Open pboguslawski opened 2 months ago
PKCS #12 file generated with code from https://github.com/PeculiarVentures/PKI.js/issues/403 and password with UTF-8 chars i.e. żółw cannot be opened in openssl...
żółw
$ openssl version OpenSSL 3.0.11 19 Sep 2023 (Library: OpenSSL 3.0.11 19 Sep 2023) $ openssl pkcs12 -info -in test.p12 Enter Import Password: // correct password "źółw" is typed MAC: sha256, Iteration 600000 MAC length: 32, salt length: 64 Warning: using broken algorithm PKCS7 Encrypted data: PBES2, PBKDF2, AES-256-CBC, Iteration 600000, PRF hmacWithSHA256 Error outputting keys and certificates 40E7243F357F0000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:../providers/implementations/ciphers/ciphercommon_block.c:124: 40E7243F357F0000:error:11800074:PKCS12 routines:PKCS12_pbe_crypt_ex:pkcs12 cipherfinal error:../crypto/pkcs12/p12_decr.c:86:maybe wrong password $ openssl pkcs12 -info -in test.p12 Enter Import Password: // incorrect password "bad" is typed MAC: sha256, Iteration 600000 MAC length: 32, salt length: 64 Mac verify error: invalid password?
...nor imported to Firefox:
Failed to decode the file. Either it is not in PKCS #12 format, has been corrupted, or the password you entered was incorrect.
No such problem when password contains ASCII chars only i.e. zolw123!@#.
zolw123!@#
PKCS #12 file generated with code from https://github.com/PeculiarVentures/PKI.js/issues/403 and password with UTF-8 chars i.e.
żółw
cannot be opened in openssl......nor imported to Firefox:
No such problem when password contains ASCII chars only i.e.
zolw123!@#
.