Encryption does not work on certain PCs (older HP Z400)

[uli-heller]

I'm using "sigtool" on various ubuntu 20.04 PCs. I'm using the same binary on all of them. Typically, it works OK.
However, on a certain type of PC, encryption produces a file that cannot be decrypted. Decryption produces an error
message like this:

sigtool: decrypt: can't decrypt chunk 0: cipher: message authentication failed

Any idea?

I've added a test script below. I've made "mixed tests" as well, meaning encrypt a file on
PC#A and decrypt it on PC#B. Outcome: Encryption doesn't work on the HP Z400 PCs.

Number|Encryption|Decryption|Decryption Status
------|----------|----------|---------------------------
1     |AnyPC     |AnyPC     |OK    
2     |AnyPC     |HP Z400   |OK    
3     |HP Z400   |AnyPC     |KO    
4     |HP Z400   |HP Z400   |KO    

Test Script

#!/bin/sh

#set -x
D="$(dirname "$0")"
D="$(cd "${D}" && pwd)"

SIGTOOL="${D}/sigtool"
test -x "${SIGTOOL}" || SIGTOOL="${D}/bin/linux-amd64/sigtool"
test -x "${SIGTOOL}" || { echo >&2 "Kann 'sigtool' nicht finden!"; exit 1; }

TMPDIR="${D}/tmp-$(openssl rand -hex 20)"
mkdir "${TMPDIR}"

HOME="${TMPDIR}/home"
export HOME
install -d -m 700 "${HOME}"
install -d -m 700 "${HOME}/.ssh"


echo $HOME
echo ~
ssh-keygen -t ed25519 -f "${HOME}/.ssh/id_ed25519" -P ""

SSH_KEY=id_ed25519
echo UliWarDa >"${TMPDIR}/clear"
"${SIGTOOL}" encrypt "$HOME/.ssh/${SSH_KEY}.pub" -o "${TMPDIR}/encrypted" "${TMPDIR}/clear"
"${SIGTOOL}" decrypt "$HOME/.ssh/${SSH_KEY}" -o "${TMPDIR}/clear-2" "${TMPDIR}/encrypted"
test "UliWarDa" != "$(cat "${TMPDIR}/clear-2")" && {
    echo >&2 "Ver- und Entschlüsseln klappt nicht!"
    rm -rf "${TMPDIR}"
    exit 1
}

rm -rf "${TMPDIR}"

OK Output

$ ./tests-uli.sh 
/home/uli/git/forked/sigtool/tmp-19cb2ef3d7d3bb9979b22d5ef77ad23a962a9252/home
/home/uli/git/forked/sigtool/tmp-19cb2ef3d7d3bb9979b22d5ef77ad23a962a9252/home
Generating public/private ed25519 key pair.
Your identification has been saved in /home/uli/git/forked/sigtool/tmp-19cb2ef3d7d3bb9979b22d5ef77ad23a962a9252/home/.ssh/id_ed25519
Your public key has been saved in /home/uli/git/forked/sigtool/tmp-19cb2ef3d7d3bb9979b22d5ef77ad23a962a9252/home/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:bfVPpMQTqAPPP1jyeUDfSw7fdNAOL+QkdqSTvgTNn40 uli@ulicsl
The key's randomart image is:
+--[ED25519 256]--+
|             oo. |
|        .  o=+*..|
|         +.+BB+*.|
|         .*+o*+O*|
|        S oBooEo*|
|         ...=..*.|
|            .o  .|
|                 |
|                 |
+----[SHA256]-----+

KO Output

Observed on two older HP Z 400 PCs.

$ ./tests-uli.sh 
/tmp/sigtool/tmp-ddad7146f72a9ff2aa31a518f5d04fa9539a096e/home
/tmp/sigtool/tmp-ddad7146f72a9ff2aa31a518f5d04fa9539a096e/home
Generating public/private ed25519 key pair.
Your identification has been saved in /tmp/sigtool/tmp-ddad7146f72a9ff2aa31a518f5d04fa9539a096e/home/.ssh/id_ed25519
Your public key has been saved in /tmp/sigtool/tmp-ddad7146f72a9ff2aa31a518f5d04fa9539a096e/home/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:uZDrR+GaWNnDDsRJ9VXehcfwdr/nd3mx1P20ei5cxts agutjahr@agutjahr-z400
The key's randomart image is:
+--[ED25519 256]--+
|       ..   ..o+.|
|      .  . . ..o+|
|     o .  .   ..=|
|      +...     .o|
|     .o=S.    . +|
|      +o*.     *=|
|     o.*..  . +oX|
|    ..o o    o BE|
|      ..     .=.=|
+----[SHA256]-----+
/tmp/sigtool/bin/linux-amd64/sigtool: decrypt: can't decrypt chunk 0: cipher: message authentication failed
Ver- und Entschlüsseln klappt nicht!

