Bouncy Castle PGP compatibility #1212
Replies: 8 comments 2 replies
-
Same issue here... Everything works as expected with the same keys/passphrase using other tools (e.g. PGPTool) to encrypt/decrypt data. But using openpgpjs, we obtain: "UnhandledPromiseRejectionWarning: Error: Unsupported legacy encrypted key" on await privateKeyObj.decrypt(passphrase): console.log("Reading private key...");
const privateKeyObj = (await openpgp.key.readArmored(privateKey)).keys[0];
console.log("Before decrypting... ");
await privateKeyObj.decrypt(passphrase);
console.log("After decrypting: " + privateKeyObj); Is there a list formats/algorithms supported by openpgpjs or a way to test the compatibility of those keys with openpgpjs? |
Beta Was this translation helpful? Give feedback.
-
Hey 👋 This is due to the key using an old 16-bit hash rather than a SHA1 hash (or AEAD, but I don't think BCPGP supports that yet). I found the following parameter here:
If you're using that function, that should be true. It even says
So - please use that function instead, with a high S2K count, if possible.
Could you post an example message and public key? |
Beta Was this translation helpful? Give feedback.
-
i made a test. Everything works fine if i encrypt/decrypt where the public key/passphrase are generated with the following algorithm: SHA256 with DSA 2048bit. |
Beta Was this translation helpful? Give feedback.
-
OpenPGP.js automatically uses RSA if it specified in the key and message to encrypt and decrypt. For SHA1, you could try setting
A better solution would be to ask the recipient to generate a new key with SHA256 in the preferences. But let me know if it fixes your issue. Also, if it turns out that it doesn't, please change it back again and delete that key with SHA1 in the preferences :) |
Beta Was this translation helpful? Give feedback.
-
Unfortunately it does not. I cannot use a different public key as it is the one that has been provided.
// put keys in backtick (``) to avoid errors caused by spaces or tabs const encryptDecryptFunction = async() => { |
Beta Was this translation helpful? Give feedback.
-
What program / library is receiver running? Could you ask them to generate another example private key and send it to us, and send us the command or code they're running that's causing this error? |
Beta Was this translation helpful? Give feedback.
-
I am encrypting a file and again encrypting and signing the already encrypted (Double encryption ad signed) using openpgp node js module. When I am using same openpgp code I am able to double decrypt and verify the file successfully. |
Beta Was this translation helpful? Give feedback.
-
Hey 👋 It sounds like an issue with your code, rather than with the message. I can't really help you with that. Except, I have one piece of advice for you and everyone in this thread, which is to use PGPainless if you need an OpenPGP library in Java. It's based on BouncyCastle, but much easier to use and more secure by default |
Beta Was this translation helpful? Give feedback.
-
I am not able to decrypt a key generated by BCPGP (Version: BCPG C# v1.6.1.0), while i am able to do it with other tools.
The same is happening when i try to encrypt a file, by using a public key, Version: BCPG C# v1.6.1.0.
the receiver is saying that the file has not been encrypted with the provided key.
Are there any setting i need to apply ?
i am using:
Node.js v12.14.1
OpenPGP.js v4.8.0
Thank you for your advice
Beta Was this translation helpful? Give feedback.
All reactions