Ubuntu
gnupg2 package

gpg-protect-tool fails to decrypt PKCS-12 files

Bug #19333 reported by Stefan Hinker
10
Affects Status Importance Assigned to Milestone
KDE PIM
Fix Released
Unknown
gnupg2 (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Package: gnupg2
Version: 1.9.15-3ubuntu5
Severity: important
Tags: patch

This bug has also been logged with the debian bugtracking system.

pgp-protect-tool is not able to decrypt PKCS-12 files. Therefore,
you can not use gpgsm to import and use your own certificates.
Here's an example:

/usr/lib/gnupg2/gpg-protect-tool --p12-import certs.p12
gpg-protect-tool: error at "bags", offset 24
gpg-protect-tool: error parsing or decrypting the PKCS-12 file

This was already reported at:
http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025414.html
with a patch described here:
http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025491.html

Thanks for fixing this!

Stefan

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.10-5-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages gnupg2 depends on:
ii libc6 2.3.2.ds1-20ubuntu13 GNU C Library: Shared libraries
an
ii libgcrypt11 1.2.0-11 LGPL Crypto library - runtime
libr
ii libgpg-error0 1.0-1 library for common error values
an
ii libksba8 0.9.9-2 X.509 and CMS support library
ii makedev 2.3.1-75ubuntu1 Creates device files in /dev
ii zlib1g 1:1.2.2-4ubuntu1 compression library - runtime

See original description
Revision history for this message
Stefan Hinker (stefan-hinker) wrote :

Package: gnupg2
Version: 1.9.15-3ubuntu5
Severity: important
Tags: patch

This bug has also been logged with the debian bugtracking system.

pgp-protect-tool is not able to decrypt PKCS-12 files. Therefore,
you can not use gpgsm to import and use your own certificates.
Here's an example:

/usr/lib/gnupg2/gpg-protect-tool --p12-import certs.p12
gpg-protect-tool: error at "bags", offset 24
gpg-protect-tool: error parsing or decrypting the PKCS-12 file

This was already reported at:
http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025414.html
with a patch described here:
http://lists.gnupg.org/pipermail/gnupg-users/2005-April/025491.html

Thanks for fixing this!

Stefan

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.10-5-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages gnupg2 depends on:
ii libc6 2.3.2.ds1-20ubuntu13 GNU C Library: Shared libraries
an
ii libgcrypt11 1.2.0-11 LGPL Crypto library - runtime
libr
ii libgpg-error0 1.0-1 library for common error values
an
ii libksba8 0.9.9-2 X.509 and CMS support library
ii makedev 2.3.1-75ubuntu1 Creates device files in /dev
ii zlib1g 1:1.2.2-4ubuntu1 compression library - runtime

Revision history for this message
Stefan Hinker (stefan-hinker) wrote :

This bug is logged in the Debian Bug report logs as bugID #320490

Revision history for this message
In , Rudolf Lohner (rudolf-lohner) wrote : gnupg2: fails to decrypt PKCS-12 also with Debian version 1.9.15-6

Package: gnupg2
Version: 1.9.15-6
Followup-For: Bug #320490

Same error happens with latest Debian gnupg2 version 1.9.15-6/unstable

Rudolf

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-686
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15) (ignored: LC_ALL set to de_DE@euro)

Versions of packages gnupg2 depends on:
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libgcrypt11 1.2.1-4 LGPL Crypto library - runtime libr
ii libgpg-error0 1.1-4 library for common error values an
ii libksba8 0.9.9-2 X.509 and CMS support library
ii makedev 2.3.1-78 creates device files in /dev
ii zlib1g 1:1.2.3-1 compression library - runtime

gnupg2 recommends no packages.

-- no debconf information

Revision history for this message
In , Matthias Urlichs (smurf) wrote : Re: Bug#320490: gnupg2: fails to decrypt PKCS-12 also with Debian version 1.9.15-6

Hi,

Rudolf Lohner:
> Package: gnupg2
> Version: 1.9.15-6
> Followup-For: Bug #320490
>
> Same error happens with latest Debian gnupg2 version 1.9.15-6/unstable
>
 Current upstream versions of the gnupg2 source default to not actually
building gnupg2 itself, just all the support stuff. (It FTBFSes if you
try.)

It's recommended to use gnupg 1.4 instead, for the time being.

--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | <email address hidden>
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
 - -
One of the joys of travel is visiting new towns and meeting new people.
     -- G. Khan

Revision history for this message
In , Peter Eisentraut (petere) wrote : Re: Bug#320490: gnupg2: gpg-protect-tool fails to decrypt PKCS-12 files

tags 320490 + upstream fixed-upstream
stop

FWIW, this is fixed in the 1.9.18 release.

Revision history for this message
In , Matthias Urlichs (smurf) wrote : Bug#320490: fixed in gnupg2 1.9.20-1

Source: gnupg2
Source-Version: 1.9.20-1

We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive:

gnupg-agent_1.9.20-1_i386.deb
  to pool/main/g/gnupg2/gnupg-agent_1.9.20-1_i386.deb
gnupg2_1.9.20-1.diff.gz
  to pool/main/g/gnupg2/gnupg2_1.9.20-1.diff.gz
gnupg2_1.9.20-1.dsc
  to pool/main/g/gnupg2/gnupg2_1.9.20-1.dsc
gnupg2_1.9.20-1_i386.deb
  to pool/main/g/gnupg2/gnupg2_1.9.20-1_i386.deb
gnupg2_1.9.20.orig.tar.gz
  to pool/main/g/gnupg2/gnupg2_1.9.20.orig.tar.gz
gpgsm_1.9.20-1_i386.deb
  to pool/main/g/gnupg2/gpgsm_1.9.20-1_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Urlichs <email address hidden> (supplier of updated gnupg2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Changed-By: Matthias Urlichs <email address hidden>
Date: Tue, 24 Jan 2006 04:31:42 +0100
Version: 1.9.20-1
Distribution: unstable
Source: gnupg2
Urgency: low
Maintainer: Matthias Urlichs <email address hidden>
Binary: gnupg-agent gnupg2 gpgsm
Architecture: i386 source
Closes: 306890 320490 344530 348106
Changes:
 gnupg2 (1.9.20-1) unstable; urgency=low
 .
   * New Upstream version. Closes:#306890,#344530
     * Closes:#320490: gpg-protect-tool fails to decrypt PKCS-12 files
   * Depend on libopensc2-dev, not -1-. Closes:#348106
Description:
 gpgsm - GNU privacy guard - S/MIME version
 gnupg-agent - GNU privacy guard - password agent
 gnupg2 - GNU privacy guard - a free PGP replacement
Files:
 4e8c4c92a40098b2c538c00321e7a5fc 292810 utils optional gpgsm_1.9.20-1_i386.deb
 82d9644f442f80332b48edfff72e7a8c 170360 utils optional gnupg-agent_1.9.20-1_i386.deb
 4b0961729f1cc28355567bf3d98fb8d3 285157 utils optional gnupg2_1.9.20-1.diff.gz
 f69839e9dca78dc3d413c31a6cdf9d2f 846 utils optional gnupg2_1.9.20-1.dsc
 a9e45edba9c08c80c960e55c9f7248d7 5410041 utils optional gnupg2_1.9.20.orig.tar.gz
 7c5922d824fb3413d6e77b3c3115155c 758584 utils extra gnupg2_1.9.20-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFD47Tl8+hUANcKr/kRAkAsAJ4u2l7v5vF50xLLqSlccuxJNODP6ACfW5ll
5IIj4Qatjo8/e6mTxj+uXCY=
=y+/D
-----END PGP SIGNATURE-----

Revision history for this message
Dukai Gábor (gdukai) wrote :

It also affects version 1.9.19-2

Revision history for this message
Stefan Hinker (stefan-hinker) wrote :

It is fixed in version 1.9.20-1
This version is currently in the testing distribution of debian.
Ubuntu dapper comes with 1.9.19...

Revision history for this message
Dukai Gábor (gdukai) wrote :

It means that Kubuntu has no e-mail client with S/MIME support at it will stay so until the next release... weird.

Revision history for this message
Paul Dufresne (paulduf) wrote :

Confirming on the fact that Debian have released a fix.

Changed in gnupg2:
status: Unconfirmed → Confirmed
Revision history for this message
Andrew Starr-Bochicchio (andrewsomething) wrote :

I'm marking this old one fix released as the reporter mentioned that this is fixed in version 1.9.20-1, as of Hardy Alpha 4 we're at version 2.0.7-1 If you feel that this is being done by mistake, please feel free to reopen.

Changed in gnupg2:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.