Importing EFS certificate

Gpg4win help-en
1

Hi,
Just for testing, I tried to import a win 10 EFS x509 cert to my ring. It’s an EC521. WhenI tried from Kleopatra it gave an error: Invalid object. Then I tried using gpgsm amd this was the result after tiping the import password:

C:\antiga_D\Downloads\Certificats EFS>gpgsm --import Key_EFS…pfx
gpgsm: data error at “pkcs5PBES2-params”, offset 134
gpgsm: error at “bag-sequence”, offset 49
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: cantidad total procesada: 0

What did I wrong?

The idea was to have a back-up of the key.

BR.

JMa

2

Hi Josep,

I have no idea :slight_smile: Maybe the Certificate uses something gpgsm does not support. TBH I am not even sure what an EFS certificate is. Maybe someone else will know more here but you have a much better chance to get help if you ask that question on the gnupg-users mailing list, as you have tried it already on the command line.

The Mailing list is linked here:
https://gnupg.org/documentation/mailing-lists.html

Best Regards,
Andre

3

Hi Andre,

FYI,

EFS is a way that has windows 10 pro to cipher files and folders. It uses a certificate self generated with a private key. I’ll try to send you one (now invalid) to you with a private e-mail in .pfx format. Just if it’s useful to you for improving your software. It isn’t important, so don’t waste to much time on it.
I imported it succesfully to the XCA utility.

B.R.