[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS

From:	Simon Josefsson
Subject:	[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
Date:	Wed, 03 Jun 2009 15:25:16 +0200
User-agent:	Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)

"Kukosa, Tomas" <address@hidden> writes:

> Hi,
>  
> I have recived PKCS#12 file created with OpenSSL 0.9.7e which I can not
> read in GnuTLS 2.7.12 but I still can read it in any OpenSSL.

Hi!  Interesting report, I'm debugging it now.

> BTW 0,8% is near to 1/128 or to 1/120 but it could be just random :-)

This suggests some parsing problem, maybe in the PKCS#12 string2key
function.  The 3DES keys for three of the four PEM's happened to start
with 00.  The fourth PEM didn't start with 00, but the IV is also
derived using the string2key function, so maybe there is a similar
problem there.  Could be some DES parity bit issue as well.

I'll instrument openssl to print the decryption keys it compute, if
there is a mismatch I've confirmed the theory.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnutls] PKCS#8 incompatibility? between OpenSSL and GnuTLS, Kukosa, Tomas, 2009/06/03
- [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson <=
  - [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson, 2009/06/03
    - [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS, Simon Josefsson, 2009/06/10

Prev by Date: [Help-gnutls] PKCS#8 incompatibility? between OpenSSL and GnuTLS
Next by Date: [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
Previous by thread: [Help-gnutls] PKCS#8 incompatibility? between OpenSSL and GnuTLS
Next by thread: [Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
Index(es):
- Date
- Thread