gpgsm: decrypting session key failed: Invalid session key
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Sep 30 22:42:06 CEST 2019
On Fri 2019-07-26 11:43:38 +0900, NIIBE Yutaka wrote:
> Henning Schild via Gnupg-devel <gnupg-devel at gnupg.org> wrote:
>> An increasing amount of x509 encrypted email i receive can not be
>> decrypted with gpgsm anymore.
>
> Is there any change of cipher used?
>
>> Details: (from latest git build)
>> $ /foo/gnupg/sm/gpgsm --debug-level guru --decrypt smime_bad.p7m
>> ...
>> gpgsm: DBG: chan_5 -> PKDECRYPT
>> gpgsm: DBG: chan_5 <- S INQUIRE_MAXLEN 4096
>> gpgsm: DBG: chan_5 <- INQUIRE CIPHERTEXT
>> gpgsm: DBG: chan_5 -> [ 44 20 28 37 3a 65 6e 63 2d 76 61 6c 28 33 3a 72 ...(273 byte(s) skipped) ]
>> gpgsm: DBG: chan_5 -> END
>> Vim: Reading from stdin...
>> gpgsm: DBG: chan_5 <- S PADDING 0
>> gpgsm: DBG: chan_5 <- [ 44 20 28 35 3a 76 61 6c 75 65 33 32 3a e5 ff cd ...(31 byte(s) skipped) ]
>> gpgsm: DBG: chan_5 <- OK
>> gpgsm: DBG: pkcs1 encoded session key: e5ffcd51107897682fc0d805173d85ce7088fddabda33ac74da73b0813c04593
>> gpgsm: decrypting session key failed: Invalid session key
>> gpgsm: message decryption failed: Invalid session key <GpgSM>
>
> The encoded session key is 32-byte, which looks like a key of AES-256.
>
> My guess is, this is the point where we need a fix:
>
> diff --git a/sm/decrypt.c b/sm/decrypt.c
> index ec9800840..af509fea1 100644
> --- a/sm/decrypt.c
> +++ b/sm/decrypt.c
> @@ -75,7 +75,7 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
> log_printhex (seskey, seskeylen, "pkcs1 encoded session key:");
>
> n=0;
> - if (seskeylen == 24 || seskeylen == 16)
> + if (seskeylen == 32 || seskeylen == 24 || seskeylen == 16)
> {
> /* Smells like a 3-DES or AES-128 key. This might happen
> * because a SC has already done the unpacking. A better
It looks like this change was adopted in GnuPG master as
ef2424144a070c9199e40424ec8d9b5a9919aa72. Should this be backported to
the 2.2 stable branch?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190930/2bb02773/attachment-0001.sig>
More information about the Gnupg-devel
mailing list