EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Discover if a file is expecting a detached signature to be present

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
Posted: 08/02/2016 15:01:38
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9

I'm in a situation where we are not supporting detached signatures (we want the signatures to be wrapped in the encrypted file and not a separate file). When somebody does send us an encrypted file where they used detached signatures they do not send us the additional file (they usually don't even known what is going on).

When we run these files through DecryptAndVerify we get an exception that states "unexpected end of data" because the detached signature stream was not set nor expected to be there.

I was looking at https://www.eldos.com/documentation/sbb/documentation/ref_cl_messageverifier.html where the class contains functions for testing "IsSignatureDetached", etc. but that is for reading a stream to see if there is a detached signature in it.

I don't expect one to be there to begin with so the real question I am trying to ask and answer in code is "does this encrypted file think it has a detached signature?" and if so, I want to throw an unsupported exception on our side so that we can alert that this file was not generated properly. I would like to be able to perform this prior to calling DecryptAndVerify and having the aforementioned exception thrown (which could also indicate that it was just a corrupted file).
Posted: 08/02/2016 15:30:45
by Eugene Mayevski (Team)

The detached signature is the signature which is stored separately and which allows the original data to remain unchanged. And "unchanged" is the keyword there. It means that you have no way to know if there were a detached signature done over this data.

In any case you can run DecryptAndVerify and see if you get a specific exception (inspect the class type/name rather than the message), and let people know accordingly.

Sincerely yours
Eugene Mayevski
Posted: 08/02/2016 16:41:31
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9

Ok, currently I'm catching a specific exception as you have pointed out to do. I wasn't sure if there was a bit flipped or a couple bytes that were written into the message that would indicate a detached signature was generated. It seems not to be the case.

The exception being thrown for these files when there was a detached signature is EElPGPReaderException with a message of "Unexpected end of data". It seems this exception could be thrown for a number of reasons though.

It is always easy to verify this manually on our side by just running it through GPG (or any other implementation for that matter) and it prompts you for the location of the detached signature.


Posted: 08/02/2016 16:57:19
by Eugene Mayevski (Team)

You can do a simple test and pass some junk to GPG - will it also ask about the detached signature?

Sincerely yours
Eugene Mayevski
Posted: 08/02/2016 17:20:33
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9

I just tested that out by both sending junk data as well as a ciphertext file with truncated data and GPG outputs the following:

gpg: premature eof while reading hashed signature data
gpg: uncompressing failed: Unknown system error
gpg: decrypt_message failed: Unknown system error

Network Associates PGPTools emits the following similar error:

"An error has occurred: error decompressing data."

Using GPG at the commandline for the known good ciphertext which has a detached signature we get:

"Detached signature.
Please enter name of data file:"
Posted: 08/02/2016 17:34:43
by Eugene Mayevski (Team)

What is "ciphertext" in your case? Are you signing some payload (e.g. business data or a plain text file), or you are signing the already encrypted data block?

In general there is *no* way to find out, that you have signed, for example, the file with the text, if you later pass this text file anywhere else (like to GnuPG). If GnuPG finds the difference, then you have (maybe unintentionally) passed some other information together with the file itself to GnuPG, for example in a form of the special filename.

Sincerely yours
Eugene Mayevski
Posted: 08/02/2016 17:51:18
by Eugene Mayevski (Team)

As a general example:

if I have a string "abc" and calculate a "signature" equal to 38 , then give you the string "abc", you can't find that I performed the above mentioned calculation. On the other hand, if I give you the string "abc.signed", you may assume, that there must be a signature somewhere around.

The procedure of detached signing doesn't transform the data, it returns you only "38" in the destination stream.

Sincerely yours
Eugene Mayevski
Posted: 08/02/2016 18:46:36
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9

This has me thinking now... if you do a detached signature into a separate file and it doesn't affect the ciphertext (data) file. when attempting to decrypt the ciphertext with no knowledge of the detached signature file we should expect to have an encrypted but not signed file coming in correct?

In which case this doesn't seem to be the behavior. It almost seems like we may be getting a scenario where the customer has sent us the signature file itself but renamed.
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.



Topic viewed 1281 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!