Comments (4)
$ openssl asn1parse -inform DER -offset 30 -in expired-certificate.pfx
0:d=0 hl=4 l=1712 cons: SEQUENCE
4:d=1 hl=4 l= 943 cons: SEQUENCE
8:d=2 hl=2 l= 9 prim: OBJECT :pkcs7-encryptedData
19:d=2 hl=4 l= 928 cons: cont [ 0 ]
23:d=3 hl=4 l= 924 cons: SEQUENCE
27:d=4 hl=2 l= 1 prim: INTEGER :00
30:d=4 hl=4 l= 917 cons: SEQUENCE
34:d=5 hl=2 l= 9 prim: OBJECT :pkcs7-data
45:d=5 hl=2 l= 28 cons: SEQUENCE
47:d=6 hl=2 l= 10 prim: OBJECT :pbeWithSHA1And40BitRC2-CBC
59:d=6 hl=2 l= 14 cons: SEQUENCE
61:d=7 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:9EA1631619B43919
71:d=7 hl=2 l= 2 prim: INTEGER :0800
75:d=5 hl=4 l= 872 prim: cont [ 0 ]
951:d=1 hl=4 l= 761 cons: SEQUENCE
955:d=2 hl=2 l= 9 prim: OBJECT :pkcs7-data
966:d=2 hl=4 l= 746 cons: cont [ 0 ]
[...]
:pbeWithSHA1And40BitRC2-CBC
This is the problem (cf. #500). RC2 belongs to the legacy
provider in OpenSSL >= 3.0, which is not enabled by default. openssl pkcs12
will also refuse to load this file without the -provider default -provider legacy
options.
#635 will allow loading providers explicitly with:
OpenSSL::Provider.load("default")
OpenSSL::Provider.load("legacy")
certificate = OpenSSL::PKCS12.new(file, '123456')
[...]
from openssl.
On Ruby 3.2.2
the error persists...
=> (irb):3:in `initialize': PKCS12_parse: unsupported (OpenSSL::PKCS12::PKCS12Error)
from openssl.
I have the same problem:
rails c
Loading development environment (Rails 7.0.4.2)
irb(main):001:0> require 'openssl'
=> false
irb(main):002:0> OpenSSL::OPENSSL_LIBRARY_VERSION
=> "OpenSSL 3.1.0 14 Mar 2023"
irb(main):003:0> OpenSSL::OPENSSL_VERSION
=> "OpenSSL 3.1.0 14 Mar 2023"
irb(main):004:0> OpenSSL::VERSION
=> "3.1.0"
irb(main):005:0> RUBY_VERSION
=> "3.2.1"
irb(main):007:0> key = OpenSSL::PKCS12::new( File.read("#{Rails.root}/config/xxxxxxxxx.p12"), '123456' ).key
(irb):7:in `initialize': PKCS12_parse: unsupported (OpenSSL::PKCS12::PKCS12Error)
irb(main):008:0> OpenSSL::Provider.load("default")
(irb):8:in `<main>': uninitialized constant OpenSSL::Provider (NameError)
I tried to vendorize the last github version too, same problem.
Any help, please?
from openssl.
@dtonon is not released yet, the last realease was on december 22.
You should go with the approach of #635
from openssl.
Related Issues (20)
- Wrongly pushed wip/version-test branch
- How do I set the OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOF flag? HOT 2
- test_pkey_ec.rb test failures in OpenSSL FIPS HOT 19
- Can't start Net::HTTP session without getting the error unable to get local issuer certificate) (OpenSSL::SSL::SSLError) HOT 3
- openssl 3: Can't construct RSA keys from any available serializable key data HOT 4
- Automated sync to ruby/ruby repo HOT 3
- Does Ruby's OpenSSL library have a FIPS certificate? HOT 4
- ruby 3.2.2. build with OpenSSL 3.0 fails on FreeBSD 13. HOT 6
- FIPS: DH: OpenSSL::PKey.generate_parameters returning a value with block of break. HOT 7
- macos-latest truffeeruby-head: test_basic_response_response_operations failing HOT 3
- truffleruby-head 24.0.0-dev: Failing to compile dependant stringio gem. HOT 14
- OpenSSL::PKey::EC.new(nil).generate_key fails with OpenSSL::PKey::PKeyError HOT 6
- OpenSSL 3.2.0 - sessions, time, signed vs unsigned, failure with negative session timeout values HOT 6
- OpenSSL::SSL::SSLContext.new returns SSL_CTX_new: library has no ciphers HOT 6
- Respect system wide minimum TLS version HOT 2
- windows-latest 3.3 case failing with "OpenSSL::Provider::ProviderError: Failed to load legacy provider: (null) (name=legacy)" HOT 8
- OpenSSL::PKey::PKey subclass for EVP_PKEY_RSA_PSS HOT 4
- Error "Failed to build gem native extension." when running "gem install openssl" in Fedora HOT 4
- OpenSSL udate 3.2.1 for CVE-2023-6129 HOT 3
- OpenSSL 3 | Providers | Support broader range of URI schemes for loading keys HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openssl.