Open uli-heller opened 2 years ago
Unfortunately, I don't have access to that exact machine.
Please update to latest main branch code (also tagged v2.1.2) and try:
Try the above on the HPZ400 that fails. Is it possible that the HP Z400 has faulty RAM? eg you can run memtest86 on that box to verify that hypothesis.
At this point, from the logs above - I can't find an obvious fault in the program..
Good morning,
thx for looking into this. I do have 4 of these HP-Z400 machines. I've observed the misbehavior on two of them, for the other two, I didn't check so far. I doubt that the bug is caused by faulty ram.
Executing the tests on the HP-Z400 machines is a bit tricky, since I don't have devtools and go available on them.
What I've done:
tests.sh
a little bittests.sh
on the machineIt leads to this output:
***@***.***:~/sigtool$ ./tests.sh
./bin/linux-amd64/sigtool: decrypt: can't decrypt chunk 0: cipher:
message authentication failed
tests.sh: can't decrypt with /tmp/sigtool17078/ssk2
tests.sh: Test output in /tmp/sigtool17078 ..
So same error as on the other two HP-Z400.
Here the DIFF for tests.sh: https://github.com/opencoff/sigtool/pull/9
diff --git a/tests.sh b/tests.sh
index 4184a46..3d180cc 100755
--- a/tests.sh
+++ b/tests.sh
@@ -2,9 +2,11 @@
# simple round-trip tests to verify the tool
-
-arch=`./build --print-arch`
-bin=./bin/$arch/sigtool
+bin="`for sigtool in ./bin/*/sigtool; do test -x "${sigtool}" && {
"${sigtool}" -h >/dev/null 2>&1 && { echo "${sigtool}"; exit 0; }; };
done`"
+test -z "${bin}" && {
+ arch=`./build --print-arch`
+ bin=./bin/$arch/sigtool
+}
Z=`basename $0`
# workdir
Am 2022-06-05 22:51, schrieb Sudhi Herle:
Unfortunately, I don't have access to that exact machine.
Please update to latest main branch code (also tagged v2.1.2) and try:
- make test
- ./tests.sh
Try the above on the HPZ400 that fails. Is it possible that the HP Z400 has faulty RAM? eg you can run memtest86 on that box to verify that hypothesis.
At this point, from the logs above - I can't find an obvious fault in the program..
-- Reply to this email directly, view it on GitHub [1], or unsubscribe [2]. You are receiving this because you authored the thread.Message ID: @.***>
[1] https://github.com/opencoff/sigtool/issues/8#issuecomment-1146881374 [2] https://github.com/notifications/unsubscribe-auth/AAMZQZQRHGFOI6EC6KREGSTVNUHMRANCNFSM5X4ZRZDA
I have created a new branch - "debug-hpz400"; the code here has a global debug option:
sigtool --debug encrypt .... sigtool --debug decrypt ...
This debug flag prints several key derivation data to stderr.
please checkout the head of that branch:
git clone -b debug-hpz400 https://github.com/opencoff/sigtool sigtool-debug
Build it as before and re-run your tests but with one change:
Add "--debug" to the global sigtool flags.
We should expect to see the same set of keys derived on the encryptor and decryptor machines. If they don't match - that is one reason why decrypt on hpz400 fails..
Thanks,
I am on vacation at the moment, so it will take me two weeks or three to do this. Thx for your help
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
Am 17. Juni 2022 17:24:49 MESZ schrieb Sudhi Herle @.***>:
I have created a new branch - "debug-hpz400"; the code here has a global debug option:
sigtool --debug encrypt .... sigtool --debug decrypt ...
This debug flag prints several key derivation data to stderr.
please checkout the head of that branch:
git clone -b debug-hpz400 https://github.com/opencoff/sigtool sigtool-debug
Build it as before and re-run your tests but with one change:
Add "--debug" to the global sigtool flags.
We should expect to see the same set of keys derived on the encryptor and decryptor machines. If they don't match - that is one reason why decrypt on hpz400 fails..
Thanks,
-- Reply to this email directly or view it on GitHub: https://github.com/opencoff/sigtool/issues/8#issuecomment-1158980981 You are receiving this because you commented.
Message ID: @.***>
I'm back. The output looks OK to me:
...
+ ./bin/linux-amd64/sigtool s --no-password /tmp/sigtool5719/ssk1 -o /tmp/sigtool5719/tests.sh.sig ./tests.sh
+ ./bin/linux-amd64/sigtool v -q /tmp/sigtool5719/ssk1.pub /tmp/sigtool5719/tests.sh.sig ./tests.sh
+ ./bin/linux-amd64/sigtool --debug e --no-password -o /tmp/sigtool5719/tests.sh.enc /tmp/sigtool5719/ssk2.pub ./tests.sh
encrypt:
hdr-cksum: d92fe90314699aad7dae54fdc77e495202a8453d898b90b8bcd90dd2ade21f2b
salt: 35bd31151f2f4c0f5b807d3a05361727b78494250909ac163c3d2a2a86869f38
key: c9ae1b05628a6a2b32c12cfa228ef5db6adb22c7e4c4d2250f5abbe067f9a1e4
aes-key: 34e20fbd4e68bd4427630bbd76c07415db76750022148613a679e19dd18dbf04
+ ./bin/linux-amd64/sigtool --debug d --no-password -o /tmp/sigtool5719/tests.sh.dec /tmp/sigtool5719/ssk2 /tmp/sigtool5719/tests.sh.enc
decrypt:
hdr-cksum: d92fe90314699aad7dae54fdc77e495202a8453d898b90b8bcd90dd2ade21f2b
salt: 35bd31151f2f4c0f5b807d3a05361727b78494250909ac163c3d2a2a86869f38
key: c9ae1b05628a6a2b32c12cfa228ef5db6adb22c7e4c4d2250f5abbe067f9a1e4
aes-key: 34e20fbd4e68bd4427630bbd76c07415db76750022148613a679e19dd18dbf04
./bin/linux-amd64/sigtool: decrypt: can't decrypt chunk 0: cipher: message authentication failed
+ die 'can'\''t decrypt with /tmp/sigtool5719/ssk2'
+ echo 'tests.sh: can'\''t decrypt with /tmp/sigtool5719/ssk2'
tests.sh: can't decrypt with /tmp/sigtool5719/ssk2
+ echo 'tests.sh: Test output in /tmp/sigtool5719 ..'
tests.sh: Test output in /tmp/sigtool5719 ..
+ exit 1
Very strange indeed. Could you try running the test binary compiled on other machine and run it on the HPZ400 like so:
on build machine
go test -c -o sig-test -ldflags "-s" ./sign
# copy binary to hp z400 and run
./sig-test -test.v
__
Hopefully all tests should pass ...
(Removed due to bad formatting)
Here you are:
root@blacky:~/sigtool-test# ./sig-test -test.v
=== RUN TestEncryptSimple
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 73: Assertion failed: decrypt fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSimple (0.01s)
=== RUN TestEncryptSmallSizes
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 125: Assertion failed: decrypt-1 fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSmallSizes (0.00s)
=== RUN TestEncryptCorrupted
--- PASS: TestEncryptCorrupted (0.07s)
=== RUN TestEncryptSenderVerified
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 228: Assertion failed: decrypt fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSenderVerified (0.00s)
=== RUN TestEncryptMultiReceiver
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 284: Assertion failed: decrypt 0 fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptMultiReceiver (0.00s)
=== RUN TestStreamIO
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 356: Assertion failed: streamread fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestStreamIO (0.00s)
=== RUN TestSmallSizeStreamIO
encrypt_test.go:393: small-size-stream: size 1, chunksize 8
utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 442: Assertion failed: streamread fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestSmallSizeStreamIO (0.00s)
=== RUN TestSignSimple
--- PASS: TestSignSimple (11.21s)
=== RUN TestSignRandBuf
--- PASS: TestSignRandBuf (0.03s)
FAIL
I'm using "sigtool" on various ubuntu 20.04 PCs. I'm using the same binary on all of them. Typically, it works OK. However, on a certain type of PC, encryption produces a file that cannot be decrypted. Decryption produces an error message like this:
Any idea?
I've added a test script below. I've made "mixed tests" as well, meaning encrypt a file on PC#A and decrypt it on PC#B. Outcome: Encryption doesn't work on the HP Z400 PCs.
Test Script
OK Output
KO Output
Observed on two older HP Z 400 PCs.