I work in an organization where we sometimes receive and send encrypted files.
This is far from our core business and we are no experts on this, so please
bear with me.
For managing the files, we use scripts calling gpg.exe. This is a Windows
environment.
We have been running version 1.2.2 for ages but as we upgraded our server, we
decided to upgrade GnuPG to 1.4.21. We use the simple installer for GnuPG
Classic.
Yesterday we received an encrypted file which we couldn't decrypt. This is what
happens:
C:\>c:\GnuPG_2016\gpg --homedir=C:\Keyring -d -v -v -o output.txt input.gpg
:pubkey enc packet: version 3, algo 16, keyid xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
data: [2048 bits]
data: [2048 bits]
gpg: public key is xxxxxxxx
gpg: using subkey xxxxxxxx instead of primary key xxxxxxxx
You need a passphrase to unlock the secret key for
user: "My organization"
2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 (main key ID xxxxxxxx)
gpg: public key encrypted data: good DEK
:encrypted data packet:
length: unknown
gpg: encrypted with 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16
"My organization"
gpg: 3DES encrypted data
gpg: [don't know]: invalid packet (ctb=1b)
gpg: decryption okay
gpg: WARNING: message was not integrity protected
gpg: [don't know]: invalid packet (ctb=68)
Just to be sure, this is 1.4.21:
C:\>c:\GnuPG_2016\gpg --version
gpg (GnuPG) 1.4.21
My first guess was that the file was corrupted in some way, as we get if by ftp
from one of our partners. After hashing and re-transfering the file we could
rule out file corruption during transfer. Then I decided to try to decrypt the
file using an older version of GnuPG, 1.2.2. Then decryption works with no
problem:
C:\>c:\gnupg\gpg -d -v -v -o output.txt input.gpg
:pubkey enc packet: version 3, algo 16, keyid xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
data: [2048 bits]
data: [2048 bits]
gpg: public key is xxxxxxxx
gpg: using secondary key xxxxxxxx instead of primary key xxxxxxxx
You need a passphrase to unlock the secret key for
user: "My organization"
gpg: using secondary key xxxxxxxx instead of primary key xxxxxxxx
2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 (main key ID xxxxxxxx)
gpg: public key encrypted data: good DEK
:encrypted data packet:
length: unknown
gpg: encrypted with 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16
"My organization"
gpg: 3DES encrypted data
:literal data packet:
mode b, created xxxxxxxx, name="",
raw data: 0 bytes
gpg: original file name=''
gpg: decryption okay
gpg: WARNING: message was not integrity protected
Version is 1.2.2:
C:\temp>c:\gnupg\gpg --version
gpg (GnuPG) 1.2.2
Can anybody explain what is happening? Why can we decrypt the file with an
older version, but not with the newest one?
Regards
/Fredrik
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
