Comments (2)
singpolyma
commented on August 14, 2024
Sorry for taking so long to look at this. I cannot really debug this without an example input. If you do not have an input you can share publicly, feel free to email me: [email protected]
Empty array should mean no valid RSA signatures found, normally
from openpgp-php.
chocorho
commented on August 14, 2024
I've been getting this same error recently, and I can provide examples of when it comes up.
Basically, this library appears to be failig to parse a message in certain cases -- I cannot diagnose each case, but it has most often occurred when there is a special character (*) in the plaintext, or when it contains numerical digits.
I have examples of signed messages that the above example script cannot verify, despite the fact that gpg can confirm that they are good signatures when invoked from a terminal. Here they are:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Can we use a random * character??
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEcPQJaXblXp1Pvae1JVhN3NNOK/cFAmI6t0UACgkQJVhN3NNO
K/eb8QwAy1BV1Gg9LeCfYVHY6KlC9TipNPupI8OXrGu+uQKeiahod4vaam8Ii4g/
TxgW9bPV28945eFhAt0z0/wH6YPN61lfwiji12gEkmr2eKb9hMlD2SUBNtJlutEZ
8wfu+fFIw6UElrY8BxGyWk4SJLEcv84xob+raJhD3DqRPzRuYk99ozVY37Uu3Axe
1/obSm4IwT8Gx5PcTbUKW816Me/6qSZJyFxyjIWDw4DU5PRkIYKWh8p7f5lXqR2p
v10BxypwHhrckLY7eTDoX+Ff9ub+Xz7HLVn/VyBgZtUJouSqqD6TNzKDWEsB9QWG
SYR+i3HemvvSEhWyHv3Ml+S7NIFCBsx/0Vv3SrfBquUMfkTPBL0IFh3Fc0/Z8sX5
JYcb3VXtSEiNj2+nEoAuLxbTwCmTJzk4ykSD8eQyB/V3WJfFNoGSd2WxMio+lDTZ
a2sILzlAHwBQgZQjStGt28hfRG/t8iYp7caPG7QEEsqRsJrtlxe7iyFkKOXl2VYn
oSZxclO2
=F0xj
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Why did this stuff * fail??
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEcPQJaXblXp1Pvae1JVhN3NNOK/cFAmI6t8QACgkQJVhN3NNO
K/dMyQv/X7zHNa/BlLIHqi2laQAPcUhdgJWfX6tmwfAiqx5tgy1t0H7bU/Lswjtb
hg6FSdSpf9VbI2ADd9vQsjfaDId/Z8F/9r8CG4f6k9d9Hxv7P/Kplgm+SolXbYYX
2Ycuvma0xi2r5hReNm7SNhF6J7BSaiuTAcqCeNwxUJe4r/qwPQyV70RGPCFF80M1
YLcWBWlwmyrmFpudqyGUyUJkSrc2SWgLwy80X40zyHfMy4u3id5bbjweAj49zRvj
m9eaB1ltBdLN7tRESCnrd0Uq2YaPQKCA4WgMnBO2jA32e6/xKAVNsICnRc/Z4NYj
sPuSS+4kP11jAwxELTJHDxYSHf8YOSf+Ul8Ybqz/it/8+bbEAGZntLZPmS/bouiL
YW1XO1EnK5rFLkWQsi6WtLDDnW+uwf6AquJ8OowtloMOtXatqgykhbSOvTQFeB2G
vm85ubmKTjwJ2lqi2+eFi0CbLrIIAmkpvntQpK2Mntl1ycDhpDzvGeCUs2zDab43
2brI3NLs
=WdfD
-----END PGP SIGNATURE-----
For the former message, the empty array is returned; but for the latter, I get a more extreme exception, with the following stacktrace:
PHP Fatal error: Uncaught Exception: Unsupported AsymmetricSessionKeyPacket version: 1 in /var/www/html/singpolyma-openpgp-php-9651038/lib/openpgp.php:630
Stack trace:
#0 /var/www/html/singpolyma-openpgp-php-9651038/lib/openpgp.php(455): OpenPGP_AsymmetricSessionKeyPacket->read()
#1 /var/www/html/singpolyma-openpgp-php-9651038/lib/openpgp.php(245): OpenPGP_Packet::parse()
#2 /var/www/html/singpolyma-openpgp-php-9651038/lib/openpgp.php(234): OpenPGP_Message::parse_string()
#3 /var/www/html/singpolyma-openpgp-php-9651038/examples/verify.php(19): OpenPGP_Message::parse()
#4 {main}
thrown in /var/www/html/singpolyma-openpgp-php-9651038/lib/openpgp.php on line 630
In case you'd like to test it yourself, my public key can be imported from my website.
Any help would be appreciated. Also, let me know if I should open a new Issue for this. I just wanted to post it here since the error appears to match this Issue exactly.
from openpgp-php.
Related Issues (20)
- Encryption HOT 1
- PHP8 and thoughts on minimum PHP version HOT 2
- New tagged release version HOT 3
- Cant decrypt on CLI HOT 1
- Encrypt stream or chunks
- Not an asymmetrically encrypted message when trying to decrypt
- Support for phpseclib3 HOT 4
- Bump version to php 7.3? HOT 1
- Generated public keys cannot be imported into Thunderbird OpenPGP Key Manager HOT 6
- Need help with decrypting a file HOT 1
- getCipher algo number 1 HOT 1
- Please implement a "sop" (Stateless OpenPGP Command Line) interface HOT 2
- Multiple recipients when should be single HOT 3
- Error: Ciphertext representative out of range HOT 1
- Does this work out-the-box with laravel? HOT 9
- OpenPGP_PublicSubkeyPacket in SubKey exemple? HOT 1
- Documentation? HOT 1
- Cannot decrypt messages encoded with GPG
- encrypt and sign HOT 1
- Linebreaks in clearsigned message seem to break signature HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openpgp-php.