gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) (macOS 15 (Darwin 25.4.0, arm64)
Closed, DuplicatePublic
Actions

Assigned To

None

Authored By

	NfuRipHA
	Fri, Apr 3, 4:52 AM

Description

gpgsm fails to decrypt CMS/S/MIME enveloped data that uses RSAES-OAEP with SHA-256 as the key transport algorithm. The error reported is "Kein geheimer Schlüssel" (No secret key), even though the correct private key is present and accessible via gpg-agent. Notably, gpgsm never issues a PKDECRYPT command to gpg-agent — it aborts before reaching that point.

Steps to reproduce:

Import a SwissSign S/MIME certificate (RSA 4096) via gpgsm --import cert.p12
Verify key is present: gpgsm --list-secret-keys shows the certificate, gpg-connect-agent "HAVEKEY <grip>" /bye returns OK
Attempt to decrypt a .p7m file encrypted with RSAES-OAEP (SHA-256): gpgsm --decrypt message.p7m

Expected result:
gpg-agent is contacted via PKDECRYPT, pinentry prompts for passphrase, message is decrypted.

Actual result:
gpgsm: encrypted to rsa4096 key, ID 3988316C7F6E8D8A00FDD0C81EB4FC5448031ED3
gpgsm: recp 0 - error getting encrypted session key
gpgsm: message decryption failed: No secret key <GPGSM>
gpg-agent log shows only HAVEKEY queries — PKDECRYPT is never sent.

ASN.1 structure of the encrypted message (relevant excerpt):

OBJECT  :rsaesOaep
SEQUENCE
  cont [0]
    SEQUENCE
      OBJECT :sha256
  cont [1]
    SEQUENCE
      OBJECT :mgf1
      SEQUENCE
        OBJECT :sha256

Workaround:
openssl cms -decrypt -inform DER decrypts the same message successfully.

Additional info:
gpgsm --with-validation --list-secret-keys shows [certificate is good]
The private key file exists in ~/.gnupg/private-keys-v1.d/
keyinfo via gpg-connect-agent returns D - - - P (disk, passphrase-protected)
Older RSAES-PKCS1-v1_5 encrypted messages may work — this issue is specific to RSAES-OAEP

Attachments:
$ cat bug-report-asn1.txt

  0:d=0  hl=4 l=12349 cons: SEQUENCE
  4:d=1  hl=2 l=   9 prim: OBJECT            :pkcs7-envelopedData
 15:d=1  hl=4 l=12334 cons: cont [ 0 ]
 19:d=2  hl=4 l=12330 cons: SEQUENCE
 23:d=3  hl=2 l=   1 prim: INTEGER           :00
 26:d=3  hl=4 l= 689 cons: SET
 30:d=4  hl=4 l= 685 cons: SEQUENCE
 34:d=5  hl=2 l=   1 prim: INTEGER           :00
 37:d=5  hl=2 l= 106 cons: SEQUENCE
 39:d=6  hl=2 l=  82 cons: SEQUENCE
 41:d=7  hl=2 l=  11 cons: SET
 43:d=8  hl=2 l=   9 cons: SEQUENCE
 45:d=9  hl=2 l=   3 prim: OBJECT            :countryName
 50:d=9  hl=2 l=   2 prim: PRINTABLESTRING   :CH
 54:d=7  hl=2 l=  21 cons: SET
 56:d=8  hl=2 l=  19 cons: SEQUENCE
 58:d=9  hl=2 l=   3 prim: OBJECT            :organizationName
 63:d=9  hl=2 l=  12 prim: PRINTABLESTRING   :SwissSign AG
 77:d=7  hl=2 l=  44 cons: SET
 79:d=8  hl=2 l=  42 cons: SEQUENCE
 81:d=9  hl=2 l=   3 prim: OBJECT            :commonName
 86:d=9  hl=2 l=  35 prim: UTF8STRING        :SwissSign RSA SMIME MV ICA 2024 - 1
123:d=6  hl=2 l=  20 prim: INTEGER           :4F6438C6B06EBBEF503A6BDEAD074FC69CDC3553
145:d=5  hl=2 l=  56 cons: SEQUENCE
147:d=6  hl=2 l=   9 prim: OBJECT            :rsaesOaep
158:d=6  hl=2 l=  43 cons: SEQUENCE
160:d=7  hl=2 l=  13 cons: cont [ 0 ]
162:d=8  hl=2 l=  11 cons: SEQUENCE
164:d=9  hl=2 l=   9 prim: OBJECT            :sha256
175:d=7  hl=2 l=  26 cons: cont [ 1 ]
177:d=8  hl=2 l=  24 cons: SEQUENCE
179:d=9  hl=2 l=   9 prim: OBJECT            :mgf1
190:d=9  hl=2 l=  11 cons: SEQUENCE
192:d=10 hl=2 l=   9 prim: OBJECT            :sha256
203:d=5  hl=4 l= 512 prim: OCTET STRING      [HEX DUMP]:5FC12C1A69B9385C4C0764609F7C556E35F8F381E758050C5298928D0B215BC8C39896E1CFCFCE8897466243CB0333B86D58B9930E0857152B1210E430F003D602DCF1F63597655D64CEFB4917415C561B2E56D937DE322A90C750116EE739E7CAC212432CB0D2E437219B80A5B0A9A41C68ED106686FF3762834BE0672992C40D737A981700659BCF4418208A4207FFA78C970FD3CFEE9A227CE522BFAFDB9F7C66CE610B384DAF5F1A1F4543D030456626903D8DE89E6155873ED4D1C60D2C703BEBAE2DFDD7D783971E3A301097889A440C6DBC44E8B5A29B81BC3BD11BBF590ACEE76A8A9C98BBC11BEE99975761F2B22B96295A8D7C5EFFB898A51435BB6663EF70C5BE2A6A2DF8C0E5E5B71852BB14C2CB9D27BE5B7140B4CCAAD1D1E08C81B4B131045C20EF0AC9E23F8645DD5C355C0E218F09E16FE23A0071C7B76F237B91B2C99ADC70F2F11DBB121BD89FB941D1818D86ED2B3371685ACA2E3DE6D11E795C9AB5587183CB7072D796FB3B3D979929A97D5E86737DFCC93367B34513EE01F0B59C1E2E57B1E9EBE3219152DC4A828BE2668461C195C3DF3B4455766A3AF0C1ED5983EE087F876A637471985C4DB93C1ABB7B6B1BF22C619A50B70F77D17B015FBCD2CCD5152D16FD278299B29DAA008038D4F60415B8EEA0852B85F322586A9EC0F566CAEE72391EED21D344D9BAE2F6F10B0FAF7E4B197D20BAB2
719:d=3  hl=4 l=11630 cons: SEQUENCE
723:d=4  hl=2 l=   9 prim: OBJECT            :pkcs7-data
734:d=4  hl=2 l=  29 cons: SEQUENCE
736:d=5  hl=2 l=   9 prim: OBJECT            :aes-256-cbc
747:d=5  hl=2 l=  16 prim: OCTET STRING      [HEX DUMP]:D4500E6B48ED0332D0FE32C884CA559D

$ cat bug-report-header.b64
MIIwPQYJKoZIhvcNAQcDoIIwLjCCMCoCAQAxggKxMIICrQIBADBqMFIxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxLDAqBgNVBAMMI1N3aXNzU2lnbiBSU0EgU01JTUUgTVYgSUNBIDIwMjQgLSAxAhRPZDjGsG6771A6a96tB0/GnNw1UzA4BgkqhkiG9w0BAQcwK6ANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgEEggIAX8EsGmm5OFxMB2Rgn3xVbjX484HnWAUMUpiSjQshW8jDmJbhz8/OiJdGYkPLAzO4bVi5kw4IVxUrEhDkMPAD1gLc8fY1l2VdZM77SRdBXFYbLlbZN94yKpDHUBFu5znnysISQyyw0uQ3IZuApbCppBxo7RBmhv83YoNL4GcpksQNc3qYFwBlm89EGCCKQgf/p4yXD9PP7poifOUiv6/bn3xmzmELOE2vXxofRUPQMEVmJpA9jeieYVWHPtTRxg0scDvrri3919eDlx46MBCXiJpEDG28ROi1opuBvDvRG79ZCs7naoqcmLvBG+6Zl1dh8rIrlilajXxe/7iYpRQ1u2Zj73DFvipqLfjA5eW3GFK7FMLLnSe+W3FAtMyq0dHgjIG0sTEEXCDvCsniP4ZF3Vw1XA4hjwnhb+I6AHHHt28je5GyyZrccPLxHbsSG9ifuUHRgY2G7SszcWhayi495tEeeVyatVhxg8twcteW+zs9l5kpqX1ehnN9/MkzZ7NFE+4B8LWcHi5Xsenr4yGRUtxKgoviZoRhwZXD3ztEVXZqOvDB7VmD7gh/h2pjdHGYXE25PBq7e2sb8ixhmlC3D3fRewFfvNLM1RUtFv0ngpmynaoAgDjU9gQVuO6ghSuF8yJYap7A9WbK7nI5Hu0h00TZuuL28QsPr35LGX0gurI=

