search

ueno / ruby-gpgme

a ruby interface to GnuPG Made Easy (GPGME).
GNU Lesser General Public License v2.1
232 stars 99 forks source link

GPGME::Error::DecryptFailed presumably for message without integrity protection #141

Closed charger closed 10 months ago

charger commented 3 years ago

When I tried to decrypt a message from an external service I got GPGME::Error::DecryptFailed. This error can mean "cipher was encrypted for a key that's not available currently" but this is not the case, because other messages with the same recipient are decrypted, so the private key is not the cause. There is a code to reproduce:

crypto = GPGME::Crypto.new
crypto.decrypt(Base64.urlsafe_decode64('hQGMA_I9BkjDoykHAQwAsMAsYoGjMHF2p14Jwv-pwsEDpsnzHZU3NgGl2pQ2ugwhP-j7XbLcQAGBDevYDRc8Mz3Kj9FoMFWEyWY4me1NqIUp6LYJ5sCVYA3f8xidf0ulsqeUN64i3IgKCWVs_m5wadpCMLAauR0gqctHJWqHVpg-v_gNEzw_3saHLGnyDzA5Lvu8c5qrn0dZcfpIzv91e4Z9iWX_0_6EZWTTiNedHGGBixYui24Wj1B_gq7yCYn8EByQfniTVzp17bykEkB-FdyIQ6MLFxecUS0MwPYgLks4En0X5oV8BMCZekBQUkbSK1_sP7c-t_F43mOunZ_oUqVNJ8mGTpNeL7tVUY-vhflSd12fysqbzs6riMzw4MpKd-6mPRVzFD_J1gRr6X1TI-RW4FAHtHW_ScLN_Ilr5Msn1D4WJO8zyhZ-7kecQb_YKdhbKAHfv8jTGFpnyhIu0LfC0FRlJyZ5WgLzu5Odus_Sj4jYGs4HA1FN898BpNFMO8oQu8Idn9n1SSiiERN4ycDVFPkoqnKe59YmDJAfqcg7BRcbnfMPaTP6BeMlDaxXr2CRQSi-5yXxsV6ZENGUhRw3ZWlHN02sW8ZtXygHRXIy_vTED2f-dZJaTnMPwe7IfyojAT7meWBylTZFLre8KA8IRAfsC8zxjBarrAWtdT7SRDpkd6c84ZcP4Mah9H0bMpYTGs65yW0sksQk-h2wG6UjfXL_pry65o8HiDCTVDfy7Gk9y56LL1j_v-vkgYyaikRmoCkjEaZuqakmyzNBsGvJa3Yhgt-94hT4hTnSg-5gDfGagR1e-6goHim9V-UM8sEY4vYFa3fwIOnV-c3fNIzU1kKrw6Y9_LYy0lm0kSD0zSuVp1MgZUxo6WY6fz5dcFbuBZrzIgL4T2isdnKM4mJgi5gFaLXQKOFkiN2I0o1LAiyGxNcGGp8902e8pjRQ6CLH9CLWO12erv9B69iuL9zM4NggQ-kPWMwztDACRv3xXm083WVtusHuQFyTV5tFcI-amQ3mm203fzDF6TEEHyCUDMsXLeG34yb-JwkbVyKMnVjmvxmt'))
=>  #<GPGME::Crypto:0x000055dfdeefb578 @default_options={}>
Traceback (most recent call last):
        1: from (irb):31
GPGME::Error::DecryptFailed (GPGME::Error::DecryptFailed)

The private key which can decrypt this message (created especially for this issue) in this gist

Then I saved it to a file:

