-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integration tests fails with PGP interop for ECC keys ( gpg: decryption failed: No secret key) #30
Comments
|
@vanitasvitae : This very likely also affects pgpainless. Do you have any idea? |
Hm, I think I haven't come across this one yet. I'll check, if PGPainless is also affected later :) |
RSA (works):
ECC (does not work):
Manually created key (DSA/ElGamal):
Manually created key (nistp256):
|
I'm really puzzled about this... This is the third time I try to compose this post, but everytime I do, another error happens/doesn't happen :D I think PGPainless is affected by this somehow. When I try to recreate this, I get an error like the one you stated above about half the time. The other runs are fine (now I cannot recreate the bug at all). Have you run your test repeatedly? Here is a key I generated with pgpainless, that seems to work fine for me (although it failed when I imported it in GPG the first time? 🤔):
An encrypted message:
Which version of bouncycastle are you using? There was a bug that caused exported keys to have a broken format in BC 1.59. |
ReproducibleThe integration test ( BC versionI use bouncy castle 1.60 AND your repairSubkeyPackets warningsI took your The correct key formt according to Your keyThe key works without errors: gpg --homedir=$PWD --import < <(echo "-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: BCPG v1.60
lHcEXCym1BMIKoZIzj0DAQcCAwSOUnSpDZtRwQLp40TbE/OZR7YsW+fHH12pXd+C
/jWhalYHsapuSJAEk5ninvUj9PZK2vyGe9fk1BzoTjAj5AlMAAEAsO61WtpPu7ES
bGoRc64eztRrO71w2+QMJaEtxZXafCgQhrQPZWNrZXlAZGVsZXRlLm1liHUEExMK
AB0FAlwsptQCGyMFFgIDAQAECwkIBwUVCgkICwIeAQAKCRA5gj9k16KVhWUUAP9r
Or9v3MR40UlSjLeg54mRCdys3qdt+Li2KvAlEZJsZwEAhnu7pjw9wJD/SuD9u9iz
P7emL5NtQaAI4OWSx8Cmi/icewRcLKbUEggqhkjOPQMBBwIDBGndg3Z+VjWMMEgo
oo5+OoIfTFJlH5CPcoFXSy/nl6MyauDpxtJlw3hVZB5HJszdheCEe7puCEb+QpHs
FAAErPgDAQgHAAD/YNI+J0K0lUVUfPnZ7rtNUSo0ozZI/+3bJ7XcuYXuqqMSxoh1
BBgTCgAdBQJcLKbUAhsMBRYCAwEABAsJCAcFFQoJCAsCHgEACgkQOYI/ZNeilYUv
TgEA7pvD0K/coWT/UtdnhejRZAEZOMUN4kmDQlfbNY3g9d0A/jDeNTW1BMuqs+LV
JfCK1w+pMIf42/aHpqp3ocZl08TV
=5v4x
-----END PGP PRIVATE KEY BLOCK-----")
gpg: WARNING: unsafe permissions on homedir '/Users/jens/tmp/fff'
gpg: /Users/jens/tmp/fff/trustdb.gpg: trustdb created
gpg: key 39823F64D7A29585: public key "[email protected]" imported
gpg: key 39823F64D7A29585: secret key imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1 and echo '-----BEGIN PGP MESSAGE-----
Version: BCPG v1.60
hH4D+gpfGcqrVhgSAgMEsHr7sSBVTQRWwLuLjM3tv7j5abOIfyu7isx4b+8/ZjQO
K7WLiCZLghp8FO1uFhzxOWaVoQMlGz3qzjoThOfqqjDM8tb2P8XSFo8GINIJ6tVP
QKcoqxCPWApX2Iw5ksR4A9p+Regeg9xIAgRFngxKIEbSZgEQ/V+nrBJr71RKzQ7B
uLXJgDBCNMu4RjGl+yBZM1kjB1J6exr6rc9b43ldnOoh9xaZcflUODJNWFdfcb4z
1woaBjsAeCn4+rvcmcrMK1R8bx6dUK/6xUoXCi+w3TYxU++kJkKTEQ==
=Nlqf
-----END PGP MESSAGE-----' | gpg --homedir=$PWD -d
gpg: WARNING: unsafe permissions on homedir '/Users/jens/tmp/fff'
gpg: encrypted with 256-bit ECDH key, ID FA0A5F19CAAB5618, created 2019-01-02
"[email protected]"
gpg: Note: sender requested "for-your-eyes-only"
This is a test. Please be readable in GPG! |
Note: The bug I pointed out is not related to bcgit/bc-java#349 but a different bug, which was merged after BC 60 was released. |
@vanitasvitae: thanks for the clarification Edit: The error happens with ECC keys, protected with a passphrase or not. Both tests with ECC keys fail. |
Describe the bug
The integration tests with gpg fail for exporting BouncyGPG generated private ECC keys to gpg.
To Reproduce
Failing test for ECC keyrings, although RSA keyrings work.
Expected behavior
The tests should succeed
System:
java -version
]: openjdk version "11" 2018-09-25Additional context
The exported keys:
The message that fails to decrypt with " gpg: decryption failed: No secret key":
What puzzles me is, that the key
0xA99B151C882FF69C
is part of the imported private key:The text was updated successfully, but these errors were encountered: