Skip to content

Implement MDC-using encryption #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 12, 2015
Merged

Implement MDC-using encryption #20

merged 1 commit into from
Dec 12, 2015

Conversation

@singpolyma
Copy link
Contributor

@singpolyma singpolyma commented Dec 9, 2015

In response to singpolyma/openpgp-php#17
In an attempt to close #18

Code based on https://github.com/singpolyma/openpgp-php

@singpolyma singpolyma mentioned this pull request Dec 9, 2015
Closed
@DanielRuf
Copy link
Collaborator

DanielRuf commented Dec 9, 2015

Awesome, thanks. Much appreciated. Will test it tomorrow and merge it then.

@jasonhinkle please check if none of the unittests are broken.

@DanielRuf
Copy link
Collaborator

DanielRuf commented Dec 10, 2015

It does not work here, gpg --list-packets says the file was manipulated:

gpg: Warnung: Verschlüsselte Botschaft ist manipuliert worden!

Encrypted TESTMESSAGETEXT and got this result:

:encrypted data packet:
        length: 81
        mdc_method: 2
:literal data packet:
        mode t (74), created 0, name="file",
        raw data: 15 bytes
:mdc packet: length=20
gpg: Warnung: Verschlüsselte Botschaft ist manipuliert worden!

@singpolyma
Copy link
Contributor Author

singpolyma commented Dec 10, 2015

@DanielRuf Ah yes, there was a bug in the padding handling because of the resync change. Fixed now.

@DanielRuf
Copy link
Collaborator

DanielRuf commented Dec 10, 2015

👍 great, works here now =)

@jasonhinkle please test on your side. We have to add this also to the dev branch. Should we increment the version to 1.6.0?

@jasonhinkle
Copy link
Owner

jasonhinkle commented Dec 11, 2015

Hey @DanielRuf , I don't have a client to test this with - is it possible to write a unit test to verify that it works?

@DanielRuf
Copy link
Collaborator

DanielRuf commented Dec 11, 2015

is it possible to write a unit test to verify that it works?

Probably not yet until we have decryption implemented as we have to decrypt, then use the length from the MDC packet and use it to get the prefix and the SHA-1 hash. With this and the decrypted cleartext message we can check if it is correct (hash the cleartext and the prefix and check it with the hash from the decrypted message).

This would be the right way.

DanielRuf added a commit that referenced this pull request Dec 12, 2015
@DanielRuf
Merge pull request #20 from singpolyma/mdc-implementation
5afe910 
Implement MDC-using encryption
@DanielRuf DanielRuf merged commit 5afe910 into jasonhinkle:master Dec 12, 2015
DanielRuf added a commit that referenced this pull request Dec 12, 2015
@DanielRuf
[dev] Implement MDC-using encryption
3cf1a5e 
see #20
DanielRuf added a commit that referenced this pull request Dec 12, 2015
@DanielRuf
[dev] php-gpg 1.6.0
3a7bdc1 
implemented MDC, see #20
thanks and credits go to @singpolyma
DanielRuf added a commit that referenced this pull request Dec 12, 2015
@DanielRuf
php-gpg 1.6.0
2d65c83 
implemented MDC, see #20
thanks and credits go to @singpolyma
@singpolyma singpolyma deleted the mdc-implementation branch December 12, 2015 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Generate MDC packets for better integrity protection

3 participants

@singpolyma @DanielRuf @jasonhinkle