DEVHIDE
Login Or Sign up

PGPainless Encrypt file throws UnacceptableSelfSignatureException - does not have a valid/acceptable signature to derive an expiration date from

34 Views Asked by At

Im working with PGPainless SOP (1.6.6) to encrypt and sign files.

My routines are fairly basic and are using private and public keys supplied by my customer.

The recipients pubic key doesnt have an expiry date.....but unsure why this should stop encyption.

Anyone else had this issue?

Tried:

  • Searched and cant see reference to the expiry date being mandatory to encrypt a file.
  • Tried encrypt and sign....and encrypt-only without success.
  • Used the same keys with the mac app GPG Keychain to encrypt and sign without issue.

The code:

/*
         * Recipients are found within conf_pgp/recipients
         * 
         */

        byte[] recpKey = this.loadKey(Paths.get(getRecipientfolder(), recipientKeyName).toString());
        byte[] signKey = null;
        
        String signPwd2Use = signKeyPasswd;
        /*
         * Signing key
         */
        if(sign) {
            if(signKeyPath.isBlank() || signKeyPath.equals(this.secretKeyPath)) {
                signKey = this.secretKey;
                signPwd2Use = this.secretKeyPassphrase;
            }else {         
                signKey = this.loadKey(Paths.get(signKeyPath).toString());
            }           
        }
    
        /*
         * Streams
         */
        FileInputStream iStm = null;
        FileOutputStream oStm = null;

        File outF = new File(outputPath);
        if (outF.exists()) {
            try {
                Files.delete(Paths.get(outputPath));
            } catch (IOException e) {
                new ExceptionUtils("PgpTools", "decrypt", appLogger).logIt(e);
            }
        }

        try {

            //..Read the file in via input stream
            //byte[] plainText = Files.readAllBytes(Paths.get(sourcePath));
            iStm = new FileInputStream(Paths.get(sourcePath).toFile());
            oStm = new FileOutputStream(Paths.get(outputPath).toFile());
            if(sign) {
        
                sop.encrypt()
            
                
                //..recipients
                .withCert(recpKey)
                
                //..signing
                .signWith(signKey)              
                //.si(signPwd2Use)
            
            
                .plaintext(iStm)                
                .writeTo(oStm);
        
            }else {
                sop.encrypt()
                
                .withCert(recpKey)
                
                .plaintext(iStm)                    
                .writeTo(oStm);
        
            }

            appLogger.debug("** Encrypted file (PGP)  [" + sourcePath + "] to [" + outputPath + "]");
            
            return true;


        } catch (Exception e) {
java pgp openpgp
Original Q&A
1

There are 1 best solutions below

0
MarkB On

I contacted the code owner via GitHub and received the answer that the issue is the ciphers used are sha1 and too old.

By default PGPainless will not support old ciphers but you can teach PGPainless to allow them.

Solution documented on this gitHub link.

https://github.com/pgpainless/sop-java/issues/27#issuecomment-1985814803

Related Questions in JAVA

Related Questions in PGP

Related Questions in OPENPGP

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.