Mailinglist Archive: opensuse-de (2217 mails)
| < Previous | Next > |
Re: Verständnisfrage zu S/MIME Signaturen
- From: Sascha Manns <samannsml@xxxxxxxxxxxxx>
- Date: Thu, 6 Oct 2005 17:35:56 +0200
- Message-id: <200510061736.00010@xxxxxxxxxxxxxxxxxxxxx>
Saluti,
ein Teil des Problems hat sich gelöst. Beim exportieren des Zertifikats, wurde
die p12 Datei mit SSL verschlüsselt.
So habe ich die P12 Datei mit den folgenden Befehlen weiterverarbeitet:
Bash$ openssl pkcs12 –in meinzertifikat.p12 –out meinzertifikat.pem –nodes
Bash$ openssl pkcs12 –in meinzertifikat.pem –export –out meinschlüssel.p12
-nocerts -nodes
Und installieren wollte ich sie mit:
Bash$ gpgsm -–call-protect-tool -–p12-import -–store meinschlüssel.p12
Auf der Konsole gab er mir folgende Meldung:
gpg-protect-tool: encryptedData error at "bag.attributes", offset 1080
gpg-protect-tool: error at "bag.encryptedData", offset 49
gpg-protect-tool: error parsing or decrypting the PKCS-12 file
Und als ich es via Kleopatra installieren wollte, spuckte das Logfile auch
umfangreiche Infos aus:
[client at fd 4 connected]
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> Home: ~/.gnupg
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: ->
Config: /home/illuminatus/.gnupg/gpgsm.conf
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: ->
AgentInfo: /tmp/gpg-KZ35Cr/S.gpg-agent:6778:1
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> DirmngrInfo: [not
set]
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> GNU Privacy Guard's
S/M server 1.9.14 ready
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION display=:0.0
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION
lc-ctype=de_DE@euro
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION
lc-messages=de_DE@euro
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- INPUT FD=17
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- IMPORT
4 - 2005-10-06 17:09:56 gpgsm[19972]: error writing to
`/home/illuminatus/.gnupg/log-socket': Ungültiger Dateideskriptor
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: 1088 bytes of RC2
encrypted text
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: encryptedData error
at "bag.attributes", offset 1080
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: error at
"bag.encryptedData", offset 49
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: error parsing or
decrypting the PKCS-12 file
4 - 2005-10-06 17:09:56 gpgsm[19972]: error running
`/usr/lib/gpg-protect-tool': exit status 2
4 - 2005-10-06 17:09:56 gpgsm[19972]: gesamte verarbeitete Anzahl: 0
4 - 2005-10-06 17:09:56 gpgsm[19972.0x807e8c0] DBG: -> S IMPORT_RES 0 0 0 0
0 0 0 0 0 0 0 0 0 0
4 - 2005-10-06 17:09:56 gpgsm[19972.0x807e8c0] DBG: -> ERR 50331800 Enschl
üsselung fehlgeschlagen
[client at fd 5 connected]
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> Home: ~/.gnupg
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: ->
Config: /home/illuminatus/.gnupg/gpgsm.conf
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: ->
AgentInfo: /tmp/gpg-KZ35Cr/S.gpg-agent:6778:1
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> DirmngrInfo: [not
set]
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> GNU Privacy Guard's
S/M server 1.9.14 ready
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: <- OPTION display=:0.0
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
lc-ctype=de_DE@euro
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
lc-messages=de_DE@euro
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION list-mode=1
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
with-validation=0
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:59 gpgsm[19972.0x807e8c0] DBG: <- [EOF]
[client at fd 4 disconnected]
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: <- LISTKEYS
5 - 2005-10-06 17:09:59 gpgsm[19977]: DBG: connection to agent established
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: -> D
crt:e:1024:1:C7A969E8A37AEB70:20040816T125112:20050826T125112:00FB310000000270C3929A7F9E7F35::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 3 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::8E87C2468E464B8CD40778F5C7A969E8A37AEB70::::
%0Auid:e::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,CN=TC
TrustCenter Communication Key,O=TC TrustCenter AG,L=Hamburg,ST=Hamburg,C=DE::
