Closed dkg closed 5 months ago
rnp claims that a GnuPG-generated armor checksum is invalid in a cleartext-signed message.
In particular, the error message is:
[armored_src_read() ./src/librepgp/stream-armor.cpp:424] Warning: missing or malformed CRC line [armored_src_read() ./src/librepgp/stream-armor.cpp:428] wrong armor trailer
I would have expected it to agree with GnuPG about the CRC line
Example below.
$ rnpkeys --export-key $PGPID -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNEDxk a2dAZGViaWFuLm9yZz7CwBEEExYKAHkDCwkHRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVv aWEtcGdwLm9yZ4l+Z3i19Uwjw3CfTNFCDjRsoufMoPOM7vM8HoOEdn/vAxUKCAKbAQIeARYhBNR3 BAxwwhVqXCmFSbt+kQFJXmv3BQJlp1+QBQkF2fBFAAoJELt+kQFJXmv36jAA/3dsXMSZPJSP6WaG ui3stJCDer3f0wep3pOVR3+I8+B8AQDud/dXn9Y9MOGxzYvVyA9VwA17jaP8pkVYq5Niye3TCs0X PGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD7CwBEEExYKAHkDCwkHRxQAAAAAAB4AIHNhbHRAbm90YXRp b25zLnNlcXVvaWEtcGdwLm9yZxLvwkgnslsAuo+IoSa9rv8+nXpbBdab2Ft7n4H9S+d/AxUKCAKb AQIeARYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3BQJlp1+QBQkF2fBFAAoJELt+kQFJXmv3I1cA/jjY 3RzO+KwGuhBIoqmj45abYmmcQlahWF54m+hG2QEZAQD550fKVvLwgZw1xyruuYzasBd2h++tTWjq qjBX6aYPBs0TRGFuaWVsIEthaG4gR2lsbG1vcsLAFAQTFgoAfAMLCQdHFAAAAAAAHgAgc2FsdEBu b3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jne1+E4IiDcJ84eI2q9D3/2+YYMRT54AhcSUpra/39GIkD FQoIApkBApsBAh4BFiEE1HcEDHDCFWpcKYVJu36RAUlea/cFAmWnX5AFCQXZ8EUACgkQu36RAUle a/eWOwEAiMogSItXWs9OPUAQn+/SGqi5r6LzBqN75p7zaPgG9qQBAPeXoy51vbPwqjoHOrYeSq4N +AQVIDM4xKLVnSG4vqUGzjMEZXEJyxYJKwYBBAHaRw8BAQdAjX25Fq2Q9IUFeHy6yByIQPBnFOed FliuEiCIUzJsENDCwMUEGBYKAS1HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Au b3JnwqKWsw56uoWVLIFcs7ZecJgwpsSNevWCzbviKQ8yRLUCmwK+oAQZFgoAbwWCZXEJywkQdy0W HjXNS4FHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEIJSOxuw2y/UJmg5 M3BLpN0JYjODZpXiEVFu1byARzMWIQR0vATEPYYIS+hnLAZ3LRYeNc1LgQAAsH8BAKg1C5LK/D7p SkXCD+jfTSP+CqM58iHLjh4vKhpOKsTJAQCHldtEjxJ1ksPTFgG9HihHH7qc6/wvvLw77ETMpwlr AxYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3BQJlp1+rBQkCF4lgAAoJELt+kQFJXmv3ydsA/2roQZ2J m/7iUrg/2C5ClWA/xbvPC31LyMkGGH2/rq8tAP9BgqLuCPnNTVPqeX9+9qqMmaFq7wmvjq5I+yyc Aw9CDc44BGVxCcsSCisGAQQBl1UBBQEBB0BZMsRrRaaeFSYMF1ZdfRmVgBriDUIr99eDQ085BK14 DgMBCAfCwAYEGBYKAG5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnsazA WXtEHUPmSTmcRZAIsAsNiO8k0hdjsfRlRVipgJgCmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wUC ZadfqwUJAheJYAAKCRC7fpEBSV5r90AjAPwLgY1iKiFJEj32SVD5f721929l79VxQB5FlQssx1n5 kQEA6Uct2tPvbB6T7p5KG3Gl+tbi7oJAuxFmpkpW5/N2Owg= =gaxS -----END PGP PUBLIC KEY BLOCK----- $ cat 0.signed -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 test -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQR0vATEPYYIS+hnLAZ3LRYeNc1LgQUCZiu5YwAKCRB3LRYeNc1L gT7ZAQCerr6oFMzanfgLEfH5phZ6Rpxb7e6GRi2XZTCGfsKItQEA9BTnJ4Jzjq00 URFjZryC0V6SR0YFFWaBDN6mI/yTHQY= =cpUs -----END PGP SIGNATURE----- $ rnp --verify 0.signed [armored_src_read() ./src/librepgp/stream-armor.cpp:424] Warning: missing or malformed CRC line [armored_src_read() ./src/librepgp/stream-armor.cpp:428] wrong armor trailer Good signature made Fri Apr 26 10:25:39 2024 using EdDSA key 772d161e35cd4b81 sub 255/EdDSA 772d161e35cd4b81 2023-12-06 [S] [EXPIRES 2025-01-16] 74bc04c43d86084be8672c06772d161e35cd4b81 Signature(s) verified successfully $ $ rnp --version rnp 0.17.0-3 Ribose Inc. <rnpgp@ribose.com> Backend: Botan Backend version: 2.19.4 Supported algorithms: Public key: RSA, ELGAMAL, DSA, ECDH, ECDSA, EDDSA, SM2 Encryption: IDEA, TRIPLEDES, CAST5, BLOWFISH, AES128, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256, SM4 AEAD: None, EAX, OCB Key protection: CFB Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224, SHA3-256, SHA3-512, SM3 Compression: Uncompressed, ZIP, ZLIB, BZip2 Curves: NIST P-256, NIST P-384, NIST P-521, Ed25519, Curve25519, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp256k1, SM2 P-256 Please report security issues at (https://www.rnpgp.org/feedback) and general bugs at https://github.com/rnpgp/rnp/issues. $
Thanks for reporting! This is fixed in main via the commit 96e5c9d99ead2600e9595d8168a18024e7d871be , however didn't get to v0.17.1 branch yet, so I added it there as well.
rnp claims that a GnuPG-generated armor checksum is invalid in a cleartext-signed message.
In particular, the error message is:
I would have expected it to agree with GnuPG about the CRC line
Example below.