File.open("/tmp/message.pgp", "wb") do |f|
  f.write(Base64.urlsafe_decode64('hQGMA_I9BkjDoykHAQwAsMAsYoGjMHF2p14Jwv-pwsEDpsnzHZU3NgGl2pQ2ugwhP-j7XbLcQAGBDevYDRc8Mz3Kj9FoMFWEyWY4me1NqIUp6LYJ5sCVYA3f8xidf0ulsqeUN64i3IgKCWVs_m5wadpCMLAauR0gqctHJWqHVpg-v_gNEzw_3saHLGnyDzA5Lvu8c5qrn0dZcfpIzv91e4Z9iWX_0_6EZWTTiNedHGGBixYui24Wj1B_gq7yCYn8EByQfniTVzp17bykEkB-FdyIQ6MLFxecUS0MwPYgLks4En0X5oV8BMCZekBQUkbSK1_sP7c-t_F43mOunZ_oUqVNJ8mGTpNeL7tVUY-vhflSd12fysqbzs6riMzw4MpKd-6mPRVzFD_J1gRr6X1TI-RW4FAHtHW_ScLN_Ilr5Msn1D4WJO8zyhZ-7kecQb_YKdhbKAHfv8jTGFpnyhIu0LfC0FRlJyZ5WgLzu5Odus_Sj4jYGs4HA1FN898BpNFMO8oQu8Idn9n1SSiiERN4ycDVFPkoqnKe59YmDJAfqcg7BRcbnfMPaTP6BeMlDaxXr2CRQSi-5yXxsV6ZENGUhRw3ZWlHN02sW8ZtXygHRXIy_vTED2f-dZJaTnMPwe7IfyojAT7meWBylTZFLre8KA8IRAfsC8zxjBarrAWtdT7SRDpkd6c84ZcP4Mah9H0bMpYTGs65yW0sksQk-h2wG6UjfXL_pry65o8HiDCTVDfy7Gk9y56LL1j_v-vkgYyaikRmoCkjEaZuqakmyzNBsGvJa3Yhgt-94hT4hTnSg-5gDfGagR1e-6goHim9V-UM8sEY4vYFa3fwIOnV-c3fNIzU1kKrw6Y9_LYy0lm0kSD0zSuVp1MgZUxo6WY6fz5dcFbuBZrzIgL4T2isdnKM4mJgi5gFaLXQKOFkiN2I0o1LAiyGxNcGGp8902e8pjRQ6CLH9CLWO12erv9B69iuL9zM4NggQ-kPWMwztDACRv3xXm083WVtusHuQFyTV5tFcI-amQ3mm203fzDF6TEEHyCUDMsXLeG34yb-JwkbVyKMnVjmvxmt'))
end

and tried to decrypt using gpg:

$ gpg -d /tmp/message.pgp

gpg: WARNING: cipher algorithm CAST5 not found in recipient preferences
gpg: encrypted with 3072-bit RSA key, ID F23D0648C3A32907, created 2021-03-04
      "Test for ruby-gpgme issue <test@test.com>"
gpg: Note: sender requested "for-your-eyes-only"
{"message":"hello"}gpg: Signature made Thu 04 Mar 2021 09:39:17 PM EET
gpg: WARNING: message was not integrity protected
gpg: Hint: If this message was created before the year 2003 it is
     likely that this message is legitimate.  This is because back
     then integrity protection was not widely used.
gpg: Use the option '--ignore-mdc-error' to decrypt anyway.
gpg: decryption forced to fail!

So gpg gives warnings about the absence of MDC (Modification Detection Code). And I can decrypt the message with --ignore-mdc-error flag, so I'm sure that exactly MDC prevents me from decrypting with GPGME. Can anyone help me to figure out how to ignore the MDC error using GPGME?

gpg version 2.2.19 (Ubuntu). but 2.2.27 has the same behavior.

alnpetil commented 3 years ago

@charger we're having the same issue here. Did you find any workaround?

charger commented 3 years ago

@alnpetil the only workaround I found is saving to temp file and call system "gpg" and reading result from second file.

whithajess commented 3 years ago

@alnpetil and @charger you can add ignore-mdc-error to your ~/.gnupg/gpg.conf and this library will continue to work - Its not great from a security perspective but sometimes you can't get a third party service to fix this on their end.

tong-tz commented 2 years ago

Same issue here, can gpgme provide an addtional option param to let us pass in this flag instead?