'Re: [dev-crypto] EOF Exception while reading PGP Armored Public Key'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] EOF Exception while reading PGP Armored Public Key
From:       David Hook <dgh () autochthonous ! org>
Date:       2013-09-10 12:32:27
Message-ID: 522F115B.3000204 () autochthonous ! org
[Download RAW message or body]


I'm not so sure about that, well at least with the version of GNUPG I'm 
using, on your version do you see:

> signature packet: algo 17, keyid 0000000000000000
         version 4, created 1103548383, md5len 0, sigclass 0x10
         digest algo 2, begin of digest a6 8e
         hashed subpkt 2 len 4 (sig created 2004-12-20)
         data: [160 bits]
         data: [160 bits]

The keyid is actually D776DC92EFA8A8170, however the subpacket in 
question which appears (or at least should) in the above signature is 
encoded with a length of 24, but only has 8 bytes of data, gpg gets a 
string of zeros because the last 8 bytes of the data block are never 
populated. BC actually checks that the amount of data in the length 
field is available, it doesn't get enough so it throws an exception.

RFC 4880 does define Issuer (the subpacket in question) as fixed 
length... I guess I could try working around it in that fashion, I'd be 
fascinated to know who or what decided to encode an 8 byte field with a 
length of 24 though.

Regards,

David
On 10/09/13 20:55, Harakiri wrote:
> I have come across a pubkey i cannot read with the BC OpenPGP API. GNUPG will read \
> the key fine. 
> Im using this code
> 
> private static PGPPublicKeyRingCollection generatePGPPublicKeyRingCollection(
> byte[] keyFile)
> throws IOException, PGPException {
> 
> PGPObjectFactory pgpFact = new PGPObjectFactory(
> PGPUtil.getDecoderStream(new ByteArrayInputStream(keyFile)));
> List<PGPPublicKeyRing> rings  = new ArrayList<PGPPublicKeyRing>();
> Object                 pgpPub = null;
> 
> while ((pgpPub = pgpFact.nextObject()) != null) {
> if (pgpPub instanceof PGPPublicKeyRing) {
> rings.add(((PGPPublicKeyRing) pgpPub));
> } else {
> 
> //System.out.println("Not a PubKeyObject");
> }
> }
> 
> return new PGPPublicKeyRingCollection(rings);
> 
> }
> 
> (which is an alternate to PGPPublicKeyRingCollection pubRingColl =
> new PGPPublicKeyRingCollection(
> PGPUtil.getDecoderStream(new ByteArrayInputStream(keyFile))) but due an earlier BC \
> BUG im using the above method - and that also throws the following exception: 
> 
> java.io.EOFException
> at org.bouncycastle.bcpg.SignatureSubpacketInputStream.readPacket(Unknown Source)
> at org.bouncycastle.bcpg.SignaturePacket.<init>(Unknown Source)
> at org.bouncycastle.bcpg.BCPGInputStream.readPacket(Unknown Source)
> at org.bouncycastle.openpgp.PGPKeyRing.readSignaturesAndTrust(Unknown Source)
> at org.bouncycastle.openpgp.PGPKeyRing.readUserIDs(Unknown Source)
> at org.bouncycastle.openpgp.PGPPublicKeyRing.<init>(Unknown Source)
> at org.bouncycastle.openpgp.PGPObjectFactory.nextObject(Unknown Source)
> at org.bouncycastle.openpgp.PGPPublicKeyRingCollection.<init>(Unknown Source)
> 
> Here is the key in question
> 
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x9710B89BCA57AD7C
> 
> 
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic