Bouncy Castle PGP compatibility

[vittogiothedon]

I am not able to decrypt a key generated by BCPGP (Version: BCPG C# v1.6.1.0), while i am able to do it with other tools.
The same is happening when i try to encrypt a file, by using a public key, Version: BCPG C# v1.6.1.0.
the receiver is saying that the file has not been encrypted with the provided key.

Are there any setting i need to apply ?
i am using:
Node.js v12.14.1
OpenPGP.js v4.8.0

Thank you for your advice

[SalvatoreMeschini]

Same issue here...

Everything works as expected with the same keys/passphrase using other tools (e.g. PGPTool) to encrypt/decrypt data.

But using openpgpjs, we obtain: "UnhandledPromiseRejectionWarning: Error: Unsupported legacy encrypted key" on await privateKeyObj.decrypt(passphrase):

    console.log("Reading private key...");
    const privateKeyObj = (await openpgp.key.readArmored(privateKey)).keys[0];
    console.log("Before decrypting... ");
    await privateKeyObj.decrypt(passphrase);
    console.log("After decrypting: " + privateKeyObj);

Is there a list formats/algorithms supported by openpgpjs or a way to test the compatibility of those keys with openpgpjs?

[twiss]

Hey 👋 This is due to the key using an old 16-bit hash rather than a SHA1 hash (or AEAD, but I don't think BCPGP supports that yet). I found the following parameter here:

useSHA1 - checksum the secret keys with SHA1 rather than the older 16 bit checksum.

If you're using that function, that should be true. It even says

Deprecated. use method taking PBESecretKeyDecryptor

Create a new key ring generator using old style checksumming. It is recommended to use SHA1 checksumming where possible.

So - please use that function instead, with a high S2K count, if possible.

---

the receiver is saying that the file has not been encrypted with the provided key.

Could you post an example message and public key?

[vittogiothedon]

i made a test. Everything works fine if i encrypt/decrypt where the public key/passphrase are generated with the following algorithm: SHA256 with DSA 2048bit.
The public key i received has been made with SHA1 with RSA 2048bit. How may i force openpgp to use SHA1 with RSA 2048bit to encrypt and decrypt?

[twiss]

OpenPGP.js automatically uses RSA if it specified in the key and message to encrypt and decrypt.

For SHA1, you could try setting openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha1; before generating your own key and then encrypt a message. However, please keep in mind that SHA1 has been broken and this is insecure. The latest draft spec says:

Implementations SHOULD NOT create messages which require the use of SHA-1

A better solution would be to ask the recipient to generate a new key with SHA256 in the preferences.

But let me know if it fixes your issue. Also, if it turns out that it doesn't, please change it back again and delete that key with SHA1 in the preferences :)

[vittogiothedon]

Unfortunately it does not. I cannot use a different public key as it is the one that has been provided.
Here the code i use to encrypt (mainly form openpgp doc). As result of passing the public key (SHA1, RSA 2048), the receiver is saying: Invalid Encryption. if i use the same in C#, it is validating.

const openpgp = require('openpgp')
const fs = require('fs')
openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha1;
openpgp.initWorker({ path:'openpgp.worker.js' })

// put keys in backtick (``) to avoid errors caused by spaces or tabs
const pubkey = -----BEGIN PGP PUBLIC KEY BLOCK----- Version: BCPG v1.56 key... key... -----END PGP PUBLIC KEY BLOCK-----

const encryptDecryptFunction = async() => {
const file = fs.readFileSync('C:\Users..').toString();
const options = {
message: openpgp.message.fromText(file), // input as Message object
publicKeys: (await openpgp.key.readArmored(pubkey)).keys
}
openpgp.encrypt(options).then(ciphertext => {
encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
console.log(encrypted);
fs.writeFileSync('C:\Users..', encrypted);
return encrypted
})
}
encryptDecryptFunction()

[twiss]

the receiver is saying: Invalid Encryption

What program / library is receiver running? Could you ask them to generate another example private key and send it to us, and send us the command or code they're running that's causing this error?

[TulasiMaha]

I am encrypting a file and again encrypting and signing the already encrypted (Double encryption ad signed) using openpgp node js module. When I am using same openpgp code I am able to double decrypt and verify the file successfully.
But when decrypting using Bouncy castle Java code, getting below error. Can anyone please help me to resolve this issue.
({ "ERROR" : "class org.bouncycastle.openpgp.PGPLiteralData cannot be cast to class org.bouncycastle.openpgp.PGPCompressedData (org.bouncycastle.openpgp.PGPLiteralData and org.bouncycastle.openpgp.PGPCompressedData are in unnamed module of loader 'app')" }

[twiss]

Hey 👋 It sounds like an issue with your code, rather than with the message. I can't really help you with that.

Except, I have one piece of advice for you and everyone in this thread, which is to use PGPainless if you need an OpenPGP library in Java. It's based on BouncyCastle, but much easier to use and more secure by default ☺️

[TulasiMaha]

Thank you for the response.
Adding here the code of encryption through Bouncy Castle(Java) and openpgp(Typescript). Can you please let me know the difference if you find any regarding algorithms or any other paramaters.

Bouncy Castle Java Code:

`private void encrypt(OutputStream outputStream, InputStream inputStream, PGPPublicKey encryptionKey, int compressionAlgorithm, int symmetricKeyAlgorithm, boolean isArmoredStream, boolean withIntegrityCheck) throws AbstractScriptException {
		info("Begin Encryption -> Compression Algorithm : {}, Symmetric Key Algorithm : {}, Armored Stream : {}, Integrity Check : {}"
			+compressionAlgorithm +","+ symmetricKeyAlgorithm+ "," +isArmoredStream+"," +withIntegrityCheck);
		Security.addProvider(new BouncyCastleProvider());
		info("Added BouncyCastle as Security Provider");
		try {
			if (isArmoredStream) outputStream = new ArmoredOutputStream(outputStream);
			byte[] bytes = getCompressedData(inputStream, compressionAlgorithm);
			info("Setting up Encryptor");
			JcePGPDataEncryptorBuilder dataEncryptorBuilder = new JcePGPDataEncryptorBuilder(symmetricKeyAlgorithm)
			.setWithIntegrityPacket(withIntegrityCheck)
			.setSecureRandom(new SecureRandom())
			.setProvider("BC");
			JcePublicKeyKeyEncryptionMethodGenerator publicKeyKeyEncryptionMethodGenerator = new JcePublicKeyKeyEncryptionMethodGenerator(encryptionKey)
			.setProvider("BC");

			PGPEncryptedDataGenerator encryptedDataGenerator = new PGPEncryptedDataGenerator(dataEncryptorBuilder);

			encryptedDataGenerator.addMethod(publicKeyKeyEncryptionMethodGenerator);
			OutputStream encryptedDataOutputStream = encryptedDataGenerator.open(outputStream, bytes.length);

			try{            	
				encryptedDataOutputStream.write(bytes);
				if (encryptedDataOutputStream != null)
					encryptedDataOutputStream.close(); 
			} catch (Throwable throwable) {
				if (encryptedDataOutputStream != null)
					try {
						encryptedDataOutputStream.close();
					} catch (Throwable throwable1) {
						throwable.addSuppressed(throwable1);
					}  
					//throw throwable;
			} 
			info("Encrypted data");               
			outputStream.close();
		}           
		catch (Exception e) {
			fail("Encountered exception while encryption : {} "+ e.getMessage());
			e.printStackTrace();
		}                
	}

	private static byte[] getCompressedData(InputStream inputStream, int compressionAlgorithm) throws IOException {
		byte[] fileLiteral;        
		try  {
			ByteArrayOutputStream bOut = new ByteArrayOutputStream();
			PGPCompressedDataGenerator comData = new PGPCompressedDataGenerator(compressionAlgorithm);
			writeFileToLiteralData(inputStream, comData.open(bOut), PGPLiteralData.BINARY, PGPLiteralDataGenerator.CONSOLE, Date.from(Instant.now()), new byte[512]);
			comData.close();
			fileLiteral = bOut.toByteArray();
		} 
		catch (IOException e) {
			throw new RuntimeException(e);
		}
		return fileLiteral;
	}
	private static void writeFileToLiteralData(InputStream in, OutputStream out, char format, String outputName, Date modifiedDate, byte[] buffer) throws IOException {
		PGPLiteralDataGenerator literalDataGenerator = new PGPLiteralDataGenerator();
		try {
			OutputStream pOut = literalDataGenerator.open(out, format, outputName, modifiedDate, buffer);
			try {
				byte[] buf = new byte[BUFFER_SIZE];
				int len;
				while ((len = in.read(buf, 0, buf.length)) > 0)
					pOut.write(buf, 0, len); 
				if (pOut != null)
					pOut.close(); 
			} catch (Throwable throwable) {
				if (pOut != null)
					try {
						pOut.close();
					} catch (Throwable throwable1) {
						throwable.addSuppressed(throwable1);
					}  
					// throw throwable;
			} 
		}
		catch (IOException e) {
			throw new RuntimeException(e);
		}
	}
	private PGPPublicKey readPublicKey(InputStream keyInputStream) throws IOException, PGPException, AbstractScriptException {
		info("Reading public key from file");      
		try  {
			InputStream keyIn = new BufferedInputStream(keyInputStream);
			InputStream decoderStream = PGPUtil.getDecoderStream(keyIn);
			PGPPublicKeyRingCollection pgpPub = new PGPPublicKeyRingCollection(decoderStream,new JcaKeyFingerprintCalculator());
			Iterator<PGPPublicKeyRing> keyRingIter = pgpPub.getKeyRings();
			while (keyRingIter.hasNext()) {
				PGPPublicKeyRing keyRing = keyRingIter.next();
				Iterator<PGPPublicKey> keyIter = keyRing.getPublicKeys();
				while (keyIter.hasNext()) {
					PGPPublicKey key = keyIter.next();
					if (key.isEncryptionKey()) {
						info("Found public key");
						return key;
					}
				}
			}
		}
		catch(Exception e1) {
			e1.printStackTrace();
		}        
		throw new IllegalArgumentException("Can't find encryption key in key ring.");
	}

Typescript code using openpgp:

`public static async fnFinEncrypt(finTestConfig: FinTestConfigLib, fileToBeEncWithFileExt : string, pathToSaveEncFileWithFileExt : string) {
    
        const publicKeyArmored = await FinFileUtilitiesLib.fnFinReadTextFile(finTestConfig,"pubkey.txt");
        const fileContentOfEncFile = await FinFileUtilitiesLib.fnFinReadTextFile(finTestConfig,fileToBeEncWithFileExt);
        try{             
            const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
            FinSharedLib.fnFinLogInfoInMochawesomeReport(finTestConfig, "Read Pub key");
 
            const message = await openpgp.createMessage({
                text: fileContentOfEncFile,
                format :'binary'
                
            });
            openpgp.config.preferredCompressionAlgorithm =openpgp.enums.compression.zip; 
            await message.armor(openpgp.config)

            const  encrypted  = await openpgp.encrypt({
                config: {
                    preferredCompressionAlgorithm: openpgp.enums.compression.zip,
                    preferredSymmetricAlgorithm : openpgp.enums.symmetric.aes128
                },
                message: message, 
                encryptionKeys: publicKey
               
            });
            FinSharedLib.fnFinLogInfoInMochawesomeReport(finTestConfig, "Encrypted data");
            console.log(encrypted);     
            await fs.writeFileSync(pathToSaveEncFileWithFileExt,encrypted);
 
        }
        catch(error){   
            LogFailInMochawesomeReport(finTestConfig, "Error occurred while encrypting one pass file: " + error.message);
        }
       LogInfoInMochawesomeReport(finTestConfig, "Exit fnFinDecryptOnePassFile method")        
    }
`

[twiss]

No, I don't have experience using BouncyCastle so I can't help you with that, as I said. I would recommend using PGPainless instead, but otherwise you'll need to find some other documentation or resource about BouncyCastle. Good luck!