Adding & checking MDC using high-level org.bouncycastle.openpgp

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Adding & checking MDC using high-level org.bouncycastle.openpgp

Mike Burke
I'm doing symmetric AES256 PGP encryption using org.bouncycastle.openpgp.PGPEncryptedDataGenerator and friends.  I am using Bouncy Castle 1.60 for JDK 1.5-1.8.

I want to include the modification detection code so that GPG accepts the encrypted file without warning, and so that I can also detect modifications when I later handle decryption via BouncyCastle.

It looks like org.bouncycastle.bcpg.ModDetectionCodePacket will let me handle the packet, but my understanding is that I could only use it with the lower-level bcpg interface.  org.bouncycastle.openpgp classes don't expose the BCPGOutputStream, and anyway, they manage it directly for me so I probably shouldn't stick my hands in there.

Searching for ModDetectionCodePacket didn't produce any obviously useful results or usage examples.

Is it currently possible to use a MDC with the high-level org.bouncycastle.openpgp package?

Thanks!
Mike

Reply | Threaded
Open this post in threaded view
|

Re: Adding & checking MDC using high-level org.bouncycastle.openpgp

Paul Schaub
Hi!

I use BcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);
for that purpose :)

Am 25. August 2018 18:15:49 MESZ schrieb Mike Burke <[hidden email]>:
I'm doing symmetric AES256 PGP encryption using org.bouncycastle.openpgp.PGPEncryptedDataGenerator and friends.  I am using Bouncy Castle 1.60 for JDK 1.5-1.8.

I want to include the modification detection code so that GPG accepts the encrypted file without warning, and so that I can also detect modifications when I later handle decryption via BouncyCastle.

It looks like org.bouncycastle.bcpg.ModDetectionCodePacket will let me handle the packet, but my understanding is that I could only use it with the lower-level bcpg interface. org.bouncycastle.openpgp classes don't expose the BCPGOutputStream, and anyway, they manage it directly for me so I probably shouldn't stick my hands in there.

Searching for ModDetectionCodePacket didn't produce any obviously useful results or usage examples.

Is it currently possible to use a MDC with the high-level org.bouncycastle.openpgp package?

Thanks!
Mike


--
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Reply | Threaded
Open this post in threaded view
|

Re: Adding & checking MDC using high-level org.bouncycastle.openpgp

Mike Burke
That's what I needed! Thanks!

On Sat, Aug 25, 2018 at 06:23:47PM +0200, VanitasVitae wrote:

>    Hi!
>
>    I use BcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);
>    for that purpose :)
>
>    Am 25. August 2018 18:15:49 MESZ schrieb Mike Burke
>    <[hidden email]>:
>
>  I'm doing symmetric AES256 PGP encryption using org.bouncycastle.openpgp.PGPEncryptedDataGenerator and friends.  I am using Bouncy Castle 1.60 for JDK 1.5-1.8.
>
>  I want to include the modification detection code so that GPG accepts the encrypted file without warning, and so that I can also detect modifications when I later handle decryption via BouncyCastle.
>
>  It looks like org.bouncycastle.bcpg.ModDetectionCodePacket will let me handle the packet, but my understanding is that I could only use it with the lower-level bcpg interface.  org.bouncycastle.openpgp classes don't expose the BCPGOutputStream, and anyway, they manage it directly for me so I probably shouldn't stick my hands in there.
>
>  Searching for ModDetectionCodePacket didn't produce any obviously useful results or usage examples.
>
>  Is it currently possible to use a MDC with the high-level org.bouncycastle.openpgp package?
>
>  Thanks!
>  Mike
>
>
>    --
>    Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
>    gesendet.