I work in an organization where we sometimes receive and send encrypted files. This is far from our core business and we are no experts on this, so please bear with me. For managing the files, we use scripts calling gpg.exe. This is a Windows environment. We have been running version 1.2.2 for ages but as we upgraded our server, we decided to upgrade GnuPG to 1.4.21. We use the simple installer for GnuPG Classic.
Yesterday we received an encrypted file which we couldn't decrypt. This is what happens: C:\>c:\GnuPG_2016\gpg --homedir=C:\Keyring -d -v -v -o output.txt input.gpg :pubkey enc packet: version 3, algo 16, keyid xxxxxxxxxxxxxxxxxxxxxxxxxxxxx data: [2048 bits] data: [2048 bits] gpg: public key is xxxxxxxx gpg: using subkey xxxxxxxx instead of primary key xxxxxxxx You need a passphrase to unlock the secret key for user: "My organization" 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 (main key ID xxxxxxxx) gpg: public key encrypted data: good DEK :encrypted data packet: length: unknown gpg: encrypted with 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 "My organization" gpg: 3DES encrypted data gpg: [don't know]: invalid packet (ctb=1b) gpg: decryption okay gpg: WARNING: message was not integrity protected gpg: [don't know]: invalid packet (ctb=68) Just to be sure, this is 1.4.21: C:\>c:\GnuPG_2016\gpg --version gpg (GnuPG) 1.4.21 My first guess was that the file was corrupted in some way, as we get if by ftp from one of our partners. After hashing and re-transfering the file we could rule out file corruption during transfer. Then I decided to try to decrypt the file using an older version of GnuPG, 1.2.2. Then decryption works with no problem: C:\>c:\gnupg\gpg -d -v -v -o output.txt input.gpg :pubkey enc packet: version 3, algo 16, keyid xxxxxxxxxxxxxxxxxxxxxxxxxxxxx data: [2048 bits] data: [2048 bits] gpg: public key is xxxxxxxx gpg: using secondary key xxxxxxxx instead of primary key xxxxxxxx You need a passphrase to unlock the secret key for user: "My organization" gpg: using secondary key xxxxxxxx instead of primary key xxxxxxxx 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 (main key ID xxxxxxxx) gpg: public key encrypted data: good DEK :encrypted data packet: length: unknown gpg: encrypted with 2048-bit ELG-E key, ID xxxxxxxx, created 2009-09-16 "My organization" gpg: 3DES encrypted data :literal data packet: mode b, created xxxxxxxx, name="", raw data: 0 bytes gpg: original file name='' gpg: decryption okay gpg: WARNING: message was not integrity protected Version is 1.2.2: C:\temp>c:\gnupg\gpg --version gpg (GnuPG) 1.2.2 Can anybody explain what is happening? Why can we decrypt the file with an older version, but not with the newest one? Regards /Fredrik
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users