Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Unknown S2K function - Issue caused by exported to card gpg keys #44

Open
gaoyichuan opened this issue Feb 18, 2020 · 10 comments
Open

Error: Unknown S2K function - Issue caused by exported to card gpg keys #44

gaoyichuan opened this issue Feb 18, 2020 · 10 comments

Comments

@gaoyichuan
Copy link

I have my PGP key moved to my yubikey. However I have the backup of my secret key.

When I use that key to get the airdrop, hs-airdrop gave an error:

Error: Unknown S2K function.
    at S2K.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1557:15)
    at CipherParams.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1363:18)
    at PGPPrivateKey.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1126:17)
    at Function.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:139:23)
    at PGPPacket.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:439:35)
    at Function.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:139:23)
    at PGPMessage.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:278:29)
    at PGPMessage.decode (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:91:10)
    at Function.decode (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:143:23)
    at readKey (/home/gaoyichuan/workspace/hs-airdrop/bin/hs-airdrop:529:30)

After some quick search, I use cat secring.gpg | gpg --list-packets | grep S2K to check my key info, it gave:

        iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: D658CFAB39FED1A0
        iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: 97D1A2FFC1F66F34
        gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
        gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
        gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
        gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
        iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: AE573B264082AC56

And after patching the code, I found out the S2K algo number is 101

Any help please?
@gaoyichuan
Copy link
Author

I have figure it out! For somebody who has the same issue:

  1. BACKUP YOUR SECRET KEY
  2. Use gpg --edit-key command, add a new subkey to your main key, and set the usage to 'Sign'
  3. Use delkey in key editor to remove all your subkeys which are in your smartcard
  4. Export your secret key again, and get the airdrop

I believe this is a bug in this tool, so some fix is welcomed!

@pinheadmz
Copy link
Member

Thank you @gaoyichuan !

I'm going to close this issue for now, and change the title so future users with the same issue can find it easily.

@pinheadmz
Copy link
Member

Sorry @gaoyichuan - are you saying there is a bug here? Are we using the wrong algo number for something?

@boymanjor boymanjor changed the title Issue caused by exported to card gpg keys Error: Unknown S2K function - Issue caused by exported to card gpg keys Feb 19, 2020
@shankerwangmiao
Copy link

@pinheadmz For those who have one or more of their subkeys exported to smart cards, those subkeys will have a S2K algo number of 101, and at https://github.com/bcoin-org/bcrypto/blob/76266c9e3b8119f99eb5d69a196e9163de5c332d/lib/pgp.js#L1504 getSize() will fail since 101 falls out of those three cases.

@shankerwangmiao
Copy link

My suggestion is to skip that pgp packet when it cannot be processed, at https://github.com/bcoin-org/bcrypto/blob/76266c9e3b8119f99eb5d69a196e9163de5c332d/lib/pgp.js#L277

@pinheadmz
Copy link
Member

Ah ok thanks. Gonna ping @chjj here to see if this is a viable solution.

@pinheadmz pinheadmz reopened this Feb 19, 2020
@chjj
Copy link
Contributor

chjj commented Feb 19, 2020

I'd prefer not to skip it (I think that may break other things). I'm trying to find some information on this now. It looks like 101 a GNU extension for key derivation. I'll try to push a fix soon.

@metaspartan
Copy link

I have figure it out! For somebody who has the same issue:

  1. BACKUP YOUR SECRET KEY
  2. Use gpg --edit-key command, add a new subkey to your main key, and set the usage to 'Sign'
  3. Use delkey in key editor to remove all your subkeys which are in your smartcard
  4. Export your secret key again, and get the airdrop

I believe this is a bug in this tool, so some fix is welcomed!

I still get the S2K error even after removing all subkeys, creating a new DSA Sign subkey and then re-exporting the secret key, still gives a "Unknown S2K function" error.

chjj added a commit to bcoin-org/bcrypto that referenced this issue Feb 20, 2020
@chjj
pgp: parse s2k gnu extensions.
2a1d2e2 
See: handshake-org/hs-airdrop#44
@chjj
Copy link
Contributor

chjj commented Feb 20, 2020

The current master branch of bcrypto has the fix, but I unfortunately don't have a test vector. I might have to dig around the gnupg repo a bit.

@metaspartan
Copy link

@chjj I updated to your latest bcrypto code, it does get rid of the S2K function error, but now I am getting this error:

Error: Unknown cipher type.

@metaspartan metaspartan mentioned this issue Feb 20, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@chjj @pinheadmz @gaoyichuan @shankerwangmiao @metaspartan