Open teythoon opened 5 years ago
I had some trouble with the provided data, but I was able to confirm this behavior.
$ gpg --output - --dearmor exachunks.asc | bzip2 -d | src/rnp/rnp --decrypt
[init_packet_sequence() /tmp/rnp/src/librepgp/stream-parse.cpp:2147] unexpected pkt 60
[rnp_process_file() /tmp/rnp/src/rnp/rnpcli.cpp:987] error 0x10000001
Yeah, currently AEAD works this way since it handles all sizes of chunks specified in RFC4880-bis, which may be too large to cache somewhere in memory. I know there is an ongoing discussion in RFC working group regarding AEAD chunk size, so probably good idea is to wait till it ends with some decision. While we can cache chunk of small size and output larger ones this will not be a 100% correct solution.
If you think that there is now way to safely implement AEAD as proposed in RFC4880-bis06, please speak up on the IETF mailing list, because your current position there is
You can say, MUST support 1K to 16K, SHOULD support up to 256K and MAY support larger sizes.
@ni4 Can I take this one or are there more prioritized?
@rrrooommmaaa As for me this one is a bit of lower priority and still requires some discussion on implementation logic. As for me the simplest and the most urgent one is #1103, then #1099, and if you like Windows stuff - very important but a way more time-consuming would be #997.
Description
First, rnp still lacks a way to responsibly disclose problems with their code.
Second, rnp processes unauthenticated partial chunks of AEAD encrypted data packets.
Steps to Reproduce
Import this key: https://gitlab.com/sequoia-pgp/sequoia/raw/master/openpgp/tests/data/keys/testy-private.pgp?inline=false
Dearmor this file:
Expected Behavior
rnp MUST NOT process unauthenticated data.
Actual Behavior
rnp processes unauthenticated data:
Note the "unexpected pkt 60". This changes with the "session key" I choose to "decrypt" the stream of zeros.
Impact
Processing unauthenticated data negates the security benefits of doing AEAD.
What you can do