Can't decrypt messages encrypted with my public RSA4096 key - 2-byte hash error
cedilla1312 opened this issue · comments
INCOMPATIBILITY / REPORTEDLY DEPRECATED KEY WITH HASH
Error: Error in openpgp.decryptKey. Error decrypting private key: Encrypted private key is authenticated using an insecure two-byte hash
It could relate to: openpgpjs/openpgpjs#1000. Even could relate to 5.0.0 version of openpgpjs (https://github.com/openpgpjs/openpgpjs/wiki/V5-Changelog/83d7b1a1b9098213d7a70ae8ec00fcb62f99d60e). I think the error appeared in some release during 2023: mailvelope/releases
I have created my public and private key in 2018 (relatively new) via GnuPG software AFAIR. After some time in 2023 Mailvelope started to fail decrypting messages bellow stating two-byte hash error (first I thought it's a wrong password, but different msg was shown, decryption works with GnuPG).
How can I find out via openpgpjs (GnuPG won't provide detail information as PGP old software on hash-bytes as illustrated in http://www.spywarewarrior.com/uiuc/ss/sec-key/sec-key.htm#pgp-cvt) detailed information on hashing, S2K and so on?
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.14 (GNU/Linux)
More info:
:pubkey enc packet: version 3, algo 1, keyid 01F************
data: [4095 bits]
:pubkey enc packet: version 3, algo 1, keyid 340************
data: [2048 bits]
:encrypted data packet:
length: unknown
mdc_method: 2
gpg: encrypted with RSA key, ID F6******
gpg: encrypted with RSA key, ID 6D******
gpg: decryption failed: secret key not available
:public key packet:
version 4, algo 1, created 1546208639, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 108...
:user ID packet: "name and mail"
:signature packet: algo 1, keyid 108...
version 4, created 1546208639, md5len 0, sigclass 0x13
digest algo 2, begin of digest 06 24
hashed subpkt 2 len 4 (sig created 2018-12-30)
hashed subpkt 11 len 8 (pref-sym-algos: 7 8 4 3 6 5 2 10)
hashed subpkt 21 len 6 (pref-hash-algos: 5 1 3 2 9 10)
hashed subpkt 22 len 2 (pref-zip-algos: 1 2)
subpkt 16 len 8 (issuer key ID 108)
data: [4095 bits]
:public sub key packet:
version 4, algo 1, created 1546208639, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 01F...
:signature packet: algo 1, keyid 108...
version 4, created 1546208639, md5len 0, sigclass 0x18
digest algo 2, begin of digest 11 a7
hashed subpkt 2 len 4 (sig created 2018-12-30)
hashed subpkt 11 len 8 (pref-sym-algos: 7 8 4 3 6 5 2 10)
hashed subpkt 21 len 6 (pref-hash-algos: 5 1 3 2 9 10)
hashed subpkt 22 len 2 (pref-zip-algos: 1 2)
subpkt 16 len 8 (issuer key ID 108...)
data: [4095 bits]
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA (S1), 3DES (S2), CAST5 (S3), BLOWFISH (S4), AES (S7),
AES192 (S8), AES256 (S9), TWOFISH (S10), CAMELLIA128 (S11),
CAMELLIA192 (S12), CAMELLIA256 (S13)
Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3), SHA256 (H8), SHA384 (H9),
SHA512 (H10), SHA224 (H11) I CANT SEE H5, which is preferred, otherwise it falls to MD5.
Compression: Uncompressed (Z0), ZIP (Z1), ZLIB (Z2), BZIP2 (Z3)
The future might bring another backwards compatibility issues: openpgpjs/openpgpjs#1672.
When it comes to ECC, what algorithm serves the best security and speed of calculation and durability in the future?
Where should I generate new key pairs, Mailvelope provides nearly no information on key details, I need information like pgpdump in Linux, but for Windows, this program used to provide very detailed information on keys.
Reference: https://datatracker.ietf.org/doc/html/rfc4880#page-44
Version of Mailvelope: * [Gmail] Fix detection of encrypted attachments 5.1.1 version Mailvelope
background.bundle.js - openPGP.js version:
* @memberof module:config
* @property {String} versionString A version string to be included in armored messages
versionString: 'OpenPGP.js 5.11.0',