PGP Singed message getting error Invalid PGP Message File

[varsha123]

• OpenPGP.js version: we used "openpgp": "^5.2.1",
  NodeJS version : v14.16.1

We have signed message using openpgpjs and sent to our client that signed file getting failed at their end with error Invalid PGP Message File, they are using Bouncycastle library for verification.

Also we verified our singed file with https://8gwifi.org/pgpfileverify.jsp there also we are getting error : "error Invalid PGP Message File".
Please let me know how can we fix this .. Also are we using internally GPG to Encrypt and Sign Messages like this
https://www.digitalocean.com/community/tutorials/how-to-use-gpg-to-encrypt-and-sign-messages#how-to-verify-and-sign-keys

Please suggest how can we fix this

Thanks
Varsha

[larabr]

Hi @varsha123 , we need more information to understand the issue, can you share the code you used for signing?

[varsha123]

Hi @larabr

We used below code to sign our json file

const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });

    const unsignedMessage = await openpgp.createCleartextMessage({ text: 'Hello, World!' });
    const cleartextMessage = await openpgp.sign({
        message: unsignedMessage, // CleartextMessage or Message object
        signingKeys: privateKey
    });
    console.log(cleartextMessage); // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'

    const signedMessage = await openpgp.readCleartextMessage({
        cleartextMessage // parse armored message
    });

also our PGP minimum requirement:
1.1.1 Digital Signature
Type : RSA
Key Size : 2048 bits
Hashing Algorithm : SHA-2

Thanks
Varsha

[larabr]

That code is from our readme, so not very helpful for debugging.
Can you reproduce the issue when signing with a different key?
If so, can you share an example signed message that gives you the error?
If not, can you share the public key that is supposed to verify the message?

[varsha123]

yes we are using our own private key and public key.
Our private key starts with
-----BEGIN PGP PRIVATE KEY BLOCK-----

-----BEGIN PGP PUBLIC KEY BLOCK-----

my original file to sign is like

{"header":{"totalCount":"1","batchId":"party_Onboarding_eb690d8b-99f1-48d1-b0a2-c684d20f0876",
"timeStamp":"1651134284"},"data":{"requests":[{"url":"/v1/scs/party","verb":"POST",
"header":{"X-SCS-TrackingId":"dddddd","requestId":"Req-10002022042813544444",
},"data":{"name":"laxman","partyRefId":"5b788c83-68cf-488b-81d1-a1cbd6ff99kp","status":"Active","kycCompleted":true,"validFrom":"26-APR-2022","validUntil":"30-APR-2022","responsibility":"Buyer","country":"SG","accounts":[],"contacts":[],"attributes":[{"paymentType":"RTGS","paymentInstrument":"LT"}]}}]}}

### below is signed text

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

{"header":{"totalCount":"1","batchId":"party_Onboarding_eb690d8b-99f1-48d1-b0a2-c684d20f0876",
"timeStamp":"1651134284"},"data":{"requests":[{"url":"/v1/scs/party","verb":"POST",
"header":{"X-SCS-TrackingId":"dddddd","requestId":"Req-10002022042813544444",
},"data":{"name":"laxman","partyRefId":"5b788c83-68cf-488b-81d1-a1cbd6ff99kp","status":"Active","kycCompleted":true,"validFrom":"26-APR-2022","validUntil":"30-APR-2022","responsibility":"Buyer","country":"SG","accounts":[],"contacts":[],"attributes":[{"paymentType":"RTGS","paymentInstrument":"LT"}]}}]}}
-----BEGIN PGP SIGNATURE-----

