Error: Bad length of salt (32) for AES when importing a p12 certificate
Nils Schween
nils.schween at mpi-hd.mpg.de
Thu Sep 19 09:07:11 CEST 2024
A short follow up: I did some more tests and I found that the change of
the length of the salt array in the function 'parse_shrouded_key_bag'
suffices to import the certificate. It is actually enough to increase
the value from 20 to 32. Here is the git diff of my change of minip12.c
(version 2.5.1 )
diff --git a/minip12.c-original b/minip12.c
index 028be91..00ba26d 100644
--- a/minip12.c-original
+++ b/minip12.c
@@ -1248,7 +1248,7 @@ parse_shrouded_key_bag (struct p12_parse_ctx_s *ctx, tlv_parser_t tlv)
const unsigned char *data;
size_t datalen;
int intval;
- char salt[20];
+ char salt[32];
size_t saltlen;
char iv[16];
unsigned int iter;
Regards,
Nils
Nils Schween <nils.schween at mpi-hd.mpg.de> writes:
> Dear gpg community,
>
> I had difficulties to import a p12 certificiate with gpgsm --import
> cert.p12
>
> I got the following error message:
>
> gpgsm: bad length of salt (32) for AES
> gpgsm: parse_shrouded_key_bag(shrouded_key_bag.pkcs5PBES2-params): lvl=16 (tlv_expect_octet_string): Success - Invalid length
> gpgsm: parse_bag_data(data.oid): lvl=16 (tlv_expect_octet_string): Success - Invalid length
> gpgsm: p12_parse(bag.data): @6724 lvl=16 tlv_expect_octet_string: Success - Invalid length
> gpgsm: error parsing or decrypting the PKCS#12 file
> gpgsm: total number processed: 4
> gpgsm: unchanged: 4
>
>
> I searched the internet and I found the following bug report
>
> https://dev.gnupg.org/T6757#182217
>
> I checked with the lenght of the salt in my certificate with the command
> command
>
> openssl pkcs12 -info -nokeys -noout -in smime_eyJpZCI6MzYzNTkwMSwidHlwZSI6IlNNSU1FIn0_.p12
>
> The output was
>
> MAC: sha256, Iteration 20000
> MAC length: 32, salt length: 64
>
> In agreement with the error message and along the lines of the mentioned
> bug report I changed the following lines in the sm/minip12.c :
>
> static int
> parse_bag_encrypted_data (struct p12_parse_ctx_s *ctx, tlv_parser_t tlv)
> {
> gpg_error_t err = 0;
> const char *where;
> const unsigned char *oid;
> size_t oidlen;
> const unsigned char *data;
> size_t datalen;
> int intval;
> - char salt[32];
> + char salt[64];
>
> static gpg_error_t
> parse_shrouded_key_bag (struct p12_parse_ctx_s *ctx, tlv_parser_t tlv)
> {
> gpg_error_t err = 0;
> const char *where;
> const unsigned char *oid;
> size_t oidlen;
> const unsigned char *data;
> size_t datalen;
> int intval;
> - char salt[20];
> + char salt[64];
> ...
>
> After recompiling I could import the certificate without issues. I do
> not know if I did something risky from the security perspective and I am
> sorry for not reporting it directly in bug tracker, but I do not have an
> account there.
>
> Please let me, if this change is going to make into one of the next
> versions of gpg.
>
> Best regards,
> Nils Schween
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
--
Nils Schween
PhD Student
Phone: +49 6221 516 557
Mail: nils.schween at mpi-hd.mpg.de
PGP-Key: 4DD3DCC0532EE96DB0C1F8B5368DBFA14CB81849
Max Planck Institute for Nuclear Physics
Astrophysical Plasma Theory (APT)
Saupfercheckweg 1, D-69117 Heidelberg
https://www.mpi-hd.mpg.de/mpi/en/research/scientific-divisions-and-groups/independent-research-groups/apt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5989 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240919/91fc474e/attachment.bin>
More information about the Gnupg-users
mailing list