Converting from Out of Process Encryption about pgpcore HOT 9 CLOSED

Hi,

It shouldn't matter if a header is present or not, currently in PGPCore there's no option to amend or remove the header.

If you'd like to encrypt your files in binary then you can use the armour: false option on the encrypt method.

PGPCore should be able to read and decrypt your currently encrypted files as everything should be working to the same standard. Though I'd suggest checking this first by using it to decrypt a couple of them to confirm nothing weird is going on.

from pgpcore.

@mattosaurus
See updated Encrypt method above. While I get a binary file by setting armor to false, the "header" of the binary file is different

and when I try to Decrypt it, I get an exception, Checksum mismatch at 0 of 20 using the exact same keys. Here's my decrypt method:

public async Task Decrypt()
{
    FileStream fRead = new FileStream(pubKeyRingPath, FileMode.Open, FileAccess.Read, FileShare.Read);
    FileStream fSec = new FileStream(privKeyRingPath, FileMode.Open, FileAccess.Read, FileShare.Read);

    try
    {
        encryptionKeys = new EncryptionKeys(fRead, fSec, _passPhrase);
    }
    catch (Exception ex)
    {
        label6.Text = ex.Message;
    }

    FileInfo inputFile = new FileInfo(textBox3.Text + ".gpg");
    FileInfo encryptedFile = new FileInfo(textBox5.Text);

    using (PGP pgp = new PGP(encryptionKeys))
    {
        try
        {
            await pgp.DecryptFileAsync(inputFile, encryptedFile);
        }
        catch (Exception ex)
        {
            label6.Text = ex.Message;
        }
    }
}

Here's the stacktrace. I thought this was fixed in v5.2, we're currently using PGPCore version 5.10.0.

   at Org.BouncyCastle.Bcpg.OpenPgp.PgpSecretKey.DoExtractPrivateKey(Byte[] rawPassPhrase, Boolean clearPassPhrase)
   at PgpCore.PGP.<DecryptAsync>d__293.MoveNext() in C:\Users\ragsm\source\repos\PgpCore\PgpCore\PGP.cs:line 5011
   at PgpCore.PGP.<DecryptStreamAsync>d__169.MoveNext() in C:\Users\ragsm\source\repos\PgpCore\PgpCore\PGP.cs:line 2933
   at PgpCore.PGP.<DecryptFileAsync>d__160.MoveNext() in C:\Users\ragsm\source\repos\PgpCore\PgpCore\PGP.cs:line 2775
   at PGP_POC.Form1.<Decrypt>d__9.MoveNext() in C:\Users\Edward.Shipman1\source\repos\PGP-POC\Form1.cs:line 138

The method above decrypted several of our current files perfectly. But now I'm getting this error:
Failed to detect encrypted content format. (Parameter 'inputStream')
It also will not decrypt anything that we encrypt using the Encrypt method above, that's where we get the Checksum error.
The BouncyCastle in your repo is not the latest stable version.

On another note, I copied the file I encrypted above to my system and ran the PgpDecrypt.bat file against it and it decrypted it once. Unsure if it will decrypt any more created. (We're using PGP Command Line 10.5.1 build 730 in those batch files on our server)

from pgpcore.

Also, just for grins, I tried generating new keys and trying.

1. Generated New Keys and then used them to Encrypt a file
2. Verify works, encrypted file is verified.
3. Decrypt of the same encrypted file results: Failed to detect encrypted content format. (Parameter 'inputStream')

So, am I gonna get anymore help here? We really want to use your package but if we continue to have these issues, we will probably just drop it.

from pgpcore.

Hi,

What is the program you're using in you batch file to encrypt? I'll try to replicate this tomorrow if I can.

from pgpcore.

command line PGP v 10.5.1 build 730

from pgpcore.

That's the paid Broardcom version right? If so I don't have access to that.

If you can provide me with an encrypted file as well as a test public/private keypair and password then I'll have a look using that.

from pgpcore.

What's odd is that I lost all the source I wrote and had to recreate the whole project. I then recreated the project using your example code with changes only to filename/paths and to set armor to false. A file encrypted with our current public key cannot be decrypted using the Decrypt method using our private key/passPhrase; still getting the Checksum mismatch at 0 of 20 exception

Our private key is named secring.skr; our public key is named pubring.pkr (they are in binary format). If I generate new keys with the same recipient and passPhrase as our current keys, it decrypts the encrypted files just fine. We are using the same recipient and passPhrase when I attempt to decrypt using our key or when using the newly generated keys.

Decrypting the newly encrypted files using the command line PGP works with no issues. I can also Verify (using your VerifyStreamAsync code) all of the encrypted files with no issues.

from pgpcore.

Since I cannot post any of my non-working keys or encrypted files, I am unsure what to do here. The issue is happening in PGPCore.PgpSecretKeys.ExtractKeyData(), specifically, when it is trying to do the Checksum:
byte[] check = Checksum(useSha1, data, (useSha1) ? data.Length - 20 : data.Length - 2);
I have downloaded your latest source and the latest source of BouncyCastle and debugged into it. Cannot figure out what the cause is.
In the call above, data has 65 bytes and then when it returns, check has only 20 bytes and the values are all different.
Could this be related to #122 where you said it was fixed in 5.2?

I even exported my private and public keys as .asc files and used them with the same result.

from pgpcore.

Since I'm not getting any help on this, we're going to choose another route.
We're going to be using our old process to decrypt the old files and files encrypted with the new code, we'll be using the new process.

Thanks.

from pgpcore.