Re: [gnutls-dev] unencrypted PKCS#12

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] unencrypted PKCS#12

From:	Joe Orton
Subject:	Re: [gnutls-dev] unencrypted PKCS#12
Date:	Wed, 27 Oct 2004 08:04:37 +0100
User-agent:	Mutt/1.4.1i

On Wed, Oct 27, 2004 at 08:07:22AM +0200, Nikos Mavrogiannopoulos wrote:
> On Tuesday 19 October 2004 00:21, Aleix Conchillo Flaque wrote:
> > Hi,
> >
> > I'm playing around opening some PKCS#12 files and I've found something
> > curious. When PKCS#12s are not encrypted:
> >
> > - gnutls_pkcs12_bag_decrypt(bag, "") works, but if I pass a NULL I get
> >   a segmentation fault.
> I think I fixed that. Now it should return an error.
> 
> > - gnutls_x509_privkey_import_pkcs8(key, &key_data, GNUTLS_X509_FMT_DER,
> >                                    NULL, 0)
> >   here if I pass an empty password "" instead of NULL I get an
> >   GNUTLS_E_MPI_SCAN_FAILED error (The scanning of a large integer has
> >   failed).
> This is not really a bug. You cannot use empty passwords. Use the flag 
> GNUTLS_PKCS_PLAIN or a NULL password instead, if you want to disable 
> encryption.

This has broken neon again!  The unclient.p12 certificate isn't readable
again now.  We had this working OK in neon with the old GNU TLS code.

joe

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [gnutls-dev] unencrypted PKCS#12, (continued)
- Re: [gnutls-dev] unencrypted PKCS#12, Nikos Mavrogiannopoulos, 2004/10/27
  - Re: [gnutls-dev] unencrypted PKCS#12, Joe Orton <=
    - Re: [gnutls-dev] unencrypted PKCS#12, Nikos Mavrogiannopoulos, 2004/10/27
    - Re: [gnutls-dev] unencrypted PKCS#12, Joe Orton, 2004/10/27

Prev by Date: Re: [gnutls-dev] unencrypted PKCS#12
Next by Date: Re: [gnutls-dev] unencrypted PKCS#12
Previous by thread: Re: [gnutls-dev] unencrypted PKCS#12
Next by thread: Re: [gnutls-dev] unencrypted PKCS#12
Index(es):
- Date
- Thread