[Help-gnutls] Re: PKCS#8 incompatibility? between OpenSSL and GnuTLS

Simon Josefsson simon at josefsson.org
Wed Jun 3 16:30:08 CEST 2009

Simon Josefsson <simon at josefsson.org> writes:

> "Kukosa, Tomas" <tomas.kukosa at siemens-enterprise.com> writes:
>> Hi,
>> I have recived PKCS#12 file created with OpenSSL 0.9.7e which I can not
>> read in GnuTLS 2.7.12 but I still can read it in any OpenSSL.
> Hi!  Interesting report, I'm debugging it now.
>> BTW 0,8% is near to 1/128 or to 1/120 but it could be just random :-)
> This suggests some parsing problem, maybe in the PKCS#12 string2key
> function.  The 3DES keys for three of the four PEM's happened to start
> with 00.  The fourth PEM didn't start with 00, but the IV is also
> derived using the string2key function, so maybe there is a similar
> problem there.  Could be some DES parity bit issue as well.
> I'll instrument openssl to print the decryption keys it compute, if
> there is a mismatch I've confirmed the theory.

Indeed, the outputs from the PKCS#12 string2key functions differs (for
the same inputs) between GnuTLS and OpenSSL in some corner cases.  I
wonder which is standards compliant, there seems to be no PKCS#12 test
vectors around.

I suggest you use a more modern string2key algorithm than PKCS#12. ;)

We should fix this, though.  Thanks for reporting this with sufficient
information to reproduce it.


More information about the Gnutls-help mailing list