hs-airdrop
hs-airdrop copied to clipboard
handshake-org
Error: Unknown S2K function - Issue caused by exported to card gpg keys
I have my PGP key moved to my yubikey. However I have the backup of my secret key.
When I use that key to get the airdrop, hs-airdrop gave an error:
Error: Unknown S2K function.
at S2K.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1557:15)
at CipherParams.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1363:18)
at PGPPrivateKey.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:1126:17)
at Function.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:139:23)
at PGPPacket.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:439:35)
at Function.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:139:23)
at PGPMessage.read (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bcrypto/lib/pgp.js:278:29)
at PGPMessage.decode (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:91:10)
at Function.decode (/home/gaoyichuan/workspace/hs-airdrop/node_modules/bufio/lib/struct.js:143:23)
at readKey (/home/gaoyichuan/workspace/hs-airdrop/bin/hs-airdrop:529:30)
After some quick search, I use cat secring.gpg | gpg --list-packets | grep S2K to check my key info, it gave:
iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: D658CFAB39FED1A0
iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: 97D1A2FFC1F66F34
gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0
iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: AE573B264082AC56
And after patching the code, I found out the S2K algo number is 101
Any help please?
I have figure it out! For somebody who has the same issue:
- BACKUP YOUR SECRET KEY
- Use
gpg --edit-keycommand, add a new subkey to your main key, and set the usage to 'Sign' - Use
delkeyin key editor to remove all your subkeys which are in your smartcard - Export your secret key again, and get the airdrop
I believe this is a bug in this tool, so some fix is welcomed!
Thank you @gaoyichuan !
I'm going to close this issue for now, and change the title so future users with the same issue can find it easily.
Sorry @gaoyichuan - are you saying there is a bug here? Are we using the wrong algo number for something?
@pinheadmz For those who have one or more of their subkeys exported to smart cards, those subkeys will have a S2K algo number of 101, and at https://github.com/bcoin-org/bcrypto/blob/76266c9e3b8119f99eb5d69a196e9163de5c332d/lib/pgp.js#L1504 getSize() will fail since 101 falls out of those three cases.
My suggestion is to skip that pgp packet when it cannot be processed, at https://github.com/bcoin-org/bcrypto/blob/76266c9e3b8119f99eb5d69a196e9163de5c332d/lib/pgp.js#L277
I'd prefer not to skip it (I think that may break other things). I'm trying to find some information on this now. It looks like 101 a GNU extension for key derivation. I'll try to push a fix soon.
I have figure it out! For somebody who has the same issue:
- BACKUP YOUR SECRET KEY
- Use
gpg --edit-keycommand, add a new subkey to your main key, and set the usage to 'Sign'- Use
delkeyin key editor to remove all your subkeys which are in your smartcard- Export your secret key again, and get the airdrop
I believe this is a bug in this tool, so some fix is welcomed!
I still get the S2K error even after removing all subkeys, creating a new DSA Sign subkey and then re-exporting the secret key, still gives a "Unknown S2K function" error.
The current master branch of bcrypto has the fix, but I unfortunately don't have a test vector. I might have to dig around the gnupg repo a bit.
@chjj I updated to your latest bcrypto code, it does get rid of the S2K function error, but now I am getting this error:
Error: Unknown cipher type.