[opencoff]

Unfortunately, I don't have access to that exact machine.

Please update to latest main branch code (also tagged v2.1.2) and try:

1. make test
2. ./tests.sh

Try the above on the HPZ400 that fails. Is it possible that the HP Z400 has faulty RAM? eg you can run memtest86 on that box to verify that hypothesis.

At this point, from the logs above - I can't find an obvious fault in the program..

[uli-heller]

Good morning, thx for looking into this. I do have 4 of these HP-Z400 machines. I've observed the misbehavior on two of them, for the other two, I didn't check so far. I doubt that the bug is caused by faulty ram. Executing the tests on the HP-Z400 machines is a bit tricky, since I don't have devtools and go available on them. What I've done: - Checking out version 2.1.2 - Building it on my local machine - Copying it to the 3rd HP-Z400 (including the compiled binaries) - Modifying `tests.sh` a little bit - Execute `tests.sh` on the machine It leads to this output: ``` ***@***.***:~/sigtool$ ./tests.sh ./bin/linux-amd64/sigtool: decrypt: can't decrypt chunk 0: cipher: message authentication failed tests.sh: can't decrypt with /tmp/sigtool17078/ssk2 tests.sh: Test output in /tmp/sigtool17078 .. ``` So same error as on the other two HP-Z400. Here the DIFF for tests.sh: #9 ```diff diff --git a/tests.sh b/tests.sh index 4184a46..3d180cc 100755 --- a/tests.sh +++ b/tests.sh @@ -2,9 +2,11 @@ # simple round-trip tests to verify the tool - -arch=`./build --print-arch` -bin=./bin/$arch/sigtool +bin="`for sigtool in ./bin/*/sigtool; do test -x "${sigtool}" && { "${sigtool}" -h >/dev/null 2>&1 && { echo "${sigtool}"; exit 0; }; }; done`" +test -z "${bin}" && { + arch=`./build --print-arch` + bin=./bin/$arch/sigtool +} Z=`basename $0` # workdir ``` Am 2022-06-05 22:51, schrieb Sudhi Herle:

Unfortunately, I don't have access to that exact machine. Please update to latest main branch code (also tagged v2.1.2) and try: * make test * ./tests.sh Try the above on the HPZ400 that fails. Is it possible that the HP Z400 has faulty RAM? eg you can run memtest86 on that box to verify that hypothesis. At this point, from the logs above - I can't find an obvious fault in the program.. -- Reply to this email directly, view it on GitHub [1], or unsubscribe [2]. You are receiving this because you authored the thread.Message ID: ***@***.***>

Links: ------ [1] #8 (comment) [2] https://github.com/notifications/unsubscribe-auth/AAMZQZQRHGFOI6EC6KREGSTVNUHMRANCNFSM5X4ZRZDA

[opencoff]

I have created a new branch - "debug-hpz400"; the code here has a global debug option:

sigtool --debug encrypt ....
sigtool --debug decrypt ...

This debug flag prints several key derivation data to stderr.

please checkout the head of that branch:

git clone -b debug-hpz400 https://github.com/opencoff/sigtool sigtool-debug

Build it as before and re-run your tests but with one change:

Add "--debug" to the global sigtool flags.

We should expect to see the same set of keys derived on the encryptor and decryptor machines. If they don't match - that is one reason why decrypt on hpz400 fails..

