Quantcast

PGP v7 software unable to decrypt BCPG encryption

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

PGP v7 software unable to decrypt BCPG encryption

Hemanth Kashinath

 

Hi Everybody,

 

My clients are unable to decrypt the file encrypted by Bouncy Castle API.

 

Please find the details below.

 

Encryption Details:

----------------------------

Bouncy Castle: Version 1.23

Java VM: Sun Java VM 1.4

Environment: Windows Professional XP

 

Public Certificate Used (Report retrieved using Bouncy Castle) :

-------- Public Key Report --------

     File Name: <filename>.asc

       Version: 4

 Creation Time: Thu Nov 14 11:03:38 MST 2002

     Algorithm: DSA

  Bit Strength: 1021

   Fingerprint: 781326d01a282e340401766b6fb3644aa09a45c5

        Key ID: 6fb3644aa09a45c5

Encryption Key: false

    Master Key: true

-----------------------------------

 

Decryption Details:

----------------------------

PGP Software: Version 7

Environment: Unix

 

Unfortunately, I don?t have many details about the decryption piece.

 

The decryption process is not even able to recognize that the file has been encrypted by their public key.

 

Any help would be much appreciated.

 

Please do not hesitate to contact me if you need more information.

 

Thanks in advance,

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email]

W: www.fcs-inc.com

 

 

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: PGP v7 software unable to decrypt BCPG encryption

Justin Kolb
Message
If you are using signatures PGPv7 can only decode version 3 signatures. To make version 3 signatures with BouncyCastle use the PGPV3SignatureGenerator instead of  the PGPSignatureGenerator.
-----Original Message-----
From: Hemanth Kashinath [mailto:[hidden email]]
Sent: Friday, December 09, 2005 5:00 PM
To: [hidden email]
Subject: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Hi Everybody,

 

My clients are unable to decrypt the file encrypted by Bouncy Castle API.

 

Please find the details below.

 

Encryption Details:

----------------------------

Bouncy Castle: Version 1.23

Java VM: Sun Java VM 1.4

Environment: Windows Professional XP

 

Public Certificate Used (Report retrieved using Bouncy Castle) :

-------- Public Key Report --------

     File Name: <filename>.asc

       Version: 4

 Creation Time: Thu Nov 14 11:03:38 MST 2002

     Algorithm: DSA

  Bit Strength: 1021

   Fingerprint: 781326d01a282e340401766b6fb3644aa09a45c5

        Key ID: 6fb3644aa09a45c5

Encryption Key: false

    Master Key: true

-----------------------------------

 

Decryption Details:

----------------------------

PGP Software: Version 7

Environment: Unix

 

Unfortunately, I don’t have many details about the decryption piece.

 

The decryption process is not even able to recognize that the file has been encrypted by their public key.

 

Any help would be much appreciated.

 

Please do not hesitate to contact me if you need more information.

 

Thanks in advance,

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email][hidden email]

W: www.fcs-inc.com

 

 

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: PGP v7 software unable to decrypt BCPG encryption

Hemanth Kashinath
In reply to this post by Hemanth Kashinath

 

Thanks Justin. I will keep that in mind.

 

I am new to PGP and hence a following question.

Even when I do not sign the file, but only encrypt using their public key, their software is not able to recognize that the file has been encrypted by their file. Instead throws an error ?Not encrypted to our key?.

 

Any pointers on that error message.

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email]

W: www.fcsbusinesssolutions.com


From: Justin Kolb [mailto:[hidden email]]
Sent: Friday, December 09, 2005 4:06 PM
To: Hemanth Kashinath; [hidden email]
Subject: RE: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

If you are using signatures PGPv7 can only decode version 3 signatures. To make version 3 signatures with BouncyCastle use the PGPV3SignatureGenerator instead of  the PGPSignatureGenerator.

-----Original Message-----
From: Hemanth Kashinath [mailto: [hidden email]]
Sent: Friday, December 09, 2005 5:00 PM
To: [hidden email]
Subject: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Hi Everybody,

 

My clients are unable to decrypt the file encrypted by Bouncy Castle API.

 

Please find the details below.

 

Encryption Details:

----------------------------

Bouncy Castle: Version 1.23

Java VM: Sun Java VM 1.4

Environment: Windows Professional XP

 

Public Certificate Used (Report retrieved using Bouncy Castle) :

-------- Public Key Report --------

     File Name: <filename>.asc

       Version: 4

 Creation Time: Thu Nov 14 11:03:38 MST 2002

     Algorithm: DSA

  Bit Strength: 1021

   Fingerprint: 781326d01a282e340401766b6fb3644aa09a45c5

        Key ID: 6fb3644aa09a45c5

Encryption Key: false

    Master Key: true

-----------------------------------

 

Decryption Details:

----------------------------

PGP Software: Version 7

Environment: Unix

 

Unfortunately, I don?t have many details about the decryption piece.

