Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ecc encryption problems #1313

Closed
r10s opened this issue Feb 27, 2020 · 3 comments
Closed

ecc encryption problems #1313

r10s opened this issue Feb 27, 2020 · 3 comments
Labels

Comments

@r10s
Copy link
Member

@r10s r10s commented Feb 27, 2020

there was a problem with ecc keys reported in the "Testing Delta Chat" group on Delta Chat.

this issue blocks prevents releasing new android and ios versions as they're build using core 1.25 that uses ecc keys.

i try to summarize things here a bit (cc @link2xt @adbenitez @hpk42 )

@adbenitez reported the following issue, the ecc key was created using a fresh install, exported and then imported to an existing backup:

dc_receive_imf.rs:42: Receiving message INBOX/22639...
02-23 13:06:28.699 22634 22660 I DeltaChat: ThreadId(5) src/e2ee.rs:277: Detected Autocrypt-mime message
02-23 13:06:28.702 22634 22660 W DeltaChat: ThreadId(5) src/mimeparser.rs:137: decryption failed: PGP: Message("failed to decrypt session key")

it is reported that some random messages cause problems.

however, @hpk42 also got errors without the export/import roundtrip, just using a fresh installation that created an ecc key.

@link2xt

This comment has been minimized.

Copy link
Collaborator

@link2xt link2xt commented Mar 1, 2020

Bugfix for rPGP is at rpgp/rpgp#88

Waiting for it to be merged and uploaded to crates.io, then we need to update rPGP.

@r10s

This comment has been minimized.

Copy link
Member Author

@r10s r10s commented Mar 1, 2020

so, iiuc, all existing versions have errors when encrypting to ecc keys because of wrong padding calculcations on session keys with leading zeros.

@link2xt i agree to the suggestion you did in the chat that we should fix & merge the ecc bug and then revert to rsa keys for the next version (1.26) - otherwise, all new users will get unreadable messages because of not yet updated versions.

once the version that can encrypt to ecc keys is more spreaded, we can finally switch to rsa keys.

@r10s r10s unpinned this issue Mar 1, 2020
@r10s r10s added the bug label Mar 1, 2020
r10s added a commit that referenced this issue Mar 1, 2020
the currently released versions fail sometimes in encrypting to ecc keys,
see #1313, the issue is about to be fixed,
however, we should not generate ecc keys until the
fix is rolled out - otherwise new users will get encryption errors every some
messages if their counterpart is not yet using the most recent version.

we can start generating ecc keys a few weeks after the fix is rolled out.
@dignifiedquire

This comment has been minimized.

Copy link
Collaborator

@dignifiedquire dignifiedquire commented Mar 1, 2020

I have released a new version with the fix of rpgp

@link2xt link2xt closed this in #1321 Mar 1, 2020
link2xt added a commit that referenced this issue Mar 1, 2020
the currently released versions fail sometimes in encrypting to ecc keys,
see #1313, the issue is about to be fixed,
however, we should not generate ecc keys until the
fix is rolled out - otherwise new users will get encryption errors every some
messages if their counterpart is not yet using the most recent version.

we can start generating ecc keys a few weeks after the fix is rolled out.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

3 participants
You can’t perform that action at this time.