gpgsm: .p12 AES-256-CBC support
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	zablockil
	Jan 15 2024, 6:43 PM

Description

Steps to Reproduce:

$ gpgsm --version
gpgsm (GnuPG) 2.4.3
libgcrypt 1.10.2
libksba 1.6.4

$ gpgsm -vv --import credential_private_encrypted_AES256.p12
gpgsm: enabled compatibility flags:
gpgsm: processing bag.encryptedData
gpgsm: DBG: cipher algo: 2a864886f70d0209
gpgsm: parse_bag_encrypted_data(pkcs5PBES2-params): offset 14.10 (tlv_expect_object_id): Sukces - Niepoprawny algorytm szyfru
gpgsm: p12_parse(bag.encryptedData): offset 14.10 (tlv_expect_object_id): Sukces - Niepoprawny algorytm szyfru
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: całkowita liczba przetworzonych: 0

$ gpgsm -vv --import credential_private_encrypted_3DES.p12
→ OK!

$ openssl pkcs12 -info -nokeys -noout -in credential_private_encrypted_AES256.p12
Enter Import Password:
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256
Certificate bag
Certificate bag
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256

• export certificate via Windows10 "certmgr.msc"
• or convert _3DES.p12 via "Export-PfxCertificate" [PowerShell]:

$Oldpwd = ConvertTo-SecureString -String "qeFGds84/Sf0eKkJwcp6" -Force -AsPlainText
$NewPwd = ConvertTo-SecureString -String "password" -Force -AsPlainText
$mypfx = Get-PfxData -FilePath R:\credential_private_encrypted_3DES.p12 -Password $Oldpwd
Export-PfxCertificate -PFXData $mypfx -FilePath R:\windows10_AES256.pfx -Password $NewPwd -ChainOption PfxDataOnly -CryptoAlgorithmOption AES256_SHA256

$ openssl pkcs12 -info -nokeys -noout -in windows10_AES256.pfx
Enter Import Password:
MAC: sha256, Iteration 2000
MAC length: 32, salt length: 20
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-256-CBC, Iteration 2000, PRF hmacWithSHA256
PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 2000, PRF hmacWithSHA256
Certificate bag
Certificate bag

Hi,

I'm testing S/MIME support in various programs (gpgsm is great btw.) with different certs configurations etc. I will report some bugs/feature requests if you guys don't mind. All the steps are in the bash script in the .tar package (keys, certificates, configuration files, dumps).

gpgsm/Kleopatra does not support AES-256 encryption in .p12 files (from openssl and windows).

the benefits of introducing this:

0) interoperability

openssl 3.0 uses this encryption by default now
"certmgr.msc" export has 2 available algorithms: "TripleDES-SHA1" and "AES256-SHA256"
other certificate creation software supports this encryption

0) other

NIST 800-131A disallowed three-key TDEA after 2023 (some recommendations)
other standards also mention this encryption

thank you

openssl_p12_test.tar.gz71 KBDownload

Details

Version: gpgsm (GnuPG) 2.4.3

Revisions and Commits

rG GnuPG
	rG34d19d448dd3 tests: Add two more sample p12 files

Related Objects

Mentioned In: T7115: gpgsm: support for importing x25519 and ed25519 private keys from .p12 files
Mentioned Here: T1321: gpgsm cannot read pkcs12 files generated by certtool (from gnutls-bin)
T3927: gpgsm certificate import fails because of hardcoded password length limitation
T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag
T6752: New minip12 does not import from Firefox anymore

Event Timeline

zablockil created this task.Jan 15 2024, 6:43 PM

Thanks for the report. It comes right in time for the next release. It might already be fixed due to a lot of changes in the pkcs#12 parser.

It is already implemented and will soon show up in 2.4.4 -)

$ gpgsm --import -v --batch t6940/private/user/credential_private_encrypted_AES256.p12
gpgsm: enabled compatibility flags:
gpgsm: processing bag.encryptedData
gpgsm: 2672 bytes of AES256 encrypted text
gpgsm: processing certBag
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: issuer certificate {214A32E78817B4B739D5FD109E2E5AC56BC1F87C36EAEC96719B0A648120B897} not found using authorityKeyIdentifier
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: issuer certificate (#/[ 434e3df09f8f832052756e61776179205068696c6c69702c4f3df09f8f832052756e61776179205068696c6c69702c433d5553 ]) not found
gpgsm: certificate imported
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: issuer certificate {214A32E78817B4B739D5FD109E2E5AC56BC1F87C36EAEC96719B0A648120B897} not found using authorityKeyIdentifier
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: No data
gpgsm: skipping bag.attribute_set
gpgsm: processing certBag
gpgsm: certificate imported
gpgsm: processing bag data
gpgsm: processing shrouded_key_bag
gpgsm: 1232 bytes of AES256 encrypted text
gpgsm: skipping shrouded_key_bag.attribute_set
gpgsm: total number processed: 3
gpgsm:               imported: 2
gpgsm:       secret keys read: 1
gpgsm:   secret keys imported: 1

$ gpgsm --list-chain 0xF7604937
/home/wk/b/gnupg-2.4/test-1/pubring.kbx
----------------------------------------
           ID: 0xF7604937
          S/N: 735E26BF1937A88E
        (dec): 8313124564376201358
       Issuer: /CN=🏃 Runaway Phillip/O=🏃 Runaway Phillip/C=US
      Subject: /CN=Phillip Runaway/C=US/SN=Runaway/GN=Phillip
          aka: test@example.com
     validity: 2024-01-01 12:00:02 through 2123-12-31 12:00:02
     key type: rsa2048
    key usage: digitalSignature keyEncipherment
ext key usage: clientAuth (suggested), emailProtection (suggested)
     sha1 fpr: 20:F6:57:40:B4:A1:5B:AC:6D:6A:29:90:26:75:60:88:F7:60:49:37
     sha2 fpr: 72:40:6C:B0:96:0E:3D:16:94:13:89:1B:01:6F:DE:20:AA:1D:7E:62:99:5D:B7:FF:50:D3:C0:41:B7:B0:1D:D5
Certified by
           ID: 0x9395571B
          S/N: 7970968585B8F298
        (dec): 8750659576199180952
       Issuer: /CN=🏃 Runaway Phillip/O=🏃 Runaway Phillip/C=US
      Subject: /CN=🏃 Runaway Phillip/O=🏃 Runaway Phillip/C=US
     validity: 2024-01-01 12:00:01 through 2124-01-01 12:00:01
     key type: rsa3072
    key usage: certSign crlSign
ext key usage: clientAuth (suggested), emailProtection (suggested)
 chain length: unlimited
     sha1 fpr: CB:B4:B2:6F:93:CF:D9:71:5A:C9:FA:43:44:04:70:DF:93:95:57:1B
     sha2 fpr: DA:26:4C:DA:C4:0A:5D:E9:BE:A5:92:DC:02:BF:47:2A:05:B0:4F:E1:D4:3D:A2:B6:A0:E6:1C:D1:DE:B3:7D:51

• werner added a commit: rG34d19d448dd3: tests: Add two more sample p12 files.Jan 23 2024, 2:19 PM

• werner moved this task from QA to gnupg-2.4.4 on the gnupg24 board.Jan 24 2024, 11:38 AM

• werner edited projects, added gnupg24 (gnupg-2.4.4); removed gnupg24.

zablockil mentioned this in T7115: gpgsm: support for importing x25519 and ed25519 private keys from .p12 files.May 12 2024, 6:55 PM

gpgsm: .p12 AES-256-CBC supportClosed, ResolvedPublicActions