[gnutls-dev] unencrypted PKCS#12

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Oct 27 08:07:22 CEST 2004


On Tuesday 19 October 2004 00:21, Aleix Conchillo Flaque wrote:
> Hi,
>
> I'm playing around opening some PKCS#12 files and I've found something
> curious. When PKCS#12s are not encrypted:
>
> - gnutls_pkcs12_bag_decrypt(bag, "") works, but if I pass a NULL I get
>   a segmentation fault.
I think I fixed that. Now it should return an error.

> - gnutls_x509_privkey_import_pkcs8(key, &key_data, GNUTLS_X509_FMT_DER,
>                                    NULL, 0)
>   here if I pass an empty password "" instead of NULL I get an
>   GNUTLS_E_MPI_SCAN_FAILED error (The scanning of a large integer has
>   failed).
This is not really a bug. You cannot use empty passwords. Use the flag 
GNUTLS_PKCS_PLAIN or a NULL password instead, if you want to disable 
encryption.

> aleix

-- 
Nikos Mavrogiannopoulos



More information about the Gnutls-dev mailing list