Internal error returned from within gnutls_certificate_set_openpgp_key()
Joke de Buhr
joke at seiken.de
Tue Sep 18 19:32:45 CEST 2012
well, it seems this error has something to do with the flags of the
authentication subkey.
if the subkey is marked for authentication and signing
gnutls_certificate_set_openpgp_key() will report an internal error. if the
subkey is not marked for signing the function reports success. the encryption
flags doesn't seem to matter.
regards
joke
On Tuesday 18 September 2012 11:34:18 you wrote:
> hi,
>
> i'm using GnuTLS version 3.1.1.
>
> there seems to be a problem within gnutls_certificate_set_openpgp_key().
>
> gnutls_certificate_set_openpgp_key() uses gnutls_privkey_import_openpgp()
> (flag GNUTLS_PRIVKEY_IMPORT_COPY) to obtain a copy of the passed private
> key. copying is done calling _gnutls_openpgp_privkey_cpy() with in turn
> calls gnutls_openpgp_privkey_export() and gnutls_openpgp_privkey_import().
>
> during this copying procedure the key somehow gets messed up and
> gnutls_openpgp_privkey_import() returns GNUTLS_E_INTERNAL_ERROR.
>
> importing the private key with gnutls_openpgp_privkey_import() in the first
> place to pass the parameter to gnutls_certificate_set_openpgp_key() worked
> without problem. the pgp-key contains a master-key with flags SCE and a
> single subkey with flags SEA. using a pgp-key with just a master-key seems
> to work by the way.
>
> if needed i'm can provide a test program and the gpg-key.
>
>
> regards
> Joke
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 729 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120918/b68f2092/attachment.pgp>
More information about the Gnutls-help
mailing list