camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "S. Sharma" <xxx_sha...@yahoo.com>
Subject Camel PGP Not Decrypting PGP Packets If Compression Is Missing.
Date Wed, 27 May 2015 19:46:36 GMT
I have been trying to get this posted to the user-list, but can't seem to get
subscribed/accepted to the list. Hopefully this post is accepted.

I have posted this problem at Stack Overflow assuming that it is a user
error:
http://stackoverflow.com/questions/30385732/camel-crypto-fails-pgp-decryption-invalid

As shown in the posting on Stack Overflow, I have a simple Camel flow to
decrypt the PGP message that I get from a 3rd party.  Not to repeat the
Stack Overflow thread, but basically the exception is:

Stacktrace
------------------------------------------------------------------------------------------------------------------------
java.lang.IllegalArgumentException: The input message body has an invalid
format.
The PGP decryption/verification processor expects a sequence of PGP packets
of
the form (entries in brackets are optional and ellipses indicate repetition,
comma represents sequential composition, and vertical bar separates
alternatives): Public Key Encrypted Session Key ..., Symmetrically Encrypted
Data 
| Sym. Encrypted and Integrity Protected Data, Compressed Data, (One Pass
Signature ...,) Literal Data, (Signature ...,)  
    at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getFormatException(PGPKeyAccessDataFormat.java:488)
    at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getUncompressedData(PGPKeyAccessDataFormat.java:424)
    at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.unmarshal(PGPKeyAccessDataFormat.java:363)

If I look at the code where the exception is occurring, it is clearly
looking for a "compressed" packet.  The sender has created a message/packets
without the compressed packet:

gpg --list-packets 2015-140-1244-yf3ar85p3zsqpfgk73_resp.asc 
:pubkey enc packet: version 3, algo 1, keyid xxxxxxxxxxxxxxx
    data: [2046 bits]

You need a passphrase to unlock the secret key for
user: "Your Key <you@company.com>"
2048-bit RSA key, ID XXXXXXXX, created 2015-05-18 (main key ID YYYYYYYYY)

:encrypted data packet:
    length: 52051
gpg: encrypted with 2048-bit RSA key, ID XXXXXXXX, created 2015-05-18
      "Your Key <you@company.com>"
:onepass_sig packet: keyid ABVBBBBBBBBBB
    version 3, sigclass 0x00, digest 2, pubkey 17, last=1
:literal data packet:
    mode b (62), created 1432151886, name="",
    raw data: 51945 bytes
:signature packet: algo 17, keyid CCCCCCCCCCCCCC
    version 4, created 1432151886, md5len 0, sigclass 0x00
    digest algo 2, begin of digest e4 5a
    hashed subpkt 2 len 4 (sig created 2015-05-20)
    subpkt 16 len 8 (issuer key ID CCCCCCCCCCCCCC)
    data: [159 bits]
    data: [160 bits]
gpg: WARNING: message was not integrity protected

They provide the :onepass_sig packet.T he sender is generating the PGP
encrypted message using  Cryptix Open PGP

In looking at the OpenPGP Packet spec at:
https://tools.ietf.org/html/rfc4880

The packet format shows that there is no mandatory need for the compressed
packet.  It is optional in the spec.

I tried to set a PGPDataFormat with setCompression() turned off, but this
has no effect on the decrypt and I get the same error.  

Nowhere on the code path that I traced for the exception is there an option
to NOT get the compressed: packet.   So does Camel not support the OpenPGP
spec as it is written?   



--
View this message in context: http://camel.465427.n5.nabble.com/Camel-PGP-Not-Decrypting-PGP-Packets-If-Compression-Is-Missing-tp5767568.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Mime
View raw message