Problems with PGP user decrypting GPG files

Steve Butler sbutler@fchn.com
Wed Jan 9 21:49:02 2002


A few questions:
1.  Is the size of file they have received the same as the size you sent?
2.  If not, check that you are using BIN for the FTP transfer rather than
ASCII.
3.  If so, still check just to be sure <<grin>>.
4.  If going through email are they using binary transfer methods to get it
from their email system to their decryption box?
5.  Can you check to see which session encryption algorithm was used?  Is it
one supported by PGP?

We had problems with a client unable to encrypt to us due to an older
version of PGP they were using.  This involved the blowfish (if I remember
correctly) session encryption algorithm. 

And I made the mistake once of shipping an encrypted file using ASCII level
ftp (so have a couple of clients coming back to us).  

I'll be interested to hear the outcome.

--Steve Butler
Oracle DBA
First Choice Health Network

-----Original Message-----
From: Kirkland, Mike # IHTUL [mailto:mike.kirkland@ndchealth.com]
Sent: Wednesday, January 09, 2002 8:18 AM
To: gnupg-users@gnupg.org
Subject: Problems with PGP user decrypting GPG files


Hi everyone,

We are in the process of testing our encryption / decrytion with some
trading partners that are using PGP 7.0.1 on windows 2000 advanced server.

We are using gpg 1.0.6 on tru64 unix v5.1 on a DS10.
I have imported into GPG their public keys, and our private/public pair that
were exported from PGP 6.5.8 on a PC.

I encrypt files by using the following shell script:

#!/bin/ksh
#
#  Program Name: /usr/bin/encryptgpguser
#
#  Author: Mike Kirkland
#  Date: 11-28-01
#
#  Purpose:     This script will encrypt files past to it from server lyra
#               after encryption lyra will ftp files from this directory to
be sent to payer
#               This script will be rexec from lyra with 2 parameters passed
to it
#
#               1 the filename to be encrypted
#               2 the payer's public key identifier to be used for
encryption
#
#  Modifications:  N/A
cd /gpguser

USAGE="Usage: `basename $0` <filename> <payer_public_key_id>"  # If no
filename or more than one, then tell how to use this script
FILENAME="$1"
PUBKEYID="$2"

if [ "$#" -ne 2 ]; then   # Check to see that only   one filename and keyid
is passed in
  echo ;
  echo $USAGE;
  exit 1;
fi

if [ -s "$FILENAME" ]; then    # -s option checks that file exists and
filesize > 0
  if [ $? -eq 0 ] ; then
    echo ;
    echo "filename $FILENAME found and is not an empty file";
      if [ -e "$FILENAME.gpg" ]; then
              rm $FILENAME.gpg;
              /usr/bin/gpg --batch -q --no-tty --no-verbose
--no-secmem-warning -r "$PUBKEYID" -e "$FILENAME";
              echo "PART 1 filename $FILENAME successfully encrypted and
copied as  $FILENAME.gpg" ;
              exit 0;
      else
              /usr/bin/gpg --batch -q --no-tty --no-verbose
--no-secmem-warning -r "$PUBKEYID" -e "$FILENAME";
              echo "PART 2 filename $FILENAME successfully encrypted and
copied as  $FILENAME.gpg" ;
              exit 0;
      fi
  else
    echo "ERROR filename $1 encryption failed!! check $USAGE or call your
Unix System Administrator"
  fi
else
  echo "ERROR filename $1 is not found or filesize is zero bytes"
fi
exit $?



Everything is ok on the encryption, but when our trading partner gets the
file they get this error message:

   Error: encrypted session key is bad

Any thoughts?

Thanks

Mike Kirkland
Unix System Administrator
National Data Corporation
Phone:  (918) 481-2817
Fax:      (918) 481-4275
mike.kirkland@ndchealth.com <mailto:mike.kirkland@ndchealth.com>


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.