Signature verification broken with files larger than 887 bytes

covert-encryption / covert

An encryption format offering better security, performance and ease of use than PGP. File a bug if you found anything where we are worse than our competition, and we will fix it.

41 stars 10 forks source link

Signature verification broken with files larger than 887 bytes #79

Closed heikkiorsila closed 2 years ago

heikkiorsila commented 2 years ago

Encrypting and signing a file with an SSH public/private key fails when file size is larger than 887 bytes.

$ dd if=/dev/random of=file count=1 bs=887 && covert enc -R test.pub -i test -o archive.enc file && covert dec -i test -o tempdir archive.enc
...
... Signature verified
$ dd if=/dev/random of=file count=1 bs=888 && covert enc -R test.pub -i test -o archive.enc file && covert dec -i test -o tempdir archive.enc
...
Error: Missing signature block (needed 80 bytes, got 0)

covert-encryption commented 2 years ago

Looks like a blockstream bug. 1024 is the relevant limit (on total encrypted file size), after which there will be more than one block, and 888 bytes of data plus headers, structures and random padding probably happens to hit that for you. Will look into this. Thanks for reporting.

covert-encryption commented 2 years ago

@heikkiorsila Mind reviewing that PR?