search

keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
BSD 3-Clause "New" or "Revised" License
8.83k stars 1.22k forks source link

Unable to import PGP key with specified Preferred AEAD Ciphersuites Subpacket (Subpacket type ID `0x22`/`0x27`) #26978

Open nitz opened 3 weeks ago

nitz commented 3 weeks ago

Symptom

Attempting to import my PGP key via keybase pgp select produces the following error:

- ERROR key generation error: Unknown signature subpacket: 39 (error 905)

Attempting to import via keybase pgp import with the key in ASCII armor directly does prompt for the passphrase to unlock the secret key, but then produces:

- ERROR openpgp: invalid argument: no valid signing keys

Expected Behavior

As the subpacket for Preferred AEAD Ciphersuites is to indicated a preference, it shouldn't have any bearing on whether or not I'm able to import it into keybase.

Underlying Issue

I believe the issue lies with the modern definition of the "Preferred AEAD Ciphersuites" subpacket ID. As late as version 04 (2021-5-2) of the crypto-refresh draft, the ID used for Preferred AEAD was 34 (0x22), where it was marked as Reserved (Preferred AEAD Algorithms). However, as of [version 5]() (2022-03-07) and later, the ID for that subpacket type was moved to 39 (0x27) and named Preferred AEAD Ciphersuites. The type left at 0x22 was (and remains) simply left as reserved.

It seems even the current source for gpg is still using the older id, while some implementations like bouncycastle have already moved on to the newer ID, which explains discrepancies depending on where keys may be generated.

Other Bits

I've produced a key which contains the subpacket with that ID here for testing, should it be needed.

The key's fingerprint is 0F34 43BE 35CD 231D 7507 7D95 CD7D 2614 07B1 896F and passphrase is test key please ignore.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZmB9cBYJKwYBBAHaRw8BAQdAdlLW1/+/miQB0gtj6NQE4YnnvldHf2gbBjAh
3W3f9Rm0JlRFU1QgS0VZIERPIE5PVCBVU0UgPHRlc3RAZXhhbXBsZS5jb20+iJkE
ExYKAEEFAmZgiM0WIQQPNEO+Nc0jHXUHfZXNfSYUB7GJbwIbAwUJAAAAAAULCQgH
AgInAgMVCAoEFgMCAQIXgAIeBwIZAQAKCRDNfSYUB7GJbxFDAQCBVZnjb7x0uydu
fY4LjQYvOa03QNNU5EtCJo2VtQpLCgEA6IjHDeikd9gAQlwDU8Go035lNPpLlJKZ
Ad2b7r4p9w24OARmYH1wEgorBgEEAZdVAQUBAQdA7UrbzZO5PJLGUnvufM6xQE9K
R/PfOn+7OoAVwmijQF8DAQgHiH4EGBYKACYWIQQPNEO+Nc0jHXUHfZXNfSYUB7GJ
bwUCZmB9cAIbDAUJAAAAAAAKCRDNfSYUB7GJb2uIAP9Oll4ZM3HlsvHAPXSUbYT3
TpziV2yZkr7AiHjIyh+VhAD+Ot+HPEkVOZlLndUE1MoZx0tLu8vDOwYmaZR0KHW9
mQA=
=hyQu
-----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP PRIVATE KEY BLOCK-----

lIYEZmB9cBYJKwYBBAHaRw8BAQdAdlLW1/+/miQB0gtj6NQE4YnnvldHf2gbBjAh
3W3f9Rn+CQMCmkQssfi+fZVgt0lshHjDMM7tkvA1NGuR4bqGc4Dy2WuvebNsx865
WNoTrVM2DvOYJZl7yDzx9aeKOoEn3OzCmflOXTaZXpo9u17ids4r7rQmVEVTVCBL
RVkgRE8gTk9UIFVTRSA8dGVzdEBleGFtcGxlLmNvbT6ImQQTFgoAQQUCZmCIzRYh
BA80Q741zSMddQd9lc19JhQHsYlvAhsDBQkAAAAABQsJCAcCAicCAxUICgQWAwIB
AheAAh4HAhkBAAoJEM19JhQHsYlvEUMBAIFVmeNvvHS7J259jguNBi85rTdA01Tk
S0ImjZW1CksKAQDoiMcN6KR32ABCXANTwajTfmU0+kuUkpkB3Zvuvin3DZyLBGZg
fXASCisGAQQBl1UBBQEBB0DtStvNk7k8ksZSe+58zrFAT0pH8986f7s6gBXCaKNA
XwMBCAf+CQMCvewt5Uxliz5gM+ci/3pXoLPl/XsFuyz1gA90v6NRVK41vIElOmIW
PRvJuzOX4ZpRMmNFqyT21MUlqauRu1vnIE2DmQev0YWAdmZhOR5kB4h+BBgWCgAm
FiEEDzRDvjXNIx11B32VzX0mFAexiW8FAmZgfXACGwwFCQAAAAAACgkQzX0mFAex
iW9riAD/TpZeGTNx5bLxwD10lG2E906c4ldsmZK+wIh4yMoflYQA/jrfhzxJFTmZ
S53VBNTKGcdLS7vLwzsGJmmUdCh1vZkA
=CWK/
-----END PGP PRIVATE KEY BLOCK-----
nitz commented 3 weeks ago

I just re-built a key with the legacy ID, and still received the error, though talking about it's packet ID this time:

- ERROR key generation error: Unknown signature subpacket: 34 (error 905)

It seems keybase can't handle any preferred AEAD cryptosuite subpacket.

At least with the latest release copy of Gpg4Win I've got on this machine, generating a key using all default settings with GPG there, it creates a key that includes a subpacket with ID 0x22, and is thus unusable with keybase.