%0Acrt::1024:1:0986456B5CEF3AF5:20050308T141958:20060308T141958:00F0A1000000021A23462817C0FE9C::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::B2177C4D376FE392CB7F4C7B0986456B5CEF3AF5:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:::::::::1.2.840.113549.1.9.1=#67726F746A61686E4074656C6576657273612D6F6E6C696E652E6465,CN=H
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: -> D ans-Joerg
Grotjahn,C=DE::
%0Acrt:n:1024:1:3CDD78D31EF5A8DA:19980309T115959:20110101T115959:03E9::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::scSC:
%0Afpr:::::::::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:n::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::
%0Acrt::1024:1:09B1B4A3A8897D8E:20050602T125730:20060602T125730:00D8430001000271BBF5A3B2D3CF99::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::69B4DCB7955C5027C8B336ED09B1B4A3A8897D8E:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:::::::::1.2.840.113549.1
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: ->
D .9.1=#6D61726B75732E736569646C406C6F6769632D7468756E6465722E6465,CN=Helmut
Markus Seidl,C=DE::
%0Acrt::2048:1:6E5A2FB9FCC4A9E6:20050316T120246:20060316T120246:00FDB5::1.2.840.113549.1.9.1=#737570706F7274406361636572742E6F7267,CN=CA
Cert Signing Authority,OU=http\x3a//www.cacert.org,O=Root CA::escESC:
%0Afpr:::::::::3D034197CDF765F3144492126E5A2FB9FCC4A9E6::::
%0Auid:::::::::1.2.840.113549.1.9.1=#6D6172632E64696574726963684061702E70687973696B2E756E692D6769657373656E2E6465,CN=Marc
Dietrich::%0Auid:::::::::::
%0Acrt::1024:1:74AF65824EBA6916:20050719T063930:20060826T063930:00EC45000100027A66DA29920CA498::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 3 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::189BF40407396576CA9E60BB74AF65824EBA6916::::
%0Auid:::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,CN=TC
TrustCent
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: -> D er Communication
Key,O=TC TrustCenter AG,L=Hamburg,ST=Hamburg,C=DE::%0A
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: <- [EOF]
Weiß jemand Rat?
--
++++++ Sincerely yours +++++
Sascha Manns
ORIGIN: "So wie es selten Komplimente gibt, ohne alle Lügen, so
finden sich auch selten Grobheiten ohne alle Wahrheiten.."
--- Lessing
ein Teil des Problems hat sich gelöst. Beim exportieren des Zertifikats, wurde
die p12 Datei mit SSL verschlüsselt.
So habe ich die P12 Datei mit den folgenden Befehlen weiterverarbeitet:
Bash$ openssl pkcs12 –in meinzertifikat.p12 –out meinzertifikat.pem –nodes
Bash$ openssl pkcs12 –in meinzertifikat.pem –export –out meinschlüssel.p12
-nocerts -nodes
Und installieren wollte ich sie mit:
Bash$ gpgsm -–call-protect-tool -–p12-import -–store meinschlüssel.p12
Auf der Konsole gab er mir folgende Meldung:
gpg-protect-tool: encryptedData error at "bag.attributes", offset 1080
gpg-protect-tool: error at "bag.encryptedData", offset 49
gpg-protect-tool: error parsing or decrypting the PKCS-12 file
Und als ich es via Kleopatra installieren wollte, spuckte das Logfile auch
umfangreiche Infos aus:
[client at fd 4 connected]
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> Home: ~/.gnupg
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: ->
Config: /home/illuminatus/.gnupg/gpgsm.conf
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: ->
AgentInfo: /tmp/gpg-KZ35Cr/S.gpg-agent:6778:1
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> DirmngrInfo: [not
set]
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> GNU Privacy Guard's
S/M server 1.9.14 ready
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION display=:0.0
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION
lc-ctype=de_DE@euro
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- OPTION
lc-messages=de_DE@euro
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- INPUT FD=17
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:50 gpgsm[19972.0x807e8c0] DBG: <- IMPORT
4 - 2005-10-06 17:09:56 gpgsm[19972]: error writing to
`/home/illuminatus/.gnupg/log-socket': Ungültiger Dateideskriptor
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: 1088 bytes of RC2
encrypted text
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: encryptedData error
at "bag.attributes", offset 1080
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: error at
"bag.encryptedData", offset 49
4 - 2005-10-06 17:09:56 gpgsm[19972]: gpg-protect-tool: error parsing or
decrypting the PKCS-12 file
4 - 2005-10-06 17:09:56 gpgsm[19972]: error running
