You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by "S. Sharma" <xx...@yahoo.com> on 2015/05/27 21:46:36 UTC
Camel PGP Not Decrypting PGP Packets If Compression Is Missing.
I have been trying to get this posted to the user-list, but can't seem to get
subscribed/accepted to the list. Hopefully this post is accepted.
I have posted this problem at Stack Overflow assuming that it is a user
error:
http://stackoverflow.com/questions/30385732/camel-crypto-fails-pgp-decryption-invalid
As shown in the posting on Stack Overflow, I have a simple Camel flow to
decrypt the PGP message that I get from a 3rd party. Not to repeat the
Stack Overflow thread, but basically the exception is:
Stacktrace
------------------------------------------------------------------------------------------------------------------------
java.lang.IllegalArgumentException: The input message body has an invalid
format.
The PGP decryption/verification processor expects a sequence of PGP packets
of
the form (entries in brackets are optional and ellipses indicate repetition,
comma represents sequential composition, and vertical bar separates
alternatives): Public Key Encrypted Session Key ..., Symmetrically Encrypted
Data
| Sym. Encrypted and Integrity Protected Data, Compressed Data, (One Pass
Signature ...,) Literal Data, (Signature ...,)
at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getFormatException(PGPKeyAccessDataFormat.java:488)
at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getUncompressedData(PGPKeyAccessDataFormat.java:424)
at
org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.unmarshal(PGPKeyAccessDataFormat.java:363)
If I look at the code where the exception is occurring, it is clearly
looking for a "compressed" packet. The sender has created a message/packets
without the compressed packet:
gpg --list-packets 2015-140-1244-yf3ar85p3zsqpfgk73_resp.asc
:pubkey enc packet: version 3, algo 1, keyid xxxxxxxxxxxxxxx
data: [2046 bits]
You need a passphrase to unlock the secret key for
user: "Your Key <yo...@company.com>"
2048-bit RSA key, ID XXXXXXXX, created 2015-05-18 (main key ID YYYYYYYYY)
:encrypted data packet:
length: 52051
gpg: encrypted with 2048-bit RSA key, ID XXXXXXXX, created 2015-05-18
"Your Key <yo...@company.com>"
:onepass_sig packet: keyid ABVBBBBBBBBBB
version 3, sigclass 0x00, digest 2, pubkey 17, last=1
:literal data packet:
mode b (62), created 1432151886, name="",
raw data: 51945 bytes
:signature packet: algo 17, keyid CCCCCCCCCCCCCC
version 4, created 1432151886, md5len 0, sigclass 0x00
digest algo 2, begin of digest e4 5a
hashed subpkt 2 len 4 (sig created 2015-05-20)
subpkt 16 len 8 (issuer key ID CCCCCCCCCCCCCC)
data: [159 bits]
data: [160 bits]
gpg: WARNING: message was not integrity protected
They provide the :onepass_sig packet.T he sender is generating the PGP
encrypted message using Cryptix Open PGP
In looking at the OpenPGP Packet spec at:
https://tools.ietf.org/html/rfc4880
The packet format shows that there is no mandatory need for the compressed
packet. It is optional in the spec.
I tried to set a PGPDataFormat with setCompression() turned off, but this
has no effect on the decrypt and I get the same error.
Nowhere on the code path that I traced for the exception is there an option
to NOT get the compressed: packet. So does Camel not support the OpenPGP
spec as it is written?
--
View this message in context: http://camel.465427.n5.nabble.com/Camel-PGP-Not-Decrypting-PGP-Packets-If-Compression-Is-Missing-tp5767568.html
Sent from the Camel - Users mailing list archive at Nabble.com.