- User Since
- Oct 10 2023, 4:10 PM (20 w, 2 d)
Wed, Feb 7
The additional debug info are:
gpgsm: DBG: p12_parse:1998: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2021: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2054: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2061: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2069: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: DBG: p12_parse:2081: err=0 prk=0x0000000000000000,0x0000000000000000 gpgsm: error parsing or decrypting the PKCS#12 file gpgsm: total number processed: 4 gpgsm: unchanged: 4
Tue, Feb 6
Could you write a quick patch file for that?
@werner I managed to recover the old .p12 that has the error. And this is still replicable. Is there a debug flag that would be useful or can we setup some private live-debugging for this?
Fri, Feb 2
Unfortunately I have deleted the .p12 with the CA chain, and I don't know how I've generated it. It also contained my production certificates so, kinda sensitive to upload here.
Ok, I have tried again the series of workarounds that I initially posted on the main description, and I managed to fix it by striping the CA certificates. So the current issues here are:
- Allocated salt is too small. https://dev.gnupg.org/T6757#182217 fixes for now
- Cannot import a .p12 that includes CA certificates as well
Jan 30 2024
We got a bit further, not sure what debug level you want, guru I've found to be too excessive:
@werner I have just tested this, and although it fixed it for one certificate, this one in this issue still fails. Here is the new debug given
Jan 5 2024
Hope so too. If there was a docker image or something I would gladly test it, otherwise I'll report back as soon as a release is out
Dec 15 2023
@werner Any news on when will 2.4.4 will land? I cannot figure out how to build the project from source, and I couldn't adapt the Fedora packaging to build it either. I would like to have a way to finally sign my git commits.
Oct 25 2023
Would love to test this, but I can't seem to compile this project, getting stuck at The system does not provide a working iconv function. Is there a Fedora based dockerfile or equivalent where I could build it? Here is the reference Fedora source. I have tried to hack it and build from a gitarchive, but I am still encountering issues No rule to make target 'audit-events.h', needed by 'all'. Stop.
Oct 16 2023
Thanks, what should I look out for? I don't think I can provide the .p12 directly because it is from a production provider that I do not have full access. I can provide the log and x509 public certificate again using the firefox generated one.