On Tue, Feb 5, 2013 at 8:43 PM, Yan Fiz <[email protected]> wrote:
> Hello,
>
> I tried to generate a self signed certificate with an encrypted private key.
> GnuTLS 3.0.22 is OK, but GnuTLS 3.1.7 gives error with the same commands.
Thank you for the bug report. Could you check if the attached patch
solves the issue?
regards,
Nikos
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 7b31821..586dc09 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -642,10 +642,10 @@ gnutls_x509_privkey_import2 (gnutls_x509_privkey_t key,
if ((password != NULL || (flags & GNUTLS_PKCS_NULL_PASSWORD)) || ret < 0)
{
ret = gnutls_x509_privkey_import_pkcs8(key, data, format, password,
flags);
- if (ret < 0)
+ if (ret < 0 && ret != GNUTLS_E_DECRYPTION_FAILED)
{
ret = import_pkcs12_privkey(key, data, format, password, flags);
- if (ret < 0 && format == GNUTLS_X509_FMT_PEM)
+ if (ret < 0 && ret != GNUTLS_E_DECRYPTION_FAILED && format ==
GNUTLS_X509_FMT_PEM)
{
int err;
err = gnutls_x509_privkey_import_openssl(key, data, password);
_______________________________________________
Gnutls-help mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-help
