gpg --list-packets lists wrong packets
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• ikloecker
	Sep 2 2021, 11:42 AM

Description

Using
gpg (GnuPG) 2.2.27
libgcrypt 1.9.3-unknown
(openSUSE Tumbleweed)
or
gpg (GnuPG) 2.3.2-beta132
libgcrypt 1.9.4-beta62
built from master.

I have a file that is encrypted with an unknown key (a test key not known to my standard keyring).

The file is 198 bytes long.

$ gpg --list-packets decrypt-me-annas-key.txt.gpg
gpg: encrypted with ECDH key, ID 547ECA3FEAB73FC2
gpg: decryption failed: No secret key
gpg: [don't know]: invalid packet (ctb=4f)
gpg: [don't know]: invalid packet (ctb=72)
gpg: uncompressing failed: Unknown compression algorithm
gpg: processing message failed: Unknown compression algorithm
# off=0 ctb=84 tag=1 hlen=2 plen=94
:pubkey enc packet: version 3, algo 18, keyid 547ECA3FEAB73FC2
        data: [263 bits]
        data: [392 bits]
# off=96 ctb=d4 tag=20 hlen=2 plen=100 new-ctb
:aead encrypted packet: cipher=9 aead=2 cb=21
        length: 100
# off=104 ctb=a0 tag=8 hlen=2 plen=229
:compressed packet: algo=118

There a several weirdnesses:

The four lines

gpg: [don't know]: invalid packet (ctb=4f)
gpg: [don't know]: invalid packet (ctb=72)
gpg: uncompressing failed: Unknown compression algorithm
gpg: processing message failed: Unknown compression algorithm

make no sense. What invalid packets? Why try uncompressing if decryption wasn't possible? I guess all of those errors are subsequent errors.

The third packet at offset 104 makes no sense.

As far as I can tell, there are exactly two (top-level) packets in the file:

A pubkey enc packet of length 2+94=96.
An aead encrypted packet of length 2+100=102.

96+102 = 198 which is then size of the file.

I suspect that gpg tries to find packets in the undecrypted second packet.

This problem does not occur with another encrypted test file that is encrypted with two "unknown" keys. I'll attach the problematic encrypted test file.

Revisions and Commits

rG GnuPG
	rGa17f1b607473 gpg: Skip the packet when not used for AEAD.
	rGcc6152b802f2 gpg: Skip the packet when not used for AEAD.

Related Objects

Mentioned In: T5565: Release GnuPG 2.3.3
T5601: Release GnuPG 2.2.32
Mentioned Here: rGcc6152b802f2: gpg: Skip the packet when not used for AEAD.

Event Timeline

decrypt-me-annas-key.txt.gpg198 BDownload

The actual problem is not that --list-packets produces weird output, but that --decrypt fails with

gpg: [don't know]: invalid packet (ctb=4f)
[GNUPG:] NODATA 3

causing confusing errors in Kleopatra.

It parses wrongly. I think that we need a fix like:

diff --git a/g10/mainproc.c b/g10/mainproc.c
index 1ee5b9a6e..7f51b263b 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -725,6 +725,9 @@ proc_encrypted (CTX c, PACKET *pkt)
 
   if (!result)
     result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek );
+  else
+    iobuf_skip_rest (pkt->pkt.encrypted->buf, pkt->pkt.encrypted->len,
+                     pkt->pkt.encrypted->is_partial);
 
   /* Trigger the deferred error.  */
   if (!result && early_plaintext)

... to skip DATA part in the encrypted packet.

• werner triaged this task as High priority.Sep 27 2021, 10:12 AM

• werner assigned this task to • gniibe.Sep 27 2021, 10:19 AM

I was wrong to fix this issue; It is specifically the issue of PKT_ENCRYPTED_AEAD packet. And we already have code to skip the data part by free_encrypted. The problem is that free_encrypted is *not* called when it was PKT_ENCRYPTED_AEAD.

I'm going to push the correct fix.

Fixed in rGcc6152b802f2: gpg: Skip the packet when not used for AEAD., but I put wrong bug-id in the commit message.

• ikloecker added a commit: rGcc6152b802f2: gpg: Skip the packet when not used for AEAD..Sep 28 2021, 9:52 AM

Thanks. This fixes the invalid packet errors when using --list-packets or when trying to decrypt the file without secret key.

As the bug I located is a simple fix, I think it can be also applied to 2.2.

• werner added projects: gnupg (gpg22), backport.Oct 4 2021, 10:13 AM

• werner added a commit: rGa17f1b607473: gpg: Skip the packet when not used for AEAD..Oct 6 2021, 8:12 PM

• werner mentioned this in T5601: Release GnuPG 2.2.32.Oct 6 2021, 9:19 PM