roperl has asked for the wisdom of the Perl Monks concerning the following question:

Having an issue with trying to encrypt and sign a message using Crypt::OpenPGP Here is my code 
my $ct = $pgp->encrypt( Filename => 'plain.txt', Recipients => $key, C
+ipher => 'DES3', SignKeyID => $signkey, SignPassphrase => $GPG_PP ) o
+r die "Encryption failed: ", $pgp->errstr;
if ($ct) {
    open( my $fh, '>', 'encrypted.gpg' );
    print $fh $ct;
    close $fh;
} else {
    #print "gpg failed: $pgp->errstr\n";
    $err = Crypt::OpenPGP->errstr;
    print "gpg failed: $err\n";
}

[download]
Here is the error message I get: 
Data too large for key size at /opt/perl-5.26.0/lib/site_perl/5.26.0/C
+rypt/OpenPGP/Key/Secret/DSA.pm line 33.

[download]
If I look at Crypt/DSA.pm I can see the error message here 
    my $dlen = length $dgst;

    my $i = bitsize($key->q) / 8;
    croak "Data too large for key size"
        if $dlen > $i || $dlen > 50;

[download]
If I comment out the croak and following if line I can execute the code with no issues. Is there a better workaround then this?

Replies are listed 'Best First'.
Re: GPG signing Issue
by hippo (Archbishop) on Sep 19, 2018 at 12:59 UTC

    I am having slightly different problems with Crypt::OpenPGP. Can't get it to read my GPGv1 private key from the keyring. It dies with:

    encrypt: datasize not multiple of blocksize (16 bytes) at /usr/local/s
+hare/perl5/Crypt/OpenPGP/CFB.pm line 57.

    [download]

    which Carp::Always tells me is called from Crypt::OpenPGP::Cipher::decrypt on a Crypt::OpenPGP::Cipher::Rijndael object. How are you reading/creating your key in the code in the OP?

    It's a shame because it could be a really good alternative to either GPGme or the CLI wrappers.

[reply]
[d/l]

      Revisiting this I am no further on and would appreciate any pointers. Here's a trivial test:

      use strict;
use warnings;

use Test::More tests => 1;

use Crypt::OpenPGP;

my $message = "Hello world!\n";
my $pgp = Crypt::OpenPGP->new ();
my $sig = $pgp->sign (
    Data        => $message,
    Clearsign   => 1,
    KeyID       => $ENV{GPG_SECRET_KEY},
    Passphrase  => $ENV{GPG_PP}
);

ok ($sig) or diag ($pgp->errstr);

      [download]

      With a valid secret key ID (in the form "ABCD1234") it bombs out as follows:

      $ perl openpgp_sample.t 
1..1
encrypt: datasize not multiple of blocksize (16 bytes) at /usr/local/s
+hare/perl5/Crypt/OpenPGP/CFB.pm line 57.
# Looks like your test exited with 2 before it could output anything.

      [download]

      The keypair was created with gpg --gen-key for testing and is perfectly usable for signing via the gpg binary. What am I missing?

      Some version info:

      • perl: 5.20.3
      • Crypt::OpenPGP: 1.12
      • Crypt::Rijndael: 1.13
      • gpg: 1.4.20
[reply]
[d/l]
[select]

        I cannot replicate, using two similar (but not identical) setups. First is my windows machine, second is a virtual linux machine; both used perl v5.20.3, but have wildly different gpg versions. Both worked just fine (though I learned that virtual machines do not like building entropy; it took forever to generate my dummy key or to sign the message).

        Read more... (3 kB)

        ... So no, I don't know what's going wrong with yours... I don't know whether it will help to know it does work on similar-but-not-identical situations. My best bet would be some bug in the interface with your specific version of gpg... Oh, are you using 32b or 64b perl? And is the gpg 32b or 64b? Maybe data is trying to cross a bitness boundary?

        update: oh, right, I think it's just Windows that has mixed bitness. I confirmed my linux virtual box was 32bit. And on Windows, it was 64bit perl as shown, with 32bit gpg.exe, so at least in that direction, it was okay to be mixed; I also tried with a 32bit v5.26.1 on windows, with the same results.

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom