Sign/encrypt user interaction loop with YubiKey

[M66B]

When using the API ACTION_SIGN_AND_ENCRYPT with a Yubikey it keeps returning a pending intent to scan a Yubikey (and possibly other keys).

Expected Behavior

One or maybe two NFC scans only

Current Behavior

Repeating user interaction to scan Yubikey

Possible Solution

The problem seems to occur here:
https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java#L578

Steps to Reproduce (for bugs)

1. Generate/store key
2. Call ACTION_SIGN_AND_ENCRYPT
3. Scan Yubikey

Context

I am trying to make sign and encrypt working with a Yubikey for FairEmail:
https://github.com/M66B/FairEmail/blob/master/app/src/main/java/eu/faircode/email/FragmentCompose.java#L1689

Sign and encrypt without Yubikey works properly.

Your Environment

• Android Version: 10
• Device Model: Pixel 3a
• OpenKeychain Version: master
• From Google Play or F-Droid?: both + self built

[M66B]

Logcat of the loop

11-08 14:06:55.113 26229 26350 I fairemail: Executing org.openintents.openpgp.action.GET_KEY_IDS
11-08 14:06:55.113 26229 26350 I fairemail: user_ids=marcel@faircode.eu (String[])
11-08 14:06:55.113 26229 26350 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.154 26229 26350 I fairemail: Result action=org.openintents.openpgp.action.GET_KEY_IDS code=1
11-08 14:06:55.154 26229 26350 I fairemail: api_version=11 (Integer)
11-08 14:06:55.154 26229 26350 I fairemail: user_ids=marcel@faircode.eu (String[])
11-08 14:06:55.154 26229 26350 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.155 26229 26350 I fairemail: Keys=1
11-08 14:06:55.155 26229 26229 I fairemail: Result= Intent { act=org.openintents.openpgp.action.GET_KEY (has extras) }

11-08 14:06:55.165 26229 26364 I fairemail: Executing org.openintents.openpgp.action.GET_KEY
11-08 14:06:55.165 26229 26364 I fairemail: key_id=0x6f856659f6897587 (Long)
11-08 14:06:55.165 26229 26364 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.165 26229 26364 I fairemail: ascii_armor=true (Boolean)
11-08 14:06:55.213 26229 26364 I fairemail: Result action=org.openintents.openpgp.action.GET_KEY code=1
11-08 14:06:55.213 26229 26364 I fairemail: key_id=0x6f856659f6897587 (Long)
11-08 14:06:55.213 26229 26364 I fairemail: api_version=11 (Integer)
11-08 14:06:55.213 26229 26364 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.213 26229 26364 I fairemail: ascii_armor=true (Boolean)
11-08 14:06:55.217 26229 26229 I fairemail: Result= Intent { act=org.openintents.openpgp.action.SIGN_AND_ENCRYPT (has extras) }

11-08 14:06:55.229 26229 26365 I fairemail: Executing org.openintents.openpgp.action.SIGN_AND_ENCRYPT
11-08 14:06:55.229 26229 26365 I fairemail: sign_key_id=0x6f856659f6897587 (Long)
11-08 14:06:55.229 26229 26365 I fairemail: key_ids=0x6f856659f6897587 (long[])
11-08 14:06:55.229 26229 26365 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.229 26229 26365 I fairemail: ascii_armor=true (Boolean)
11-08 14:06:55.303 26229 26365 I fairemail: Result action=org.openintents.openpgp.action.SIGN_AND_ENCRYPT code=2
11-08 14:06:55.304 26229 26365 I fairemail: api_version=11 (Integer)
11-08 14:06:55.304 26229 26365 I fairemail: sign_key_id=0x6f856659f6897587 (Long)
11-08 14:06:55.304 26229 26365 I fairemail: key_ids=0x6f856659f6897587 (long[])
11-08 14:06:55.304 26229 26365 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:55.304 26229 26365 I fairemail: ascii_armor=true (Boolean)
11-08 14:06:55.304 26229 26229 I fairemail: Result= PendingIntent{68f8151: android.os.BinderProxy@a26edb6}

11-08 14:06:58.208 27133 27133 I fairemail: start Intent { act=org.sufficientlysecure.keychain.action.ADD cmp=org.sufficientlysecure.keychain.debug/org.sufficientlysecure.keychain.remote.CryptoInputParcelCacheService (has extras) }

11-08 14:06:58.941 26229 26229 I fairemail: Result class=FragmentCompose action=org.openintents.openpgp.action.SIGN_AND_ENCRYPT request=8 result=-1
11-08 14:06:58.941 26229 26229 I fairemail: api_version=11 (Integer)
11-08 14:06:58.941 26229 26229 I fairemail: sign_key_id=0x6f856659f6897587 (Long)
11-08 14:06:58.941 26229 26229 I fairemail: key_ids=0x6f856659f6897587 (long[])
11-08 14:06:58.941 26229 26229 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:58.941 26229 26229 I fairemail: call_uuid1=0x9f26298e401f4047 (Long)
11-08 14:06:58.941 26229 26229 I fairemail: call_uuid2=0x98b73628785322bd (Long)
11-08 14:06:58.941 26229 26229 I fairemail: ascii_armor=true (Boolean)

11-08 14:06:58.966 26229 26368 I fairemail: Executing org.openintents.openpgp.action.SIGN_AND_ENCRYPT
11-08 14:06:58.966 26229 26368 I fairemail: api_version=11 (Integer)
11-08 14:06:58.966 26229 26368 I fairemail: sign_key_id=0x6f856659f6897587 (Long)
11-08 14:06:58.966 26229 26368 I fairemail: key_ids=0x6f856659f6897587 (long[])
11-08 14:06:58.966 26229 26368 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:58.966 26229 26368 I fairemail: call_uuid1=0x9f26298e401f4047 (Long)
11-08 14:06:58.966 26229 26368 I fairemail: call_uuid2=0x98b73628785322bd (Long)
11-08 14:06:58.966 26229 26368 I fairemail: ascii_armor=true (Boolean)

11-08 14:06:58.983 27133 27133 I fairemail: start Intent { act=org.sufficientlysecure.keychain.action.GET cmp=org.sufficientlysecure.keychain.debug/org.sufficientlysecure.keychain.remote.CryptoInputParcelCacheService (has extras) }

11-08 14:06:59.025 26229 26368 I fairemail: Result action=org.openintents.openpgp.action.SIGN_AND_ENCRYPT code=2
11-08 14:06:59.025 26229 26368 I fairemail: api_version=11 (Integer)
11-08 14:06:59.025 26229 26368 I fairemail: sign_key_id=0x6f856659f6897587 (Long)
11-08 14:06:59.025 26229 26368 I fairemail: key_ids=0x6f856659f6897587 (long[])
11-08 14:06:59.025 26229 26368 I fairemail: eu.faircode.email=0x2019 (Long)
11-08 14:06:59.025 26229 26368 I fairemail: call_uuid1=0x9f26298e401f4047 (Long)
11-08 14:06:59.025 26229 26368 I fairemail: call_uuid2=0x98b73628785322bd (Long)
11-08 14:06:59.025 26229 26368 I fairemail: ascii_armor=true (Boolean)
11-08 14:06:59.025 26229 26229 I fairemail: Result= PendingIntent{58ab3a4: android.os.BinderProxy@3a2a50d}

11-08 14:07:02.505 27133 27133 I fairemail: start Intent { act=org.sufficientlysecure.keychain.action.ADD cmp=org.sufficientlysecure.keychain.debug/org.sufficientlysecure.keychain.remote.CryptoInputParcelCacheService (has extras) }

Note that CryptoInputParcelCacheService was modified to write some logging and that removing cache entries was disabled (because I suspected there was something wrong with caching).

@dschuermann @Valodim can you please take a look?

[M66B]

Getting the signature repeatedly fails:

sigValues = PGPUtil.dsaSigToMpi(contentSigner.getSignature());

Bounce Castle throws the exception:

11-13 12:33:19.391 30705 30724 W System.err: org.bouncycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder$NfcInteractionNeeded: NFC interaction required!
11-13 12:33:19.391 30705 30724 W System.err:    at org.bouncycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder$1.getSignature(NfcSyncPGPContentSignerBuilder.java:135)
11-13 12:33:19.391 30705 30724 W System.err:    at org.bouncycastle.openpgp.PGPSignatureGenerator.generate(PGPSignatureGenerator.java:277)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation.executeInternal(PgpSignEncryptOperation.java:579)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation.execute(PgpSignEncryptOperation.java:168)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.remote.OpenPgpService.encryptAndSignImpl(OpenPgpService.java:299)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.remote.OpenPgpService.executeInternalWithStreams(OpenPgpService.java:1074)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.remote.OpenPgpService.executeInternal(OpenPgpService.java:1006)
11-13 12:33:19.391 30705 30724 W System.err:    at org.sufficientlysecure.keychain.remote.OpenPgpService2$1.execute(OpenPgpService2.java:61)
11-13 12:33:19.392 30705 30724 W System.err:    at org.openintents.openpgp.IOpenPgpService2$Stub.onTransact(IOpenPgpService2.java:80)
11-13 12:33:19.392 30705 30724 W System.err:    at android.os.Binder.execTransactInternal(Binder.java:1021)
11-13 12:33:19.392 30705 30724 W System.err:    at android.os.Binder.execTransact(Binder.java:994)

[M66B]

The same problem was reported with a Nitrokey.

[dnlmlr]

I can also confirm this with my yubikey 5 nfc.

[VasiliyArkhipov]

I can also confirm this with my yubikey 5 nfc.

Same issue here with Yubikey 5 NFC.

[M66B]

Explanation: the mime message was serialized again on user interaction. However, serializing messages is not reproducible, causing signing to fail.

Too bad that the error message was not clear :-(