I have been trying to get this posted to the user-list, but can't seem to get subscribed/accepted to the list. Hopefully this post is accepted.
I have posted this problem at Stack Overflow assuming that it is a user error: http://stackoverflow.com/questions/30385732/camel-crypto-fails-pgp-decryption-invalid As shown in the posting on Stack Overflow, I have a simple Camel flow to decrypt the PGP message that I get from a 3rd party. Not to repeat the Stack Overflow thread, but basically the exception is: Stacktrace ------------------------------------------------------------------------------------------------------------------------ java.lang.IllegalArgumentException: The input message body has an invalid format. The PGP decryption/verification processor expects a sequence of PGP packets of the form (entries in brackets are optional and ellipses indicate repetition, comma represents sequential composition, and vertical bar separates alternatives): Public Key Encrypted Session Key ..., Symmetrically Encrypted Data | Sym. Encrypted and Integrity Protected Data, Compressed Data, (One Pass Signature ...,) Literal Data, (Signature ...,) at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getFormatException(PGPKeyAccessDataFormat.java:488) at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getUncompressedData(PGPKeyAccessDataFormat.java:424) at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.unmarshal(PGPKeyAccessDataFormat.java:363) If I look at the code where the exception is occurring, it is clearly looking for a "compressed" packet. The sender has created a message/packets without the compressed packet: gpg --list-packets 2015-140-1244-yf3ar85p3zsqpfgk73_resp.asc :pubkey enc packet: version 3, algo 1, keyid xxxxxxxxxxxxxxx data: [2046 bits] You need a passphrase to unlock the secret key for user: "Your Key <[email protected]>" 2048-bit RSA key, ID XXXXXXXX, created 2015-05-18 (main key ID YYYYYYYYY) :encrypted data packet: length: 52051 gpg: encrypted with 2048-bit RSA key, ID XXXXXXXX, created 2015-05-18 "Your Key <[email protected]>" :onepass_sig packet: keyid ABVBBBBBBBBBB version 3, sigclass 0x00, digest 2, pubkey 17, last=1 :literal data packet: mode b (62), created 1432151886, name="", raw data: 51945 bytes :signature packet: algo 17, keyid CCCCCCCCCCCCCC version 4, created 1432151886, md5len 0, sigclass 0x00 digest algo 2, begin of digest e4 5a hashed subpkt 2 len 4 (sig created 2015-05-20) subpkt 16 len 8 (issuer key ID CCCCCCCCCCCCCC) data: [159 bits] data: [160 bits] gpg: WARNING: message was not integrity protected They provide the :onepass_sig packet.T he sender is generating the PGP encrypted message using Cryptix Open PGP In looking at the OpenPGP Packet spec at: https://tools.ietf.org/html/rfc4880 The packet format shows that there is no mandatory need for the compressed packet. It is optional in the spec. I tried to set a PGPDataFormat with setCompression() turned off, but this has no effect on the decrypt and I get the same error. Nowhere on the code path that I traced for the exception is there an option to NOT get the compressed: packet. So does Camel not support the OpenPGP spec as it is written? -- View this message in context: http://camel.465427.n5.nabble.com/Camel-PGP-Not-Decrypting-PGP-Packets-If-Compression-Is-Missing-tp5767568.html Sent from the Camel - Users mailing list archive at Nabble.com.
