[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS |
Date: |
Wed, 03 Jun 2009 16:30:08 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux) |
Simon Josefsson <address@hidden> writes:
> "Kukosa, Tomas" <address@hidden> writes:
>
>> Hi,
>>
>> I have recived PKCS#12 file created with OpenSSL 0.9.7e which I can not
>> read in GnuTLS 2.7.12 but I still can read it in any OpenSSL.
>
> Hi! Interesting report, I'm debugging it now.
>
>> BTW 0,8% is near to 1/128 or to 1/120 but it could be just random :-)
>
> This suggests some parsing problem, maybe in the PKCS#12 string2key
> function. The 3DES keys for three of the four PEM's happened to start
> with 00. The fourth PEM didn't start with 00, but the IV is also
> derived using the string2key function, so maybe there is a similar
> problem there. Could be some DES parity bit issue as well.
>
> I'll instrument openssl to print the decryption keys it compute, if
> there is a mismatch I've confirmed the theory.
Indeed, the outputs from the PKCS#12 string2key functions differs (for
the same inputs) between GnuTLS and OpenSSL in some corner cases. I
wonder which is standards compliant, there seems to be no PKCS#12 test
vectors around.
I suggest you use a more modern string2key algorithm than PKCS#12. ;)
We should fix this, though. Thanks for reporting this with sufficient
information to reproduce it.
/Simon