[OpenPGP/SDK-dev] problem with decrypting files using self generated keys

Iris Lindner ilindner at logopak.de
Wed Jul 8 09:43:23 BST 2009 

Hello,
I'm currently testing the openpgp API (Rev. 666) with OpenSuSE 11.0 and can't 
properly decrypt files with keys generated with the library. I want to 
include it later on in a bigger system to decrypt received openPGP messages.
Details:

- encrypting message with kgpg using key generated by kgpg and then decrypting 
with "openpgp --decrypt --file=<file> --armour" works fine

- Following fails: Generating a keypair with the API and exporting the public 
key with my own test program, importing the pub. key with kgpg, encrypting a 
message with the key, decrypting with my program 
or "openpgp --decrypt --file=<file> --armour" (after also exporting the 
secret key to kgpg). Both gives errors like:

---------
packet-parse.c:2147: Unknown, Packet was not consumed
packet-parse.c:355: OPS_E_R_READ_FAILED, Read failed
packet-parse.c:2938: OPS_E_P_UNKNOWN_TAG, Unknown content tag 0x2c // (or 
0x3a, 0xf, 0x32, 0x39, 0x25, 0x1c,...)
(program doesn't stop)
--------- OR
packet-parse.c:2147: Unknown, Packet was not consumed
packet-parse.c:355: OPS_E_R_READ_FAILED, Read failed
packet-parse.c:1018: OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN, Bad public key version 
(0x13)
(program doesn't stop)
--------- OR
reader_encrypted_se.c:94: encrypted_data_reader: Assertion `length >= 
arg->decrypted_count || (!rinfo->pinfo->reading_v3_secret 
&&                !rinfo->pinfo->exact_read)' failed.
(program stops)
--------- OR...?

With every new test the error seems to change. But ops_decrypt_file() returns 
1 when program continues and the file for decrypted message is generated (but 
empty).

Did I do something wrong with generating and/or exporting the key (or 
decrypting)? Please see the code below.


And another remark: I couldn't do "make" at the first try. Error:
---------
packet-print.c: In function ‘ops_print_packet’:
packet-print.c:1003: error: call to function ‘end_subpacket’ without a real 
prototype
packet-print.c:614: note: ‘end_subpacket’ was declared here
---------
But after changing the following:
---------
packet-print.c:
1003: /*IL:
1004:    end_subpacket(content_->tag); // \todo print out contents?*/
1005:    end_subpacket(); //IL
---------
it worked. =) ("configure --without-idea" and "make")


Thank you very much in advance for your help!
Kind regards,
Iris Lindner



-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------
//My test program:
-------------8<----------------------------
//GLOBALS:
static ops_keydata_t *ptsKeydata = NULL;
static ops_memory_t *opsMemSec = NULL; /*memory for secret keyring*/
static ops_keyring_t *secring = NULL; /*secret keyring struct*/
static unsigned char passphrase[6]="secret"; /*passphrase to be used*/
static size_t passphraselen = 6;
-------------8<----------------------------
static Bool MyRSAGenerateKey(Bool bSigned) //********generating keypair
{
  int wNumbits = 512;
  unsigned int ulE = 65537;
  ops_user_id_t uid;

  
  uid.user_id=(unsigned char *) "Burghilda <burghilda at logopak.de>";

  if(ptsKeydata != NULL)
  {
    ops_keydata_free(ptsKeydata);
    ptsKeydata = NULL;
    printf("Deleted temporary key.\n");
  }

  if(bSigned) //create self-signed keypair
  {
    ptsKeydata=ops_rsa_create_selfsigned_keypair(wNumbits, ulE, &uid);
  }
  else //create not signed keypair
  {
    ptsKeydata = ops_keydata_new();
    ops_rsa_generate_keypair(wNumbits, ulE, ptsKeydata);
  }

  if(ptsKeydata)
  {
    printf("Create RSA Keypair: Success!\n");
    return TRUE;
  }
  else
  {
    ops_keydata_free(ptsKeydata);
    ptsKeydata = NULL;
    printf("Create RSA Keypair: Failed!\n");
    return FALSE;
  }
  return FALSE;
}
-------------8<----------------------------
Bool MyRSAExportPubKey() //*****************export public key
{
  int fd;
  ops_create_info_t *cinfo = NULL;
  char *filename_pub="/home/ILindner/Desktop/iris_testpkey.asc";
  ops_boolean_t overwrite=ops_true;
  ops_boolean_t armoured=ops_true;
  
