Bug 448723 - Error while importing certificate
Summary: Error while importing certificate
Status: RESOLVED DOWNSTREAM
Alias: None
Product: kleopatra
Classification: Applications
Component: general (show other bugs)
Version: 3.1.16.210840
Platform: Ubuntu Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: Andre Heinecke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-01-18 15:28 UTC by Matteo Corti
Modified: 2022-02-09 18:04 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matteo Corti 2022-01-18 15:28:24 UTC
SUMMARY

Cannot import certificates from QuoVadis

STEPS TO REPRODUCE
1.  Import
2. Choose Certificate

OBSERVED RESULT

Certificate Import failed

An error occurred while trying to import the certificate /path/Email_test-kleopatra_20220118.pfx

EXPECTED RESULT

Certificate imported

SOFTWARE/OS VERSIONS

Ubuntu 21.10

ADDITIONAL INFORMATION

Output of gpgsm --import

gpgsm: decryption failed; trying charset 'ISO-8859-1'
gpgsm: decryption failed; trying charset 'ISO-8859-15'
gpgsm: decryption failed; trying charset 'ISO-8859-2'
gpgsm: decryption failed; trying charset 'ISO-8859-3'
gpgsm: decryption failed; trying charset 'ISO-8859-4'
gpgsm: decryption failed; trying charset 'ISO-8859-5'
gpgsm: decryption failed; trying charset 'ISO-8859-6'
gpgsm: decryption failed; trying charset 'ISO-8859-7'
gpgsm: decryption failed; trying charset 'ISO-8859-8'
gpgsm: decryption failed; trying charset 'ISO-8859-9'
gpgsm: decryption failed; trying charset 'KOI8-R'
gpgsm: decryption failed; trying charset 'IBM437'
gpgsm: decryption failed; trying charset 'IBM850'
gpgsm: decryption failed; trying charset 'EUC-JP'
gpgsm: decryption failed; trying charset 'BIG5'
gpgsm: encryptedData error at "outer.outer.seq", offset 0
gpgsm: possibly bad passphrase given
gpgsm: error at "bag.encryptedData", offset 1494
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 0

openssl pkcs12 -in ./file.pfx works without problems

Enter Import Password:
Bag Attributes
    localKeyID: 32 6E 6C 42 70 51 C2 48 1B 69 38 82 53 CD 38 85 64 80 8E 1D 
    friendlyName: Wolfgang Sichler-8020-20220118-125711
Key Attributes: <No Attributes>
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFFDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIgy7yNDHfXUACAggA
[...]
JMnWzFqpJHO0tPWtjwvCv43VymOvehjvipgM6Bff+ChuSbwbhg7ZfnGE2tc6JoSj
y9qsLi3h1lQ=
-----END ENCRYPTED PRIVATE KEY-----
Bag Attributes
    localKeyID: 32 6E 6C 42 70 51 C2 48 1B 69 38 82 53 CD 38 85 64 80 8E 1D 
    friendlyName: Wolfgang Sichler-8020-20220118-125711
subject=C = CH, ST = Zurich, L = Zurich, O = ETH Zurich, CN = Wolfgang Sichler

issuer=C = CH, O = QuoVadis Trustlink Schweiz AG, CN = QuoVadis Swiss Advanced CA G4

-----BEGIN CERTIFICATE-----
MIIGCDCCA/CgAwIBAgIUPqzcPzqgNqmItYw0Bt9awLSCVtMwDQYJKoZIhvcNAQEL
BQAwXTELMAkGA1UEBhMCQ0gxJjAkBgNVBAoMHVF1b1ZhZGlzIFRydXN0bGluayBT
Y2h3ZWl6IEFHMSYwJAYDVQQDDB1RdW9WYWRpcyBTd2lzcyBBZHZhbmNlZCBDQSBH
[...]
X3I3TtPPUNubeWCF0K0F079WsE6d2QTmfacQKb+bFhWckWOTchiNIQ//TB1hyhLO
P1t6ei1IJZ080JOf
-----END CERTIFICATE-----
Comment 1 Ingo Klöcker 2022-02-09 18:04:42 UTC
If gpgsm already fails to import the certificate, then there's little that Kleopatra can do about this since it relies on gpgsm. Please submit a bug report for gpgsm at https://dev.gnupg.org.