gpgsm: decrypting session key failed: Invalid session key

NIIBE Yutaka gniibe at fsij.org
Fri Jul 26 04:43:38 CEST 2019


Henning Schild via Gnupg-devel <gnupg-devel at gnupg.org> wrote:
> An increasing amount of x509 encrypted email i receive can not be
> decrypted with gpgsm anymore.

Is there any change of cipher used?

> Details: (from latest git build)
> $ /foo/gnupg/sm/gpgsm --debug-level guru --decrypt smime_bad.p7m
> ...
> gpgsm: DBG: chan_5 -> PKDECRYPT
> gpgsm: DBG: chan_5 <- S INQUIRE_MAXLEN 4096
> gpgsm: DBG: chan_5 <- INQUIRE CIPHERTEXT
> gpgsm: DBG: chan_5 -> [ 44 20 28 37 3a 65 6e 63 2d 76 61 6c 28 33 3a 72 ...(273 byte(s) skipped) ]
> gpgsm: DBG: chan_5 -> END
> Vim: Reading from stdin...
> gpgsm: DBG: chan_5 <- S PADDING 0
> gpgsm: DBG: chan_5 <- [ 44 20 28 35 3a 76 61 6c 75 65 33 32 3a e5 ff cd ...(31 byte(s) skipped) ]
> gpgsm: DBG: chan_5 <- OK
> gpgsm: DBG: pkcs1 encoded session key: e5ffcd51107897682fc0d805173d85ce7088fddabda33ac74da73b0813c04593
> gpgsm: decrypting session key failed: Invalid session key
> gpgsm: message decryption failed: Invalid session key <GpgSM>

The encoded session key is 32-byte, which looks like a key of AES-256.

My guess is, this is the point where we need a fix:

diff --git a/sm/decrypt.c b/sm/decrypt.c
index ec9800840..af509fea1 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -75,7 +75,7 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
     log_printhex (seskey, seskeylen, "pkcs1 encoded session key:");
 
   n=0;
-  if (seskeylen == 24 || seskeylen == 16)
+  if (seskeylen == 32 || seskeylen == 24 || seskeylen == 16)
     {
       /* Smells like a 3-DES or AES-128 key.  This might happen
        * because a SC has already done the unpacking.  A better
-- 



More information about the Gnupg-devel mailing list