RECOVERING FROM A BAD PASSPHRASE: PGPPBEEncryptedData.getDataStream(...)

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

RECOVERING FROM A BAD PASSPHRASE: PGPPBEEncryptedData.getDataStream(...)

William Swartzendruber
Hello:

I am encountering an issue where attempting to unlock an encrypted data stream via PGPPBEEncryptedData.getDataStream(...) will leave the instance in a bad state if the passphrase is incorrect.  Attempting to get the data stream again results in:

PGPDataValidationException("data check failed")

Is there a way to recover from someone entering the incorrect passphrase?

This is bcpg-jdk15on-1.60

I appreciate any assistance or clarification in this manner.
Reply | Threaded
Open this post in threaded view
|

Re: RECOVERING FROM A BAD PASSPHRASE: PGPPBEEncryptedData.getDataStream(...)

David Hook-3

The issue here is that the PGP API is a streaming one, so having started
decryption and failed, the data is already partially read. You need to
reset the stream to recover from an incorrect passphrase.

Regards,

David

On 12/12/18 5:01 pm, William Swartzendruber wrote:

> Hello:
>
> I am encountering an issue where attempting to unlock an encrypted
> data stream via PGPPBEEncryptedData.getDataStream(...) will leave the
> instance in a bad state if the passphrase is incorrect.  Attempting to
> get the data stream again results in:
>
> PGPDataValidationException("data check failed")
>
> Is there a way to recover from someone entering the incorrect passphrase?
>
> This is bcpg-jdk15on-1.60
>
> I appreciate any assistance or clarification in this manner.



Reply | Threaded
Open this post in threaded view
|

Re: RECOVERING FROM A BAD PASSPHRASE: PGPPBEEncryptedData.getDataStream(...)

William Swartzendruber
The best thing I could think of was to wrap the BcPGPObjectFactory in a BufferedInputStream and to mark() and reset() that.

Is that what you meant?

On Thu, Dec 20, 2018 at 5:05 PM David Hook <[hidden email]> wrote:

The issue here is that the PGP API is a streaming one, so having started
decryption and failed, the data is already partially read. You need to
reset the stream to recover from an incorrect passphrase.

Regards,

David

On 12/12/18 5:01 pm, William Swartzendruber wrote:
> Hello:
>
> I am encountering an issue where attempting to unlock an encrypted
> data stream via PGPPBEEncryptedData.getDataStream(...) will leave the
> instance in a bad state if the passphrase is incorrect.  Attempting to
> get the data stream again results in:
>
> PGPDataValidationException("data check failed")
>
> Is there a way to recover from someone entering the incorrect passphrase?
>
> This is bcpg-jdk15on-1.60
>
> I appreciate any assistance or clarification in this manner.



Reply | Threaded
Open this post in threaded view
|

Re: RECOVERING FROM A BAD PASSPHRASE: PGPPBEEncryptedData.getDataStream(...)

David Hook-3

Yep!

Regards,

David

On 9/1/19 12:54 pm, William Swartzendruber wrote:
The best thing I could think of was to wrap the BcPGPObjectFactory in a BufferedInputStream and to mark() and reset() that.

Is that what you meant?

On Thu, Dec 20, 2018 at 5:05 PM David Hook <[hidden email]> wrote:

The issue here is that the PGP API is a streaming one, so having started
decryption and failed, the data is already partially read. You need to
reset the stream to recover from an incorrect passphrase.

Regards,

David

On 12/12/18 5:01 pm, William Swartzendruber wrote:
> Hello:
>
> I am encountering an issue where attempting to unlock an encrypted
> data stream via PGPPBEEncryptedData.getDataStream(...) will leave the
> instance in a bad state if the passphrase is incorrect.  Attempting to
> get the data stream again results in:
>
> PGPDataValidationException("data check failed")
>
> Is there a way to recover from someone entering the incorrect passphrase?
>
> This is bcpg-jdk15on-1.60
>
> I appreciate any assistance or clarification in this manner.