IntegrityProtection when using OpenPGP ECDH keys

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

IntegrityProtection when using OpenPGP ECDH keys

Paul Schaub
Hi!

I noticed, that the call

bcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);

appears to be broken when I encrypt for an ECDH public key.
The same call works fine when RSA keys are used, meaning the call

pgpPublicKeyEncryptedData.isIntegrityProtected();

returns true. However, it returns false when ECDH keys are used.
Is this a bug, or expected behaviour?

I know that elliptic curve keys are not really specified in RFC4880,
but I found a specification in RFC6637, which also mentions the
integrity protection package.

Greetings Paul


Reply | Threaded
Open this post in threaded view
|

Re: IntegrityProtection when using OpenPGP ECDH keys

David Hook-3

Can't say we have ever seen that. It would be a bug, but have you got
some code that shows the problem? It appears to be working here, and the
two things are actually quite unrelated - whether or not integrity
protection is present has nothing to do with the public key algorithm used.

If there is something we have missed we would be happy to fix it.

Regards,

David
On 11/06/18 01:41, Paul Schaub wrote:

> Hi!
>
> I noticed, that the call
>
> bcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);
>
> appears to be broken when I encrypt for an ECDH public key.
> The same call works fine when RSA keys are used, meaning the call
>
> pgpPublicKeyEncryptedData.isIntegrityProtected();
>
> returns true. However, it returns false when ECDH keys are used.
> Is this a bug, or expected behaviour?
>
> I know that elliptic curve keys are not really specified in RFC4880,
> but I found a specification in RFC6637, which also mentions the
> integrity protection package.
>
> Greetings Paul
>
>
>


Reply | Threaded
Open this post in threaded view
|

Re: IntegrityProtection when using OpenPGP ECDH keys

Paul Schaub
Sorry, the bug was on my side.

Due to a bug in my code, I wasnt actually encrypting when using ECDH keys :D

Greetings
Paul

Am 11. Juni 2018 02:50:57 MESZ schrieb David Hook <[hidden email]>:

Can't say we have ever seen that. It would be a bug, but have you got
some code that shows the problem? It appears to be working here, and the
two things are actually quite unrelated - whether or not integrity
protection is present has nothing to do with the public key algorithm used.

If there is something we have missed we would be happy to fix it.

Regards,

David
On 11/06/18 01:41, Paul Schaub wrote:
Hi!

I noticed, that the call

bcPGPDataEncryptorBuilder.setWithIntegrityPacket(true);

appears to be broken when I encrypt for an ECDH public key.
The same call works fine when RSA keys are used, meaning the call

pgpPublicKeyEncryptedData.isIntegrityProtected();

returns true. However, it returns false when ECDH keys are used.
Is this a bug, or expected behaviour?

I know that elliptic curve keys are not really specified in RFC4880,
but I found a specification in RFC6637, which also mentions the
integrity protection package.

Greetings Paul






--
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.