openpgp seems to work but then panics saying missing hash function

225 views
Skip to first unread message

nhe...@gmail.com

unread,
Jul 25, 2013, 7:29:40 PM7/25/13
to golan...@googlegroups.com
Hi

Is this a bug or am I doing something wrong?

For testing purposed I wrote the following program based heavily on https://www.imperialviolet.org/2011/06/12/goopenpgp.html adapted for the API changes and using dynamically generated Entities (so that this is easier for you to copy paste and test on your machines, I have also tried locally with my real keyring):

package main

import (
"fmt"
"os"

)

func main() {
Alice, _ := openpgp.NewEntity("Alice", "", "al...@example.com", nil)
Bob, _ := openpgp.NewEntity("Bob", "", "b...@example.com", nil)
out, _ := armor.Encode(os.Stdout, "PGP MESSAGE", nil)
cipher, _ := openpgp.Encrypt(out, []*openpgp.Entity{Bob}, Alice, nil, nil)

fmt.Fprintln(cipher, "Done")

cipher.Close()
}

When I run it I get the following. You can safely ignore the armored body, it is included to illustrate that it does seem to encrypt and sign at least some of the text before panicking.
 
$ go run sandbox.go 
-----BEGIN PGP MESSAGE-----

wcBMA60b0anhq+stAQgAhP4tNjjEyXLg+BPNRJovJnS7IjeJTsVMcbRMn2YlFItU
c49pB0MSq2Lm0Zu7CHNpXDx+68CBAq+eIY2EJdPfwuiOna/7WWs6Eccrg9PBHdnJ
1IpK4KS+H02gjTFevTmEizN84gbKYzHMOTu6fLBIt9Ls3jj/IkeXST8GF+izgn8c
wucFtSPxgo2tUL8F/pKrB4e6/zQ/NB16UFEDNLu4hUNshnPUrGTv+hx76CjRbivd
svTRriWYbcCUDAVpISei4yVVMWdHB0ABiYa2qNxYbl+C6VQ1qmqQkLlzSUXVJLNq
zefvK7ne+oJl0DOnBJm8rrTTqjTl/OdHKBxrs61SttLgAeOgLAg6f3xn3OEtsOER
panic: crypto: requested hash function is unavailable

goroutine 1 [running]:
crypto.Hash.New(0x9, 0xc20004a550, 0x5d0800)
/usr/lib/go/src/pkg/crypto/crypto.go:62 +0xab
code.google.com/p/go.crypto/openpgp.Encrypt(0xc2000e7000, 0xc200130550, 0x7fab8e08df20, 0x1, 0x1, ...)
main.main()
/tmp/tmp.IxKWip9R0f/sandbox.go:17 +0x1e8
exit status 2

Any help would be much appreciated. I googled the error message and the only seemingly relevant result was the actual crypto lib source code.

Best,

Nicholas

Dave Cheney

unread,
Jul 28, 2013, 4:49:26 AM7/28/13
to nhe...@gmail.com, golan...@googlegroups.com
Please check all the errors you have ignored. That will probably fix the problem. 
--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

agl

unread,
Jul 29, 2013, 3:53:06 PM7/29/13
to golan...@googlegroups.com
On Thursday, July 25, 2013 7:29:40 PM UTC-4, Nicholas Helke wrote:
Hi

Is this a bug or am I doing something wrong?


Actually, I think this might be a real bug in openpgp. Could you try catching the errors and patching this in?


That should, at least, return an error rather than crashing. In order to get it to work after that I think you just need to compile in the right hash function. Adding

  _ "crypto/sha256"

to the import section will probably do it.


Cheers

AGL

Nicholas Helke

unread,
Aug 2, 2013, 9:17:01 PM8/2/13
to golan...@googlegroups.com
@AGL The patch fixes it, or rather gets openpgp to return a helpful error in lieu of just panicking with that most unhelpful message.

Before your patch I worked out that it was trying to use RIPEMD160 by using GDB and a breakpoint at http://godoc.org/crypto?file=crypto.go#Hash.New. The documentation then helpfully indicates:
I still wonder whether I should not submit a patch to the standard library to give more details when panicking. Since the RIPEMD160 const is defined in crypto, why not make the panic message more helpful by specifying what hash is missing? I'm guessing it is declared there from when ripemd160 and openpgp were still part of the standard library back before Go 1.

If someone can tell me the usual procedure for submitting patches to the standard library I will happily do so.

Best,

N.

P.S. @Dave I should probably have mentioned that I had already checked that all the errors were nil, and that I simply omitted the error checking code in the interests of conciseness.

Adam Langley

unread,
Aug 5, 2013, 2:29:40 PM8/5/13
to Nicholas Helke, golang-nuts
On Fri, Aug 2, 2013 at 9:17 PM, Nicholas Helke <nhe...@gmail.com> wrote:
> @AGL The patch fixes it, or rather gets openpgp to return a helpful error in
> lieu of just panicking with that most unhelpful message.
>
> Before your patch I worked out that it was trying to use RIPEMD160 by using
> GDB and a breakpoint at http://godoc.org/crypto?file=crypto.go#Hash.New. The
> documentation then helpfully indicates:
>
> RIPEMD160 // import
> code.google.com/p/go.crypto/ripemd160
>
> I still wonder whether I should not submit a patch to the standard library
> to give more details when panicking. Since the RIPEMD160 const is defined in
> crypto, why not make the panic message more helpful by specifying what hash
> is missing? I'm guessing it is declared there from when ripemd160 and
> openpgp were still part of the standard library back before Go 1.

I've submitted something similar to this patch to go.crypto. The error
message will now also include the name of the hash that was most
preferable when finding one fails.

I've also updated the standard library to include the hash number
(there's no table of names in crypto/, at least not yet) in the panic
message.


Cheers

AGL

andrew....@gmail.com

unread,
Aug 14, 2013, 1:19:41 AM8/14/13
to golan...@googlegroups.com, Nicholas Helke
I've encountered a similar problem, but the error is thrown from the standard crypto library instead of the extended one. The offending line is at src/pkg/crypto/crypto.go:62. I'm writing a patch to provide helpful error message and will post a link here when I've posted it.

andrew....@gmail.com

unread,
Aug 14, 2013, 1:31:24 AM8/14/13
to golan...@googlegroups.com, Nicholas Helke
Just kidding; I see that someone has already submitted a similar patch, and it's been accepted into the trunk.

Code review:

Commit:

It doesn't include a name, but I suppose it's better than nothing. Would adding a name table be deemed unacceptable? It would sure help.
Reply all
Reply to author
Forward
0 new messages