certtool --to-p12 segfault if no password supplied

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Mar 2 04:10:11 CET 2011


On 03/01/2011 10:04 PM, Daniel Kahn Gillmor wrote:
> given a passphraseless key.pem and a corresponding cert.pem , certtool
> appears to crash with a segfault if i do:
> 
>       certtool --to-p12 \
>         --load-privkey "key.pem" \
>         --load-certificate "cert.pem" \
>         --outfile "pkcs12.p12" \
>         --template /dev/stdin <<EOF
> pkcs12_key_name = "test"
> EOF

here is the relevant backtrace:

>> (gdb) bt
>> #0  0xb7d7d440 in ?? () from /lib/i686/cmov/libc.so.6
>> #1  0xb7f8d40d in generate_key (schema=<value optimized out>, password=<value optimized out>, kdf_params=0xbffff484, enc_params=0xbffff4b0, key=0xbffff4d0) at privkey_pkcs8.c:1961
>> #2  0xb7f8e4da in _gnutls_pkcs7_encrypt_data (schema=PBES2_AES_128, data=0xbffff544, password=0x0, enc=0xbffff53c) at privkey_pkcs8.c:2337
>> #3  0xb7f86c6e in gnutls_pkcs12_bag_encrypt (bag=0x8082700, pass=0x0, flags=<value optimized out>) at pkcs12_bag.c:810
>> #4  0x0804f18e in generate_pkcs12 () at certtool.c:2609
>> #5  0x080524f5 in gaa_parser (argc=10, argv=0xbffff714) at certtool.c:1029
>> #6  main (argc=10, argv=0xbffff714) at certtool.c:106
>> (gdb) 

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110301/0d89d911/attachment.pgp>


More information about the Gnutls-help mailing list