-
The Encrypt and decrypt String data with PGP keys example in the README fails when decrypting. Steps to recreate:
Perhaps this issue may be related to incorrectly set keyFlags (see this comment) when new keys are generated by Sample code and error output are attached below. Sample Codeimport * as openpgp from 'openpgp'
const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEYJ+aoRYJKwYBBAHaRw8BAQdAco1DOExau8T+3jKhLx7wF+UfWBcYmff4
Q75qmF+bcBTNGUpvZSBCcm93biA8am9lQGJyb3duLmNvbT7CjAQQFgoAHQUC
YJ+aoQQLCQcIAxUICgQWAAIBAhkBAhsDAh4BACEJEDR9hCKXmB3GFiEELFQY
dK1+7DLmjfcANH2EIpeYHcaOygD/ZWlP7ZyW6PlzPn1Qb3O2zpyuGb0LVC4D
Lq5A+KSjqYEA/RMK3xqH4T83EfT1FoEJquCgelCI9FLAiJ3FIVvjjiAJzjgE
YJ+aoRIKKwYBBAGXVQEFAQEHQAW6hb7UdjN1wiKJm1ymcNcqkgLZJI4RDB+N
JmO3MxA2AwEIB8J4BBgWCAAJBQJgn5qhAhsMACEJEDR9hCKXmB3GFiEELFQY
dK1+7DLmjfcANH2EIpeYHcYxYAEAo5Kym1y8RzOsbjgbLH3k9pOs5Kl7m6Yy
7ii9TgkcMyYBAJcbk5IS2Qg/Q6rQ5U15RUNaOC1MZB1ZSBjHKxWJ+/gC
=y8QI
-----END PGP PUBLIC KEY BLOCK-----
`
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
xYYEYJ+aUBYJKwYBBAHaRw8BAQdAJBSBkz1EFv+AJOTs2th/MgH0JZPP0v+2
ARp23ibtES3+CQMItm4g5v3uUYvgEjT7xVLmk4ZNZJ9knW3h8MojsVd8rI4P
aJ/LbKE6QdyrrrJE/WHN5XvTbtxMgpP/s34sKRos7mRKTEjLOq+R64S9Yxmn
3s0ZSmFuZSBCbHVlIDxqYW5lQGJsdWUuY29tPsKMBBAWCgAdBQJgn5pQBAsJ
BwgDFQgKBBYAAgECGQECGwMCHgEAIQkQVKIfyfsXRBoWIQQJC5oz1dSgxDWv
1UhUoh/J+xdEGiXRAQDWtM81STU8I4G7qD7M2FMLOMv9+5owXD6kWSAHLR0V
JAD/YLrVpPKKyQlsu6knNxAFz9vrctbWo0JSR9tFYepKCQbHiwRgn5pQEgor
BgEEAZdVAQUBAQdAzyK4uAv1ixw99qO1qX2d2kFraDUOkXV2hFRqfbEL8WsD
AQgH/gkDCE6P+PZMDGZB4AzWVc1O73Q9njjqHwtrn3ILCewo/uYsZpdAuGcj
t3gcIDj7Bmj+2q4/3HNYyhv8PnOj0jKj2kNCQ6C3cTkgscE0SFMwVgrCeAQY
FggACQUCYJ+aUAIbDAAhCRBUoh/J+xdEGhYhBAkLmjPV1KDENa/VSFSiH8n7
F0Qaa/YA/R3wsNYptegGz+iJc9gyyvkOjdhdc+RaMp+TT7VOACtbAP9V/QN9
B+NtrG3/0PuD5qI0UbeYPAeW5KvPHZBDfPUYAw==
=g39P
-----END PGP PRIVATE KEY BLOCK-----
`
;(async () => {
const passphrase = `abcd1234` // what the private key is encrypted with
const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored })
const privateKey = await openpgp.decryptKey({
privateKey: await openpgp.readKey({ armoredKey: privateKeyArmored }),
passphrase
})
const encrypted = await openpgp.encrypt({
message: await openpgp.createMessage({ text: 'Hello, World!' }), // input as Message object
publicKeys: publicKey, // for encryption
privateKeys: privateKey // for signing (optional)
})
console.log(encrypted) // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
const message = await openpgp.readMessage({
armoredMessage: encrypted // parse armored message
})
const { data: decrypted, signatures } = await openpgp.decrypt({
message,
publicKeys: publicKey, // for verification (optional)
privateKeys: privateKey // for decryption
})
console.log(decrypted) // 'Hello, World!'
console.log(signatures[0].valid) // signature validity (signed messages only)
})() Error Output~/playground/openpgpjs ᐅ node demo.js
-----BEGIN PGP MESSAGE-----
wV4DGvgYDW30DacSAQdAJzUyFbW+GkZxtoohvEppPOSBy6psYUlvBCAwzL2M
ShowWOKk79O+LDafMsbEdHE45b/pBuiePCbs3tX1LiJyLKfChgpyyWdaH2w7
EFC00hhj0sAEAYejZnUZVCJwkHBFcO2IOqtp/pSjgYLRB6AQU7Y+Jskb9RBm
N/p+asCRA+71CuaChAON0GOOpg7V0PQx4r29OkxfOQl8b6QpGMsVITLmTSv+
a0pB0Yb0Q94KwUzo/gOVHW2IAKdz6D8GlgjD943U7QXIQ6Hv3B9TRjvR8v33
2mjJA0Yt38XQOEQ/F6LdpVUDhH7YA97EJoP9pjd9AvZ/BcC90JyfFitlzFmW
ZyhK1fF8jru+P+U9O2jiolfPGFvZdUGVVw==
=uBCf
-----END PGP MESSAGE-----
(node:10171) UnhandledPromiseRejectionWarning: Error: Error decrypting message: Session key decryption failed.
at ac.decryptSessionKeys ([snipped]/node_modules/openpgp/dist/node/openpgp.min.js:2:334771)
at async ac.decrypt ([snipped]/node_modules/openpgp/dist/node/openpgp.min.js:2:332494)
at async file://[snipped]/playground/openpgpjs/demo.js:57:43 |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hello 👋 You're trying to decrypt the message using a private key (user id "Jane Blue") that doesn't correspond to the public key you encrypted it with (user id "Joe Brown"). Admittedly, the example isn't very helpful because when encrypting, the public and private key would indeed belong to different users, and then you would be decrypting the message somewhere else. But since you're doing both at the same time, they have to correspond. |
Beta Was this translation helpful? Give feedback.
Hello 👋 You're trying to decrypt the message using a private key (user id "Jane Blue") that doesn't correspond to the public key you encrypted it with (user id "Joe Brown").
Admittedly, the example isn't very helpful because when encrypting, the public and private key would indeed belong to different users, and then you would be decrypting the message somewhere else. But since you're doing both at the same time, they have to correspond.