvl=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:981: @1135 class=0 tag=6 len=11 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1007: @1148 class=2 tag=0 len=922 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @1152 lvl=3 
gpgsm: processing certBag
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1117: @1152 class=0 tag=16 len=918 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @1156 lvl=4 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1122: @1156 class=0 tag=6 len=10 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1135: @1168 class=2 tag=0 len=902 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @1172 lvl=5 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1145: @1172 class=0 tag=4 len=898 nhdr=4 
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @2074 lvl=4 
gpgsm: DBG: p12_parse:_tlv_pop:0: @2074 lvl=3 
gpgsm: DBG: p12_parse:_tlv_pop:0: @2074 lvl=2 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:1159: @2074 class=0 tag=17 len=0 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @2076 lvl=3 
gpgsm: skipping bag.attribute_set
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @2076 lvl=2 
gpgsm: DBG: p12_parse:_tlv_pop:0: @2076 lvl=1 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:970: @2076 class=0 tag=16 len=1026 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @2080 lvl=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:981: @2080 class=0 tag=6 len=11 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1007: @2093 class=2 tag=0 len=1007 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @2097 lvl=3 
gpgsm: processing certBag
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1117: @2097 class=0 tag=16 len=1003 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @2101 lvl=4 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1122: @2101 class=0 tag=6 len=10 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1135: @2113 class=2 tag=0 len=987 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @2117 lvl=5 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1145: @2117 class=0 tag=4 len=983 nhdr=4 
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: certificate is good
gpgsm: DBG: looking for parent certificate
gpgsm: DBG:   found via authid and keyid
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @3104 lvl=4 
gpgsm: DBG: p12_parse:_tlv_pop:0: @3104 lvl=3 
gpgsm: DBG: p12_parse:_tlv_pop:0: @3104 lvl=2 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:1159: @3104 class=0 tag=17 len=0 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @3106 lvl=3 
gpgsm: skipping bag.attribute_set
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @3106 lvl=2 
gpgsm: DBG: p12_parse:_tlv_pop:0: @3106 lvl=1 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:970: @3106 class=0 tag=16 len=1121 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @3110 lvl=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:981: @3110 class=0 tag=6 len=11 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1007: @3123 class=2 tag=0 len=1102 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @3127 lvl=3 
gpgsm: processing certBag
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1117: @3127 class=0 tag=16 len=1098 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @3131 lvl=4 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1122: @3131 class=0 tag=6 len=10 nhdr=2 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1135: @3143 class=2 tag=0 len=1082 nhdr=4  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @3147 lvl=5 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1145: @3147 class=0 tag=4 len=1078 nhdr=4 
gpgsm: DBG: gcry_pk_verify: Success
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @4229 lvl=4 
gpgsm: DBG: p12_parse:_tlv_pop:0: @4229 lvl=3 
gpgsm: DBG: p12_parse:_tlv_pop:0: @4229 lvl=2 
gpgsm: DBG: _tlv_parser_next: container(s) closed due to size
gpgsm: DBG: p12_parse:_tlv_parser_next:1159: @4229 class=0 tag=17 len=0 nhdr=2  cons
gpgsm: DBG: p12_parse:_tlv_push:0: @4231 lvl=3 
gpgsm: skipping bag.attribute_set
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_pop:0: @4231 lvl=2 
gpgsm: DBG: p12_parse:_tlv_pop:0: @4231 lvl=1 
gpgsm: DBG: p12_parse:_tlv_pop:0: @4231 lvl=0 
gpgsm: DBG: _tlv_parser_next: called
gpgsm: DBG: p12_parse:_tlv_parser_next:1999: @0180 class=0 tag=4 len=1024 nhdr=4 
gpgsm: DBG: p12_parse:bags/endloop:2039: @0184 lvl=10  in-ndef
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 4
gpgsm:              unchanged: 4
secmem usage: 0/16384 bytes in 0 blocks

Jakuje added a subscriber: Jakuje.Jan 30 2024, 4:54 PM

lecris updated the task description. (Show Details)Feb 2 2024, 1:45 PM

Ok, I have tried again the series of workarounds that I initially posted on the main description, and I managed to fix it by striping the CA certificates. So the current issues here are:

Allocated salt is too small. https://dev.gnupg.org/T6757#182217 fixes for now
Cannot import a .p12 that includes CA certificates as well

So what are the plans to address these on the main branch/release?

Okay, I push the change for the extended salt size. Regarding the import of CA certificates, I have not seen any problems. In fact it is pretty common. Did you test with with 2.4.4. A test file would be helpful.

Unfortunately I have deleted the .p12 with the CA chain, and I don't know how I've generated it. It also contained my production certificates so, kinda sensitive to upload here.

I guess the debug message above is not helpful in this case right?

I would have expected an error message right after

gpgsm: DBG: p12_parse:bags/endloop:2039: @0184 lvl=10  in-ndef

if there was an error. The other code path would be that ctx.privatekey has been set to NULL - but I can't see how. (Looking at the current state of the 2.4 branch, though)

• werner added a commit: rG214d3ffe0f91: gpgsm: Increase salt size in pkcs#12 parser..Feb 5 2024, 8:15 AM

• werner added a commit: rGcbe0956df0f9: gpgsm: Increase salt size in pkcs#12 parser..

@werner I managed to recover the old .p12 that has the error. And this is still replicable. Is there a debug flag that would be useful or can we setup some private live-debugging for this?

The old debug output is in genral okay but what I would do is to add a couple of log_debug calls like

log_debug ("%s:%d: err=%d prk=%p,%p\n",
           __func__, __LINE__, err, ctx.privatekey, ctx.privatekey2);

after line 2039 and befor ethe return statements and probably also before and inside the loop. Usually easier than to step theu it with gdb,

Could you write a quick patch file for that? (I don't have a working source build, I am using the Fedora spec file + patches)

0001-Test-patch.patch3 KBDownload

The additional debug info are:

gpgsm: DBG: p12_parse:1998: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2021: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2054: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2061: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2069: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2081: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 4
gpgsm:              unchanged: 4

Line-number is a bit different because I had to edit the patch to make it work. Compared to the same .p12, but with the stripped CA:

gpgsm: DBG: p12_parse:1998: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2021: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2030: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2054: err=0 prk=0x000055dc670177e0,0x0000000000000000
gpgsm: DBG: p12_parse:2061: err=0 prk=0x000055dc670177e0,0x0000000000000000
gpgsm: DBG: p12_parse:2069: err=0 prk=0x000055dc670177e0,0x0000000000000000
gpgsm: DBG: p12_parse:2081: err=0 prk=0x000055dc670177e0,0x0000000000000000
gpgsm: total number processed: 2
gpgsm:              unchanged: 1
gpgsm:       secret keys read: 1
gpgsm:  secret keys unchanged: 1

Sorry, for not following up earlier. Can you please do me a favor and run the last tests again, this time adding -v and --debug 1 to the invocation? Feel free to forward the output to my private address is that is easier (wk at gnupg.org).

I've sent you an email about it. It might have html elements due to markdown-here.

• werner mentioned this in T6960: Release GnuPG 2.4.5.Mar 7 2024, 3:23 PM

• werner mentioned this in T6849: Release GnuPG 2.2.43.Tue, Apr 16, 9:47 AM

gpgsm 2.4 Fails to import P12 certificate/keyOpen, NormalPublicActions