desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #86862
[Bug 1400192] [NEW] Gnome GCR won't unlock p12 certificate with password length > 31 characters
Public bug reported:
I am unable to import a p12 s/mime certificate using gcr if the
certificate is encrypted with a password containing 32 or more
characters. When trying to unlock the certificate, gcr responds as if
the password entered was incorrect.
I imagine somewhere a 32-byte variable is being used for the password
string, but that is just a guess.
Process to reproduce:
Export a certificate from Firefox/Thunderbird (or generate your own).
Encrypt it with the password '1234567890123456789012345678901' (31 characters).
Open with gcr and unlock successfully.
Export the same certificate.
Encrypt it with the password '12345678901234567890123456789012' (32 characters).
Open with gcr and unlock. Password is rejected.
1.
Description: Linux Mint 17 Qiana
Release: 17
2.
gcr:
Installed: 3.10.1-1
Candidate: 3.10.1-1
Version table:
*** 3.10.1-1 0
500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
100 /var/lib/dpkg/status
3. I expected the 30, 31, 32, 33, 35, and 40 length passwords to be
accepted and the certificate to be imported.
4. Only the certificates with password lengths of 31 characters or fewer
were unlocked and imported . Certificates with 32 characters or more
resulted in the error message "The password was incorrect" when trying
to unlock, even though the password was, in fact, correct.
** Affects: gcr (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gcr in Ubuntu.
https://bugs.launchpad.net/bugs/1400192
Title:
Gnome GCR won't unlock p12 certificate with password length > 31
characters
Status in gcr package in Ubuntu:
New
Bug description:
I am unable to import a p12 s/mime certificate using gcr if the
certificate is encrypted with a password containing 32 or more
characters. When trying to unlock the certificate, gcr responds as if
the password entered was incorrect.
I imagine somewhere a 32-byte variable is being used for the password
string, but that is just a guess.
Process to reproduce:
Export a certificate from Firefox/Thunderbird (or generate your own).
Encrypt it with the password '1234567890123456789012345678901' (31 characters).
Open with gcr and unlock successfully.
Export the same certificate.
Encrypt it with the password '12345678901234567890123456789012' (32 characters).
Open with gcr and unlock. Password is rejected.
1.
Description: Linux Mint 17 Qiana
Release: 17
2.
gcr:
Installed: 3.10.1-1
Candidate: 3.10.1-1
Version table:
*** 3.10.1-1 0
500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
100 /var/lib/dpkg/status
3. I expected the 30, 31, 32, 33, 35, and 40 length passwords to be
accepted and the certificate to be imported.
4. Only the certificates with password lengths of 31 characters or
fewer were unlocked and imported . Certificates with 32 characters or
more resulted in the error message "The password was incorrect" when
trying to unlock, even though the password was, in fact, correct.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcr/+bug/1400192/+subscriptions
Follow ups
References