`/usr/lib/gpg-protect-tool': exit status 2
4 - 2005-10-06 17:09:56 gpgsm[19972]: gesamte verarbeitete Anzahl: 0
4 - 2005-10-06 17:09:56 gpgsm[19972.0x807e8c0] DBG: -> S IMPORT_RES 0 0 0 0
0 0 0 0 0 0 0 0 0 0
4 - 2005-10-06 17:09:56 gpgsm[19972.0x807e8c0] DBG: -> ERR 50331800 Enschl
üsselung fehlgeschlagen
[client at fd 5 connected]
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> Home: ~/.gnupg
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: ->
Config: /home/illuminatus/.gnupg/gpgsm.conf
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: ->
AgentInfo: /tmp/gpg-KZ35Cr/S.gpg-agent:6778:1
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> DirmngrInfo: [not
set]
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> GNU Privacy Guard's
S/M server 1.9.14 ready
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: <- OPTION display=:0.0
5 - 2005-10-06 17:09:57 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
lc-ctype=de_DE@euro
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
lc-messages=de_DE@euro
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION list-mode=1
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: <- OPTION
with-validation=0
5 - 2005-10-06 17:09:58 gpgsm[19977.0x807e8c0] DBG: -> OK
4 - 2005-10-06 17:09:59 gpgsm[19972.0x807e8c0] DBG: <- [EOF]
[client at fd 4 disconnected]
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: <- LISTKEYS
5 - 2005-10-06 17:09:59 gpgsm[19977]: DBG: connection to agent established
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: -> D
crt:e:1024:1:C7A969E8A37AEB70:20040816T125112:20050826T125112:00FB310000000270C3929A7F9E7F35::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 3 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::8E87C2468E464B8CD40778F5C7A969E8A37AEB70::::
%0Auid:e::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,CN=TC
TrustCenter Communication Key,O=TC TrustCenter AG,L=Hamburg,ST=Hamburg,C=DE::
%0Acrt::1024:1:0986456B5CEF3AF5:20050308T141958:20060308T141958:00F0A1000000021A23462817C0FE9C::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::B2177C4D376FE392CB7F4C7B0986456B5CEF3AF5:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:::::::::1.2.840.113549.1.9.1=#67726F746A61686E4074656C6576657273612D6F6E6C696E652E6465,CN=H
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: -> D ans-Joerg
Grotjahn,C=DE::
%0Acrt:n:1024:1:3CDD78D31EF5A8DA:19980309T115959:20110101T115959:03E9::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::scSC:
%0Afpr:::::::::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:n::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::
%0Acrt::1024:1:09B1B4A3A8897D8E:20050602T125730:20060602T125730:00D8430001000271BBF5A3B2D3CF99::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 1 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::69B4DCB7955C5027C8B336ED09B1B4A3A8897D8E:::720FC15DDC27D456D098FABF3CDD78D31EF5A8DA:
%0Auid:::::::::1.2.840.113549.1
5 - 2005-10-06 17:09:59 gpgsm[19977.0x807e8c0] DBG: ->
D .9.1=#6D61726B75732E736569646C406C6F6769632D7468756E6465722E6465,CN=Helmut
Markus Seidl,C=DE::
%0Acrt::2048:1:6E5A2FB9FCC4A9E6:20050316T120246:20060316T120246:00FDB5::1.2.840.113549.1.9.1=#737570706F7274406361636572742E6F7267,CN=CA
Cert Signing Authority,OU=http\x3a//www.cacert.org,O=Root CA::escESC:
%0Afpr:::::::::3D034197CDF765F3144492126E5A2FB9FCC4A9E6::::
%0Auid:::::::::1.2.840.113549.1.9.1=#6D6172632E64696574726963684061702E70687973696B2E756E692D6769657373656E2E6465,CN=Marc
Dietrich::%0Auid:::::::::::
%0Acrt::1024:1:74AF65824EBA6916:20050719T063930:20060826T063930:00EC45000100027A66DA29920CA498::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,OU=TC
TrustCenter Class 3 CA,O=TC TrustCenter for Security in Data Networks
GmbH,L=Hamburg,ST=Hamburg,C=DE::esES:
%0Afpr:::::::::189BF40407396576CA9E60BB74AF65824EBA6916::::
%0Auid:::::::::1.2.840.113549.1.9.1=#636572746966696361746540747275737463656E7465722E6465,CN=TC
TrustCent
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: -> D er Communication
Key,O=TC TrustCenter AG,L=Hamburg,ST=Hamburg,C=DE::%0A
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: -> OK
5 - 2005-10-06 17:10:00 gpgsm[19977.0x807e8c0] DBG: <- [EOF]
Weiß jemand Rat?
--
++++++ Sincerely yours +++++
Sascha Manns
ORIGIN: "So wie es selten Komplimente gibt, ohne alle Lügen, so
finden sich auch selten Grobheiten ohne alle Wahrheiten.."
--- Lessing
| < Previous | Next > |