Incompatibility between GnuPG encryption and the Bouncy Castle encryption.

Bhushan Jain bhushan1988 at gmail.com
Wed Jun 4 11:00:09 CEST 2008 

Hi,

I have created RSA key as well as its subkey for encryption using GnuPG. Now
I encrypted a file using JAVA library functions given by Bouncy Castle (a
pgp library in JAVA which claims to adhere to rfc 2440). I also encrypted
the same file using the GnuPG commands from command line. The following are
the results of the pgpdump for both of them...........



PGPdump for GnuPG:------


PGPdump Results

<font size="4">Old: Public-Key Encrypted Session Key Packet(tag 1)(140
bytes) New<br>version(3) Key ID - 0xB84434E8A6EACCA8 Pub alg - RSA Encrypt
or<br>Sign(pub 1) RSA m^e mod n(1024 bits) - 88 74 a9 7c bb 85 c6 1d 19 82
55<br>ec 72 86 93 4d 74 52 94 a4 c1 e7 9f bd b9 9d 8c 82 da 08 d1 db 71 09
4f<br>de 40 77 16 95 7f 52 14 11 23 c0 61 68 61 eb 43 c7 80 ac 6b 36 df 65
99<br>e7 f8 14 78 1f d7 3f 18 41 10 aa 5e df 59 a2 eb 49 39 c2 d6 4a a8 be
07<br>fe 9a ae 7b 95 2e 90 e1 30 3f 47 9c bb 96 f1 1d 17 9b 6b 6c a6 5b 4d
57<br>f0 fa de 6b c9 51 aa 36 e6 81 87 3d c0 ff c6 b6 5b 8c 66 6d 1f
-&amp;gt; m<br>= sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type
02<br>New: Symmetrically Encrypted and MDC Packet(tag 18)(<span
style="background-color: rgb(51, 255, 51);">168 bytes</span>) Ver
1<br>Encrypted data [sym alg is specified in pub-key encrypted session
key]<br>(plain text + MDC SHA1(20 bytes))</font><br>



PGPdump for BouncyCastle:--------------



PGPdump Results

<font size="4">Old: Public-Key Encrypted Session Key Packet(tag 1)(140
bytes) New<br>version(3) Key ID - 0xB84434E8A6EACCA8 Pub alg - RSA Encrypt
or<br>Sign(pub 1) RSA m^e mod n(1024 bits) - af db e9 49 ce f1 f5 d5 c1 ab
a3<br>59 39 f2 a6 6e 05 2f 99 9d 79 87 cf 19 3a 9f ad 15 da 8d 83 ee a9 36
72<br>c3 23 42 33 70 2f 40 69 03 2f 9c 18 44 bb 20 b2 5c 5e 09 fd ad c4 16
61<br>39 07 a1 a7 ab 1d 0c 06 69 d5 81 8d 2c 65 ae 89 b6 db 5d e0 5e 4d 6e
d8<br>ae 7b f1 3b f1 52 a3 52 24 a0 55 2c 43 47 66 cd 92 a1 3e c5 c2 38 4c
02<br>5d e6 59 bf b3 6d 09 a0 9b cc 63 46 ec 7a cf f6 7f 62 f9 1a 86
-&amp;gt; m<br>= sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type
02<br>New: Symmetrically Encrypted and MDC Packet(tag 18)(<span
style="background-color: rgb(51, 255, 51);">155 bytes</span>) Ver
1<br>Encrypted data [sym alg is specified in pub-key encrypted session
key]<br>(plain text + MDC SHA1(20 bytes))<br></font>




I am also attaching the encrypted files......

When I use GnuPG to decrypt the file encrypted using Bouncy Castle
Libraries, the file gets decrypted correctly.

But if I use Bouncy Castle to decrypt the file encrypted using GnuPG, I get
an exception stating illegal key size.
The following is the stacktrace for the program.


org.bouncycastle.openpgp.PGPException: Exception starting decryption
java.security.InvalidKeyException: *Illegal key size
*    at javax.crypto.Cipher.a(Unknown Source)
    at javax.crypto.Cipher.init(Unknown Source)
    at javax.crypto.Cipher.init(Unknown Source)
    at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
    at
org.bouncycastle.openpgp.PGPPublicKeyEncryptedData.getDataStream(Unknown
Source)
    at bouncyCastlePGP.BcDecrypt.decrypt_bc(BcDecrypt.java:130)

The statement giving exception is supposed to give a decrypted stream using
the secret key.


But the same decryption program using Bouncy Castle decrypts correctly the
file encrypted using Bouncy Castle libraries.

The only difference I could observe in the dumps of both the files is the
packet size of New packet(tag 18).(Highlighted)

Can that make a difference?
Plz help me .....
or is it that GnuPG donot follow the rfc2440??


Thanks,
------------------
Bhushan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080604/6aa28d39/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: encrypted_using_GnuPG.txt.gpg
Type: application/octet-stream
Size: 527 bytes
Desc: not available
URL: </pipermail/attachments/20080604/6aa28d39/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: encrypted_using_BouncyCastle.txt.gpg
Type: application/octet-stream
Size: 499 bytes
Desc: not available
URL: </pipermail/attachments/20080604/6aa28d39/attachment-0003.obj>

More information about the Gnupg-users mailing list