Open michaelthecsguy opened 4 years ago
just FYI, right now for short term solution, I just use Java subprocess to call python's gnupg library to do encryption. Once this is fixed, I will test it for you and will use it.
I had the same issue. Checking the content of your key with:
gpg --export -a <key id>|gpg --list-packets --verbose
the key doesn't contain a KeyFlags subpacket (subpacket type 27). This section of the key indicates whether the key can be used for encryption, or signing, or other things.
In this case Bouncy-gpg assumes the key cannot be used for encryption. GPG is more lenient: if a key doesn't contain a KeyFlags subpacket, it will check the key algo, and if the algo is for example RSA, it assumes the key is fine for encrypting/signing
An alternative to using a python call is to implement your own KeySelectionStrategy, so that it accepts keys that don't explicitly have an Encryption flag
I attached an example for reference, which mimics GPG behaviour CustomKeySelectionStrategy.zip
@neuhalje or @mdesmons, is the fix merged to the next build? and new Jar version?
I am ready to test it.
It doesn't look like it's been merged yet. I don't have write access to the repo and can only submit a PR, I think @neuhalje has to review and approve...
But my comment above provides a workaround that doesn't require changing the library, if you really need it https://github.com/neuhalje/bouncy-gpg/issues/50#issuecomment-620277475
Can you provide an example of how to use the override with InMemoryKeyring?
Not sure how to implement the override when the parent class is not an explicit instantiation.
For example where to override the single use of "KeyringConfigCallbacks" below?
keyring = KeyringConfigs.forGpgExportedKeys(KeyringConfigCallbacks.withPassword(passphrase)); keyring.addPublicKey(publicKey.getBytes("US-ASCII")); keyring.addSecretKey(privateKey.getBytes("US-ASCII"));
BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(result); OutputStream outStream = BouncyGPG.encryptToStream() .withConfig(keyring) .withStrongAlgorithms() .toRecipient(receiverUserId) .andSignWith(senderUserIdEmail) .armorAsciiOutput() .andWriteTo(bufferedOutputStream)
I’ll look into that shortly
Please check - should be fixes
Hi there! Was this ever put through? Getting the same issue here. Thanks!
Same question here.
Same question here.
Hi there! Was this ever put through? Getting the same issue here. Thanks!
we were able to resolve it by invoking selectUidByAnyUidPart() after initializing WithKeySelectionStrategy.
ex: outputStream = BouncyGPG .encryptToStream() .withConfig(keyring).selectUidByAnyUidPart() .withStrongAlgorithms() .toRecipient(UID) .andDoNotSign() .binaryOutput() .andWriteTo(bufferedOutputStream); Streams.pipeAll(fis, outputStream);
Same question here. Hi there! Was this ever put through? Getting the same issue here. Thanks!
Is this still a problem? I get message "PGPException: No (suitable) public key for encryption to xxx@yyy.dk found" when I add the recipient xxx@yyy.dk to BouncyGPG using .toRecipient("xxx@yyy.dk"). Why do BouncyGPG check on toRecipient? I should think this is the job of the recipient service to check that he is identical to "xxx@yyy.dk".
Hi,
I tested encryption out with gpg in commandline with no problem. When I test it out with Bouncy-gpg by using this code:
Then, It gives exception
This code works all other public key except this one. The interesting part is that it works in GPG commandline.
I have attached the public key in the following comment. I don't know if the recipient email address the "dot" in front of domain that causes the issue.