Open kugelman opened 3 years ago
Retried with open YubiKey\ Manager.app --args --log-level debug --log-file ~/out.txt
and got this in the logs --
Traceback (most recent call last):
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/ykman/util.py", line 110, in parse_private_key
return serialization.load_pem_private_key(
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 20, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1217, in load_pem_private_key
return self._load_key(
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1448, in _load_key
self._handle_key_loading_error()
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1490, in _handle_key_loading_error
raise ValueError(
ValueError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "qrc:///py/yubikey.py", line 68, in wrapped
return f(*args, **kwargs)
File "qrc:///py/yubikey.py", line 693, in piv_import_file
private_key = parse_private_key(data, password)
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/ykman/util.py", line 115, in parse_private_key
raise InvalidPasswordError(e)
ykman.util.InvalidPasswordError: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm.```
Hi, Thanks for the report. We have a fix for this in the main branch, however it has not been released yet. We are aiming to have the next release out in a month or two. In the meantime the workaround is to use the cli, as you have done already.
@kugelman There is a new version out, 1.2.4. Could you check if that has solved this problem?
Steps to reproduce
[Please explain what you did when the bug appeared, and if and how you have been able to reproduce it.]
Expected result
[What did you expect to happen when you did the above?] Certificate import succeeds and is displayed in Yubikey Manager GUI under authentication slot 9a.
Actual results and logs
[What actually happened?] Receive error in GUI "Unknown error: Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm".
Meanwhile, I tried to do the same operation via CLI (
ykman piv certificates import 9a ~/Downloads/cert.pem
), and it succeeded. When I quit and restart Yubikey Manager the certificate appears in the GUI as expected.Other info
[Anything else you would like to add?]