Bug report: ECC keys from "Generate PGP Key Pair" operation are invalid · gchq/CyberChef#2267

(0 Kommentare) (0 Reaktionen) (1 zugewiesene Person)JavaScript (34.843 Stars) (3.944 Forks)batch import

bughelp wanted

Beschreibung

Describe the bug ECC keys generated by the Generate PGP Key Pair operation are invalid because algorithm and curve type have not been set.

This results in PGP Encrypt operations using such a key failing with an obscure internal kbpgp message as per #1440, #1923.

To Reproduce See #1440 for example

Expected behaviour Key should have subkeys for signing/certification and encryption. See https://github.com/zapu/kbpgp/blob/4f61781c93798c0527f250332f50c47b73e878ca/test/files/cv25519.iced#L239-L249 for a reference example.

Additional context Long term it would probably be better to replace the kbpgp library with a more frequently updated/modern library such as openpgp.js

Contributor Guide

Tech Stack: javascript
Domain: securityfrontend
Issue Type: bug
Schwierigkeit: 2
Geschätzte Zeit: 1-3 hours
Aktivitätsstatus: blocked
Klarheit: clear
Voraussetzungen: PGP key generation basicskbpgp library
Einsteigerfreundlichkeit: 60
Research-Richtung: First, examine the Generate PGP Key Pair operation in CyberChef's source code. Look at how key generation parameters are passed to kbpgp. The test file at https://github.com/zapu/kbpgp/blob/4f61781c93798c0527f250332f50c47b73e878ca/test/files/cv25519.iced#L239 L249 shows the correct way to set algorithm and curve. Identify where in the current code the algorithm and curve are missing and add them.