EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SBB Open PGP + Cryptix = Intermittent Errors Decrypting?

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#17935
Posted: 10/19/2011 10:16:03
by Thomas Johnson (Standard support level)
Joined: 10/19/2011
Posts: 3

We are using Secure Black Box OpenPGP to encrypt using our client public key. We've encountered one 8KB file that the client described as corrupt - I see no evidence of corruption in the file and when we re-encrypted the same file again they were able to process it. Any thoughts on this?

Code
            TElPGPWriter pgpWriter = new TElPGPWriter();
            pgpWriter.EncryptionType = TSBPGPEncryptionType.etPublicKey;
            pgpWriter.EncryptingKeys = EncryptionKeys;

            pgpWriter.Compress = [false];
            pgpWriter.UseOldPackets = [true];
            pgpWriter.UseNewFeatures = [false];

            pgpWriter.Armor = true;
            pgpWriter.Filename = unencryptedFileInfo.Name;

            using (FileStream unencryptedStream = unencryptedFileInfo.OpenRead())
            {
                pgpWriter.Encrypt(unencryptedStream, outputStream, 0);
            }


Would it be worthwhile to set pgpWriter.InputIsTest = true? (the input is indeed text)

-Thanks!

p.s. We've transferred a number of encrypted files already and I believe this is the first one we've encountered a problem with.
#17936
Posted: 10/19/2011 10:34:13
by Eugene Mayevski (EldoS Corp.)

Don't get me wrong but why not ask Cryptix vendor - all in all it's *their* software that fails.


Sincerely yours
Eugene Mayevski
#17937
Posted: 10/19/2011 10:43:22
by Thomas Johnson (Standard support level)
Joined: 10/19/2011
Posts: 3

Yes, I wish it were that simple: Cryptix is a deprecated java API, that apparently never made it out of Alpha. There really is no one to speak with about this sort of thing -

The client did tell our BA something along the lines of: “error initializing ascii armored message stream.”

I suppose we could switch to binary, but doesn't that open us up to more issues?

Any other thoughts?


Thanks!
#17938
Posted: 10/19/2011 10:57:07
by Eugene Mayevski (EldoS Corp.)

Well, it could be anything. One thing you can do (if they still have the file at hand) is ask them to ZIP the file and send it back to you. Then compare what they received with what you sent.

Generally speaking armoring is just base64-encoding the binary data and adding extra header and footer lines (and also wrapping the long data line on, if memory serves, every 72nd character). So if your transfer channels are reliable, you can try switching to binary mode. Who knows how the other side handles the data - most likely they just have spoiled something.


Sincerely yours
Eugene Mayevski
#18769
Posted: 01/19/2012 10:40:44
by Thomas Johnson (Standard support level)
Joined: 10/19/2011
Posts: 3

Hi, looks like this is still happening. The strange part is they have a number of servers the same file goes to, but only one of the servers has trouble decrypting. They ruled out a problem in the FTP transfer as repeatedly sending the same file has not effect, but the minute we re-encrypt the same file - voila.

Does this provide any insight that may illuminate the problem?
#18770
Posted: 01/19/2012 10:54:05
by Eugene Mayevski (EldoS Corp.)

I don't think we can help at this point - I believe it must be Cryptix stuff that needs fixing. I even think I know where the problem happens (presence or lack of leading zero in huge integer numbers that cryptography operates with) but we definitely will not change SecureBlackbox to accommodate to buggy software.


Sincerely yours
Eugene Mayevski
#18771
Posted: 01/19/2012 11:00:16
by Eugene Mayevski (EldoS Corp.)

Please re-read my previous messages and let's continue that way:

1) switch to binary mode (turn off armoring)
2) put the file into ZIP archive for transfer

Check those two options.

Unfortunately I don't see what else we can do if the problem is "somewhere there" with some abandoned software. Of course, we can send our specialist to the site and he will diagnose the problem in place and even "disassemble" that software and try to make it work, but is anybody ready to pay several of thousands of dollars for this?


Sincerely yours
Eugene Mayevski
#18772
Posted: 01/19/2012 11:11:07
by Ken Ivanov (EldoS Corp.)

If the problem doesn't go away after trying Eugene's suggestions, we can have a quick look into the internals of a problematic file. And though I really doubt that we'll end up with some positive outcome from it (as some parts of the file are encrypted and we don't have a key), it's probably the last chance to discover the reason. You are welcome to post the files (both "good" and "bad", the more files the better) securely to our Helpdesk system.
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 1786 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!