$ cat bug-report-header.txt
00000000: 3082 303d 0609 2a86 4886 f70d 0107 03a0 0.0=..*.H.......
00000010: 8230 2e30 8230 2a02 0100 3182 02b1 3082 .0.0.0*...1...0.
00000020: 02ad 0201 0030 6a30 5231 0b30 0906 0355 .....0j0R1.0...U
00000030: 0406 1302 4348 3115 3013 0603 5504 0a13 ....CH1.0...U...
00000040: 0c53 7769 7373 5369 676e 2041 4731 2c30 .SwissSign AG1,0
00000050: 2a06 0355 0403 0c23 5377 6973 7353 6967 *..U...#SwissSig
00000060: 6e20 5253 4120 534d 494d 4520 4d56 2049 n RSA SMIME MV I
00000070: 4341 2032 3032 3420 2d20 3102 144f 6438 CA 2024 - 1..Od8
00000080: c6b0 6ebb ef50 3a6b dead 074f c69c dc35 ..n..P:k...O...5
00000090: 5330 3806 092a 8648 86f7 0d01 0107 302b S08..*.H......0+
000000a0: a00d 300b 0609 6086 4801 6503 0402 01a1 ..0...`.H.e.....
000000b0: 1a30 1806 092a 8648 86f7 0d01 0108 300b .0...*.H......0.
000000c0: 0609 6086 4801 6503 0402 0104 8202 005f ..`.H.e........_
000000d0: c12c 1a69 b938 5c4c 0764 609f 7c55 6e35 .,.i.8\L.d`.|Un5
000000e0: f8f3 81e7 5805 0c52 9892 8d0b 215b c8c3 ....X..R....![..
000000f0: 9896 e1cf cfce 8897 4662 43cb 0333 b86d ........FbC..3.m
00000100: 58b9 930e 0857 152b 1210 e430 f003 d602 X....W.+...0....
00000110: dcf1 f635 9765 5d64 cefb 4917 415c 561b ...5.e]d..I.A\V.
00000120: 2e56 d937 de32 2a90 c750 116e e739 e7ca .V.7.2*..P.n.9..
00000130: c212 432c b0d2 e437 219b 80a5 b0a9 a41c ..C,...7!.......
00000140: 68ed 1066 86ff 3762 834b e067 2992 c40d h..f..7b.K.g)...
00000150: 737a 9817 0065 9bcf 4418 208a 4207 ffa7 sz...e..D. .B...
00000160: 8c97 0fd3 cfee 9a22 7ce5 22bf afdb 9f7c ......."|."....|
00000170: 66ce 610b 384d af5f 1a1f 4543 d030 4566 f.a.8M._..EC.0Ef
00000180: 2690 3d8d e89e 6155 873e d4d1 c60d 2c70 &.=...aU.>....,p
00000190: 3beb ae2d fdd7 d783 971e 3a30 1097 889a ;..-......:0....
000001a0: 440c 6dbc 44e8 b5a2 9b81 bc3b d11b bf59 D.m.D......;...Y
000001b0: 0ace e76a 8a9c 98bb c11b ee99 9757 61f2 ...j.........Wa.
000001c0: b22b 9629 5a8d 7c5e ffb8 98a5 1435 bb66 .+.)Z.|^.....5.f
000001d0: 63ef 70c5 be2a 6a2d f8c0 e5e5 b718 52bb c.p..*j-......R.
000001e0: 14c2 cb9d 27be 5b71 40b4 ccaa d1d1 e08c ....'.[q@.......
000001f0: 81b4 b131 045c 20ef 0ac9 e23f 8645 dd5c ...1.\ ....?.E.\
00000200: 355c 0e21 8f09 e16f e23a 0071 c7b7 6f23 5\.!...o.:.q..o#
00000210: 7b91 b2c9 9adc 70f2 f11d bb12 1bd8 9fb9 {.....p.........
00000220: 41d1 818d 86ed 2b33 7168 5aca 2e3d e6d1 A.....+3qhZ..=..
00000230: 1e79 5c9a b558 7183 cb70 72d7 96fb 3b3d .y\..Xq..pr...;=
00000240: 9799 29a9 7d5e 8673 7dfc c933 67b3 4513 ..).}^.s}..3g.E.
00000250: ee01 f0b5 9c1e 2e57 b1e9 ebe3 2191 52dc .......W....!.R.
00000260: 4a82 8be2 6684 61c1 95c3 df3b 4455 766a J...f.a....;DUvj
00000270: 3af0 c1ed 5983 ee08 7f87 6a63 7471 985c :...Y.....jctq.\
00000280: 4db9 3c1a bb7b 6b1b f22c 619a 50b7 0f77 M.<..{k..,a.P..w
00000290: d17b 015f bcd2 ccd5 152d 16fd 2782 99b2 .{._.....-..'...
000002a0: 9daa 0080 38d4 f604 15b8 eea0 852b 85f3 ....8........+..
000002b0: 2258 6a9e c0f5 66ca ee72 391e ed21 d344 "Xj...f..r9..!.D
000002c0: d9ba e2f6 f10b 0faf 7e4b 197d 20ba b2 ........~K.} ..

Details

Version: gpgsm 2.5.18

Related Objects

Mentioned In: T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256)

Event Timeline

NfuRipHA created this task.Fri, Apr 3, 4:52 AM

NfuRipHA mentioned this in T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256).Fri, Apr 3, 4:55 AM

This comment was removed by NfuRipHA.

NfuRipHA closed this task as a duplicate of T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256).Fri, Apr 3, 4:55 AM

gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) (macOS 15 (Darwin 25.4.0, arm64)Closed, DuplicatePublicActions

Description

Details

Related Objects

Event Timeline

gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) (macOS 15 (Darwin 25.4.0, arm64)
Closed, DuplicatePublic
Actions