  //check if keypair exists:
  if(ptsKeydata == NULL)
  {
    printf("You need to generate a keypair first.\n");
    return FALSE;
  }
  //write current pub key into file:
  fd=ops_setup_file_write(&cinfo, filename_pub, overwrite);
  if(!ops_write_transferable_public_key(ptsKeydata, armoured, cinfo))
  {
    printf("Couldn't export public key in file %s.\n", filename_pub);
    ops_teardown_file_write(cinfo,fd);
    return FALSE; 
  }
  ops_teardown_file_write(cinfo,fd);
  printf("Wrote public key in %s.\n\n", filename_pub);

  return TRUE;
}
-------------8<----------------------------
static Bool MyRSAMemWriteSecKey()  //*****************write sec. key to memory
{
  ops_create_info_t* cinfo = NULL;

  //check if keypair exists:
  if(ptsKeydata == NULL)
  {
    printf("You need to generate a keypair first.\n");
    return FALSE;
  }
  
  //add to keyrings in memory after clearing memory so that it is the only key 
in keyring
  if(opsMemSec != NULL)
  {
    ops_memory_free(opsMemSec);
    opsMemSec = NULL;
    printf("Freed opsMemSec.\n");
  }

  // Append to memory block (keyring)
  ops_setup_memory_write(&cinfo, &opsMemSec, 1000);//why is mem created and 
init. here?
  if(!ops_write_transferable_secret_key(ptsKeydata, (unsigned char *) 
passphrase, passphraselen, TRUE, cinfo))
  {
    printf("Couldn't write secret key to memory block.\n");
    ops_writer_close(cinfo);
    return FALSE;
  }
  printf("Wrote secret key to memory block.\n\n");
  ops_writer_close(cinfo);
  return TRUE;
}
-------------8<----------------------------
static Bool MyRSADecrypt(Bool bFromMem)  //*****************decrypt file
{
  char szFilename[] = "/home/ILindner/Desktop/geheimtext.asc";
  char szFilename_dec[] = "/home/ILindner/Desktop/geheimtext_dec.asc";
  
  //Alloc and init for keyring
  secring = ops_mallocz(sizeof(*secring));
  printf("did malloc for secring\n");

  // Load secret keyring
  if(bFromMem)
  {
    //check if memory block for keyring exists:
    if(opsMemSec == NULL)
    {
      printf("You need to write a keypair into a memory block first.\n");
      return FALSE;
    }
    //load keyring from memory
    if(! ops_keyring_read_from_mem(secring, TRUE, opsMemSec))
    {
      printf("Couldn't load secret keyring from memory.\n");
      free(secring);
      return FALSE;
    }
    printf("Loaded secret keyring from memory.\n");
  }
  else
  {
    //load keyring from file
    if(! ops_keyring_read_from_file(secring, 
TRUE, "/home/ILindner/Desktop/iris_testskey.asc"))
    {
      printf("Couldn't load secret keyring from file.\n");
      free(secring);
      return FALSE;
    }
    printf("Loaded secret keyring from file.\n");
  }
  
  if(! ops_decrypt_file(szFilename, szFilename_dec, secring, TRUE, TRUE, 
callback_cmd_get_passphrase_from_cmdline))
  {
    printf("Decryption failed.\n");
    ops_keyring_free(secring);
    free(secring);
    return FALSE;
  }
  printf("Decrypt succeeded. See %s.\n\n", szFilename_dec);

  //free Keyring
  ops_keyring_free(secring);
  free(secring);

  return TRUE;
}
-------------8<----------------------------

More information about the OpenPGPsdk-dev mailing list