[gnutls-devel] GnuTLS | PKCS 12 generation wraps authSafe field in one layer of OCTET STRING instead of two (#1259)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Aug 5 15:48:10 CEST 2021




Daniel Kahn Gillmor commented:


I'm no longer convinced that this single layer of OCTET STRING is the cause of the interop failure, sorry.  i've found other PKCS#12 objects that only have a single layer of OCTET STRING that *are* importable by Keychain Access, like [bob.openssl.p12](/uploads/35e2f62007c519911e0a7b5091114257/bob.openssl.p12), which was generated by:

    openssl pkcs12 -export -name bob -passout pass:bob \
                  -inkey bob.sign.key -in bob.sign.crt \
                  -certfile ca.rsa.cross.crt -out bob.openssl.p12

So there is something else that differs that i don't understand.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1259#note_644134451
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210805/629ac161/attachment.html>


More information about the Gnutls-devel mailing list