The complete stack trace for the error can be found by clicking on this link. For reference, the GUI instructions for encryption by the remote Thunderbird sender are summarized in the following screen shot:. I have read many postings and links about this. In particular, this other SO posting looks similar , but is different.
However, I need actual working code to study in order to understand this. Most people who find this via google searches will also need working code to illustrate the examples. For reference, the SignedFileProcessor.
How should this be customized to fix the problems in the code above? The SignedFileProcessor. This may be due to a version difference. Also, PGPUtils. If I interpret JRichardSnape's comments correctly, this means that the verifyFile method might best be called upstream to confirm the signature of the incoming file using the sender's public key, and then, if the signature on the file is verified, using another method to decrypt the file using the recipient's private key.
Is this correct? If so, how do I restructure the code to accomplish this? It just means that content has been signed and then encrypted, the routine provided does not know how to deal with it, but at least tells you that. PGP protocol presents as a series of packets some of which can be wrapped in other ones for example compressed data can also wrap signed data or simply literal data, these can be used to generate encrypted data as well, actual content always appears in literal data.
If you look at the verifyFile method in the SignedFileProcessor in the Bouncy Castle OpenPGP examples package you will see how to handle the signature data and get to the literal data containing the actual content. I would also recommend looking at RFC so you have some idea of how the protocol works. The protocol is very loose and both GPG, BC, and the variety of products out there reflect this - that said the looseness does mean that if you try and cut and paste your way to a solution you'll end up with a disaster.
It's not complicated, but understanding is required here as well. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Asked 6 years, 11 months ago. Active 2 years, 3 months ago. Viewed 18k times. PGPException: Encrypted message contains a signed message - not literal data.
For reference, the GUI instructions for encryption by the remote Thunderbird sender are summarized in the following screen shot: I have read many postings and links about this. There doesn't seem to be many BouncyCastle OpenPGP examples around, but this blog entry looks rather complete although I'd still sign first and encrypt afterwards.
Compression is also taken into account. I have no experience with the Bouncy Castle API but I'll try to put things straight crypto-wise and it may help you find your way since you mention you're a crypto newbie :. Then you encrypt the key of the previous step using a non-symmetric algorithm e. RSA and the recipient's public key. You send your symmetrically encrypted messages along your non-symmetrically encrypted key to your recipient.
He uses the same non-symmetric algorithm and his private key to decrypt the key that will give him access to the symmetrically encrypted message. Q2: Only the sender signs his message using his own private key. Q3: This has nothing to do with the crypto API; find a library that will compress your messages and use it before you apply cryptography.
I am using the BouncyCastle 1. It is indeed quite a chore to figure out what's going on; but I had a stab at it recently. Caveat emptor, as all I can say is that "it works for me TM ". Please look at the encrypt method to see some code to accomplish this. I also use the "anonymous recipient" header, which prevents someone who can see the data from identifying the recipient's public-key id even if they cannot decrypt it.
This may or may not be relevant for you, but with this mechanism, you should also use the appropriate decrypt method which tries all available keys. Some theories on why this is needed. See key generation code for some options. This can be released to invalidate previously exchanged public keys. Their message format and cryptographic code is well-vetted. Using an existing cryptographic format and code is more reliable doing it yourself with BouncyCastle, as it'll save you from details that otherwise you might screw up.
That should make solving your problem pretty easy. Sign up to join this community. The best answers are voted up and rise to the top.
Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more. Bouncy Castle - document signed by sender and only readable by receiver?
Ask Question. Asked 9 years, 7 months ago. Active 9 years, 7 months ago. I've found that Java resources are also useful. The example can be found in the source under cryptotestsrcopenpgpexamplesPbeFileProcessor.
Here cipherText consists of two parts, the encrypted message and the authentication tag. The additional authenticated data , i. It is immediately apparent that the orders of the individual components in the two codes are different.
This means that a message encrypted in the C -code cannot be decrypted in the PHP-code and vice versa. For this to be possible, the order in the PHP-code must be changed as follows:.
The order as well the consideration of the additional authenticated data must be adapted both in the encryption part and in the decryption part. For compatibility, a uniform IV length must be used in both codes! If you look at the documentation section of Bouncy Castle's site, they say to " If you look inside the jar file from Bouncy Castle you will see under the org.
Here you are passing original data to decrypt.
0コメント