Thanks,

[uli-heller]

I am on vacation at the moment, so it will take me two weeks or three to do this. Thx for your help -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. Am 17. Juni 2022 17:24:49 MESZ schrieb Sudhi Herle ***@***.***>:

…

I have created a new branch - "debug-hpz400"; the code here has a global debug option: sigtool --debug encrypt .... sigtool --debug decrypt ... This debug flag prints several key derivation data to *stderr*. please checkout the head of that branch: git clone -b debug-hpz400 https://github.com/opencoff/sigtool sigtool-debug Build it as before and re-run your tests but with one change: Add "--debug" to the global sigtool flags. We should expect to see the same set of keys derived on the encryptor and decryptor machines. If they don't match - that is one reason why decrypt on hpz400 fails.. Thanks, -- Reply to this email directly or view it on GitHub: #8 (comment) You are receiving this because you commented. Message ID: ***@***.***>

[uli-heller]

I'm back. The output looks OK to me:

...
+ ./bin/linux-amd64/sigtool s --no-password /tmp/sigtool5719/ssk1 -o /tmp/sigtool5719/tests.sh.sig ./tests.sh
+ ./bin/linux-amd64/sigtool v -q /tmp/sigtool5719/ssk1.pub /tmp/sigtool5719/tests.sh.sig ./tests.sh
+ ./bin/linux-amd64/sigtool --debug e --no-password -o /tmp/sigtool5719/tests.sh.enc /tmp/sigtool5719/ssk2.pub ./tests.sh
encrypt:
	hdr-cksum: d92fe90314699aad7dae54fdc77e495202a8453d898b90b8bcd90dd2ade21f2b
	salt: 35bd31151f2f4c0f5b807d3a05361727b78494250909ac163c3d2a2a86869f38
	key: c9ae1b05628a6a2b32c12cfa228ef5db6adb22c7e4c4d2250f5abbe067f9a1e4
	aes-key: 34e20fbd4e68bd4427630bbd76c07415db76750022148613a679e19dd18dbf04
+ ./bin/linux-amd64/sigtool --debug d --no-password -o /tmp/sigtool5719/tests.sh.dec /tmp/sigtool5719/ssk2 /tmp/sigtool5719/tests.sh.enc
decrypt:
	hdr-cksum: d92fe90314699aad7dae54fdc77e495202a8453d898b90b8bcd90dd2ade21f2b
	salt: 35bd31151f2f4c0f5b807d3a05361727b78494250909ac163c3d2a2a86869f38
	key: c9ae1b05628a6a2b32c12cfa228ef5db6adb22c7e4c4d2250f5abbe067f9a1e4
	aes-key: 34e20fbd4e68bd4427630bbd76c07415db76750022148613a679e19dd18dbf04
./bin/linux-amd64/sigtool: decrypt: can't decrypt chunk 0: cipher: message authentication failed
+ die 'can'\''t decrypt with /tmp/sigtool5719/ssk2'
+ echo 'tests.sh: can'\''t decrypt with /tmp/sigtool5719/ssk2'
tests.sh: can't decrypt with /tmp/sigtool5719/ssk2
+ echo 'tests.sh: Test output in /tmp/sigtool5719 ..'
tests.sh: Test output in /tmp/sigtool5719 ..
+ exit 1

[opencoff]

Very strange indeed. Could you try running the test binary compiled on other machine and run it on the HPZ400 like so:

on build machine

go test -c -o sig-test -ldflags "-s" ./sign

# copy binary to hp z400 and run

./sig-test -test.v
__
Hopefully all tests should pass ...

[uli-heller]

(Removed due to bad formatting)

[uli-heller]

Here you are:

root@blacky:~/sigtool-test# ./sig-test -test.v
=== RUN   TestEncryptSimple
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 73: Assertion failed: decrypt fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSimple (0.01s)
=== RUN   TestEncryptSmallSizes
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 125: Assertion failed: decrypt-1 fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSmallSizes (0.00s)
=== RUN   TestEncryptCorrupted
--- PASS: TestEncryptCorrupted (0.07s)
=== RUN   TestEncryptSenderVerified
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 228: Assertion failed: decrypt fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptSenderVerified (0.00s)
=== RUN   TestEncryptMultiReceiver
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 284: Assertion failed: decrypt 0 fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestEncryptMultiReceiver (0.00s)
=== RUN   TestStreamIO
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 356: Assertion failed: streamread fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestStreamIO (0.00s)
=== RUN   TestSmallSizeStreamIO
    encrypt_test.go:393: small-size-stream: size 1, chunksize 8
    utils_test.go:36: /home/uli/git/forked/sigtool/sign/encrypt_test.go: 442: Assertion failed: streamread fail: decrypt: can't decrypt chunk 0: cipher: message authentication failed
--- FAIL: TestSmallSizeStreamIO (0.00s)
=== RUN   TestSignSimple
--- PASS: TestSignSimple (11.21s)
=== RUN   TestSignRandBuf
--- PASS: TestSignRandBuf (0.03s)
FAIL