java.io.EOFException: Unexpected end of ZIP input stream using 2.2.0 version for PGP file

[jaolivan]

Describe the bug I'm trying to decrypt a PGP file encrypted with an old version of BC (2017) within bouncy-gpg 2.2.0 and it fails giving me the error java.io.EOFException: Unexpected end of ZIP input stream at org.bouncycastle.openpgp.PGPCompressedData$1.fill(Unknown Source) at java.util.zip.InflaterInputStream.read(InflaterInputStream.java:158) at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source) at org.bouncycastle.bcpg.BCPGInputStream$PartialInputStream.read(Unknown Source) at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source) at java.io.InputStream.read(InputStream.java:101)

If I use bouncy-gpg 2.1.2, file is decrypted. If I use bouncy-gpg 2.1.2 with last version of bcprov-jdk15on 1.65.01 and bcgp-jdk15on 1.65, file is decrypted If I use bouncy-gpg 2.2.0 with last version of bcprov-jdk15on 1.65.01 and bcgp-jdk15on 1.65, file decryption fails giving me the same issue.

To Reproduce

Expected behavior Based on my test, I think that the issue is within bouncy-gpg libraries instead of something related to BC libraries.

System (please complete the following information):

• Device: Laptop
• OS: Windows10
• Java JDK 1.8
• Version 2.2.0

[nilskp]

I have a similar, not identical, EOFException with 2.2.0. I had to revert back to previous version to restore production.

[nilskp]

Here's the stacktrace I'm seeing. I put it here, because I think it's the same root cause. If not, let me know and I can open a separate ticket.

java.io.EOFException: premature end of stream in PartialInputStream
       at org.bouncycastle.bcpg.BCPGInputStream$PartialInputStream.read(Unknown Source)
       at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source)
       at org.bouncycastle.openpgp.PGPCompressedData$2.fill(Unknown Source)
       at java.util.zip.InflaterInputStream.read(InflaterInputStream.java:158)
       at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source)
       at org.bouncycastle.bcpg.BCPGInputStream$PartialInputStream.read(Unknown Source)
       at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source)
       at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
       at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
       at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
       at java.io.InputStreamReader.read(InputStreamReader.java:184)
       at java.io.BufferedReader.fill(BufferedReader.java:161)
       at java.io.BufferedReader.readLine(BufferedReader.java:324)
       at java.io.BufferedReader.readLine(BufferedReader.java:389)

EDIT: I see there's already a ticket for this (issue #46), which is fixed.

@neuhalje Is there are reason we're not getting a release with the fix?

[neuhalje]

The reason is ... $DAYJOB. I have a day of on Friday - will do a release there.

[neuhalje]

Fixed in 2.3.0

[DamCx]

Hello,

I'm using the version 2.3.0 and I'm still having the issue. I also have bcprov-jdk15on as provider in version 1.6.8 Here's the stack trace: java.io.EOFException: premature end of stream in PartialInputStream

at org.bouncycastle.bcpg.BCPGInputStream$PartialInputStream.read(Unknown Source)
at org.bouncycastle.bcpg.BCPGInputStream.read(Unknown Source)
at org.bouncycastle.util.io.Streams.readFully(Unknown Source)
at org.bouncycastle.bcpg.BCPGInputStream.readFully(Unknown Source)
at org.bouncycastle.bcpg.BCPGInputStream.readFully(Unknown Source)
at org.bouncycastle.bcpg.MPInteger.<init>(Unknown Source)
at org.bouncycastle.bcpg.PublicKeyEncSessionPacket.<init>(Unknown Source)
at org.bouncycastle.bcpg.BCPGInputStream.readPacket(Unknown Source)
at org.bouncycastle.openpgp.PGPEncryptedDataList.<init>(Unknown Source)
at org.bouncycastle.openpgp.PGPObjectFactory.nextObject(Unknown Source)
at name.neuhalfen.projects.crypto.bouncycastle.openpgp.decrypting.DecryptionStreamFactory.nextDecryptedStream(DecryptionStreamFactory.java:129)
at name.neuhalfen.projects.crypto.bouncycastle.openpgp.decrypting.DecryptionStreamFactory.wrapWithDecryptAndVerify(DecryptionStreamFactory.java:103)
at name.neuhalfen.projects.crypto.bouncycastle.openpgp.BuildDecryptionInputStreamAPI$ValidationImpl$Builder.fromEncryptedInputStream(BuildDecryptionInputStreamAPI.java:353)