wsDzBAEBCgAGBQJidA49ACEJEML7z5ikFFcGFiEEkq4yIdfBuHGLnpFGwvvP
mKQUVwa1Jwv9HRxNXM9ApXam+sYEKIZVMMhSz4LgBMldtS6dJGd4AYiao2gJ
1rGLUgRZ9QggrCoqR/JHfOKg8SdlmbTvgp8sU9q7IUnTDIC/4i8OT7B+EDqZ
GTnXep1072Gf0i2rtMjC3cXUIBhVgqlBqo31bZMcxYBOYcCDFmTQE7VlsRmj
R7JrH2t8Mw7quvCtk3vncFkPbzstBljVtggjfzxg7/NukTDgPLnMD1KlkSAb
b1b4SA2CY65FSrGKmiEGe/C3sMSyDxqWsuv5hff7V3/fKvME9UpcSYO6V6+B
mQO0GViDV9xHKoHjRKGzhdhVk4ulipjVcEfaYo4fgjGrIloIYCAujIKeeF0I
LRg8IGrlfZpnM8Ps0JH9qvEQTE8YqpfBMiZCimreQihtdDt+PvknsSGYpupt
jNshGnFkNOCDEN3gWOER2pKEurFJtjKiXjOk2hLjepEvnJjJl2KmtChmbhEN
vYF78qcr7RKY72aJB1kDCkAKLUUiWHz/4VHIK11YswX4
=fo+Q
-----END PGP SIGNATURE-----

for this we are getting error : unknown object in stream: 59

[larabr]

It's not immediately obvious for me why BouncyCastle cannot parse the signed message, but Sequoia PGP and GPG seem to process it fine, so it's something on their side. I suggest you open an issue with BCPG.

Something you might try is to generate a "normal" signed message instead of a cleartext one, by calling createMessage (instead of createCleartextMessage:

const unsignedMessage = await openpgp.createMessage({ text: 'Hello, World!' });
const signedMessage = await openpgp.sign({ // this is the same as before
        message: unsignedMessage
        signingKeys: privateKey
});

[varsha123]

yes we tried this and send for verification, but we need solution for 2 pass as well, is this possible ?

Thanks
Varsha

[larabr]

Call openpgp.sign (with detached: true options, like so) and openpgp.encrypt with the same input message. But note that the cleartext signature could still reveal some information about the encrypted data, especially if it has a known/fixed format, so it's not recommended to share the signature using an insecure channel.

[varsha123]

ok thanks for the update @larabr.
Just one query here , as above u mentioned Call openpgp.sign (with detached: true options, like so) and openpgp.encrypt with the same input message

here what would be input message for openpgp.encrypt..

[larabr]

The message that you want to sign/encrypt, created using openpgp.createMessage(...)

[twiss]

If you want to create a signed message, and then encrypt the signed message, you can also just call openpgp.sign normally (without detached: true), and then pass the signed message to openpgp.encrypt. I'm not sure if that does exactly what you want, but it doesn't have the vulnerability @larabr mentioned.

[twiss]

Are you sure you want to create a clearsigned message?
Perhaps you want to use createMessage instead of createCleartextMessage (and readMessage instead of readCleartextMessage)?
(Probably we should suggest this more prominently in the readme.)

[varsha123]

@twiss , yes we tried to use above code with create message, still getting invalid pgp message error on below link but it's getting verified by our own openpgpjs verifyier
https://8gwifi.org/pgpfileverify.jsp..

Can you try your singed message on link..if working plz share message and steps

Thanks varsha

[varsha123]

@larabr @twiss : we are facing below error : while decrypting signencrypted file generated using Bouncycastle library

Error decrypting message: Session key decryption failed.

Also same file we tried with GPG tool: we received below detail: plz suggest what's wrong here in this file or our process

gpg: encrypted with rsa3072 key, ID ###############, created 2021-10-26
"Tazapay Devops (Tazapay SCB dev PGP) <#########>"
gpg: used key is not marked for encryption use.
File 'doc' exists. Overwrite? (y/N) n
Enter new filename: doc1
gpg: Signature made 12-May-22 11:31:45 AM India Standard Time
gpg: using RSA key ###################
gpg: issuer "##############"
gpg: Good signature from "###############" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: #########################################
gpg: WARNING: message was not integrity protected
gpg: decryption forced to fail!

Thanks
Varsha

[varsha123]

Hi @larabr @twiss

any update on above issue