<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p class="details" style="font-style: italic; color: #666;">

<a href="https://gitlab.com/dkg">Daniel Kahn Gillmor</a> created an issue: <a href="https://gitlab.com/gnutls/gnutls/-/issues/1259">#1259</a>

</p>

<div></div>

<p dir="auto">Over on the IETF LAMPS list, <a href="https://mailarchive.ietf.org/arch/msg/spasm/y4W34PY3aOM8L9mZZ-_2NH1Jogw/" rel="nofollow noreferrer noopener" target="_blank">Ryan Sleevi writes</a> that for PKCS12's authSafe objects, there needs to be two layers of OCTET STRING.</p>

<blockquote dir="auto">

<ul>

<li>5652 requires that <code>id-data</code> be an OCTET STRING</li>

<li>7292 requires that the <em>contents</em> of that OCTET STRING be a BER-encoded value of type AuthenticatedSafe, expressed as an OCTET STRING</li>

</ul>

</blockquote>

<p dir="auto">But <code>certtool</code> produces a PKCS12 object with only one layer of OCTET STRING in each of these nested locations.</p>

<p dir="auto">The PKCS12 object produced by <code>certtool</code> is unimportable by some PKCS12 implementations, including <code>pk12util</code> from NSS and <code>Keychain Access</code> on Mac OS X.  I believe this single layer of OCTET STRING is the reason.</p>

<p dir="auto">(Thunderbird is willing to import the PKCS12 object produced by <code>certtool</code> for some reason, perhaps it uses a different NSS codepath than <code>pk12util</code> does; but when Thunderbird re-exports a PKCS12 object, it produces the double-layer of OCTET STRING)</p>

<p dir="auto">Interestingly, it looks like <code>certtool --p12-info</code> can read a PKCS12 object whether it is wrapped in one layer or two layers of OCTET STRING.</p>

<p dir="auto">My ASN.1 capacity is not strong enough to figure out how to make <code>certtool</code> emit a double-wrapped layer of OCTET STRINGs in the right places.  If anyone from GnuTLS can recommend how to do that, i'd be willing to try implementing it, but i'm lost right now.</p>

<p dir="auto">You can find a <code>certtool</code>-generated PKCS12 object (PEM-encoded) in <a href="https://www.ietf.org/archive/id/draft-ietf-lamps-samples-04.html" rel="nofollow noreferrer noopener" target="_blank">draft-ietf-lamps-samples-04</a> that has only a single-layer of OCTET STRING.  (i've been testing with the <code>bob.p12</code> object)</p>

<p dir="auto">The same set of keys and certs, laundered through importing into Thunderbird and then re-exporting, yields <a href="https://gitlab.com/gnutls/gnutls/uploads/f1e616427bcea703a59607fe60fee5e1/bob.laundered.p12" data-canonical-src="/uploads/f1e616427bcea703a59607fe60fee5e1/bob.laundered.p12" data-link="true" class="gfm">bob.laundered.p12</a>.  Both p12 files have a password that is a three-letter ASCII string <code>bob</code>.  Of course the encryption parameters change between the files as well.</p>

<p dir="auto">Here's an example of <code>pk12util</code> from NSS failing to import the <code>certtool</code>-generated file:</p>

<pre class="code highlight js-syntax-highlight language-console" lang="console" v-pre="true"><code><span id="LC1" class="line" lang="console"><span class="gp">$</span><span class="w"> </span>pk12util <span class="nt">-i</span> bob.p12 <span class="nt">-d</span> /home/dkg/tmp/tmp.R1CukyyEk3 <span class="nt">-W</span> bob <span class="nt">-K</span> bob</span>

<span id="LC2" class="line" lang="console"><span class="go">pk12util: PKCS12 decoding failed: SEC_ERROR_BAD_DER: security library: improperly formatted DER-encoded message.</span></span>

<span id="LC3" class="line" lang="console"><span class="go">pk12util: PKCS12 decoding failed: SEC_ERROR_BAD_DER: security library: improperly formatted DER-encoded message.</span></span>

<span id="LC4" class="line" lang="console"><span class="go">pk12util: PKCS12 decode not verified: SEC_ERROR_BAD_DER: security library: improperly formatted DER-encoded message.</span></span>

<span id="LC5" class="line" lang="console"><span class="go">pk12util: PKCS12 decode validate bags failed: SEC_ERROR_INVALID_ARGS: security library: invalid arguments.</span></span></code></pre>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1259">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/-/sent_notifications/dfbeaf32abd0fb7682475201c308cf6d/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1259"}}</script>

</p>

</div>

</body>

</html>