 

The decryption process is not even able to recognize that the file has been encrypted by their public key.

 

Any help would be much appreciated.

 

Please do not hesitate to contact me if you need more information.

 

Thanks in advance,

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email] [hidden email]

W: www.fcs-inc.com

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: PGP v7 software unable to decrypt BCPG encryption

Justin Kolb
Message
Make sure you use their public key when encrypting. If you are working with a keyring file the code I'm about to show you may not do you any good as I've only worked with keys stored in by themselves in individual files (keys gotten by doing an key export from the PGP program itself):
 
 public PGPPublicKey extractEncryptingKey(InputStream input, boolean armored) throws PgpException {
  try {
   InputStream keyInput;
   
   if (armored) {
    keyInput = new ArmoredInputStream(input);
   } else {
    keyInput = input;
   }
   
   PGPPublicKeyRing publicKeyRing = new PGPPublicKeyRing(keyInput);
   PGPPublicKey publicKey = null;
   
   for (Iterator i = publicKeyRing.getPublicKeys(); i.hasNext(); ) {
    publicKey = (PGPPublicKey)i.next();
    
    if (publicKey.isEncryptionKey()) {
     return publicKey;
    }
   }
   
   return null;
  } catch (IOException e) {
   throw new PgpException(e);
  }
 }
 
This code will take a key stored in a file by itself and look through all the parts to make sure that it finds the "encrypting key" part using the isEncryptionKey() method. Some files contain more than one key (some keys have different parts) so this method make sure the right key/part is chosen. For example some files may have both the public and private keys in them, some have what's called a signing key part and an encrypting key part.
 
If you have a real key ring file I think before you do the steps I have shown, you first have to make sure you find the right key with the right key ID #. I'm not much help after this as I've always done this one way (one key per file) and haven't taken the time to learn about real key ring files that contain multiple keys.
 
 
-----Original Message-----
From: Hemanth Kashinath [mailto:[hidden email]]
Sent: Friday, December 09, 2005 5:19 PM
To: [hidden email]
Cc: [hidden email]
Subject: RE: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Thanks Justin. I will keep that in mind.

 

I am new to PGP and hence a following question.

Even when I do not sign the file, but only encrypt using their public key, their software is not able to recognize that the file has been encrypted by their file. Instead throws an error “Not encrypted to our key”.

 

Any pointers on that error message.

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email][hidden email]

W: www.fcsbusinesssolutions.com


From: Justin Kolb [mailto:[hidden email]]
Sent: Friday, December 09, 2005 4:06 PM
To: Hemanth Kashinath; [hidden email]
Subject: RE: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

If you are using signatures PGPv7 can only decode version 3 signatures. To make version 3 signatures with BouncyCastle use the PGPV3SignatureGenerator instead of  the PGPSignatureGenerator.

-----Original Message-----
From: Hemanth Kashinath [mailto: [hidden email]]
Sent: Friday, December 09, 2005 5:00 PM
To: [hidden email]
Subject: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Hi Everybody,

 

My clients are unable to decrypt the file encrypted by Bouncy Castle API.

 

Please find the details below.

 

Encryption Details:

----------------------------

Bouncy Castle: Version 1.23

Java VM: Sun Java VM 1.4

Environment: Windows Professional XP

 

Public Certificate Used (Report retrieved using Bouncy Castle) :

-------- Public Key Report --------

     File Name: <filename>.asc

       Version: 4

 Creation Time: Thu Nov 14 11:03:38 MST 2002

     Algorithm: DSA

  Bit Strength: 1021

   Fingerprint: 781326d01a282e340401766b6fb3644aa09a45c5

        Key ID: 6fb3644aa09a45c5

Encryption Key: false

    Master Key: true

-----------------------------------

 

Decryption Details:

----------------------------

PGP Software: Version 7

Environment: Unix

 

Unfortunately, I don’t have many details about the decryption piece.

 

The decryption process is not even able to recognize that the file has been encrypted by their public key.

 

Any help would be much appreciated.

 

Please do not hesitate to contact me if you need more information.

 

Thanks in advance,

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email][hidden email]

W: www.fcs-inc.com

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: PGP v7 software unable to decrypt BCPG encryption

Justin Kolb
In reply to this post by Hemanth Kashinath
Message
After writing what I wrote earlier I realized you must be using an encrypting key otherwise BC throws an exception. All I can think is that you may be using the wrong key. I would debug it by printing out the ID of the key you are using to encrypt with during the process and then check with them to make sure it matches up with what they are expecting you to use.
-----Original Message-----
From: Hemanth Kashinath [mailto:[hidden email]]
Sent: Friday, December 09, 2005 5:19 PM
To: [hidden email]
Cc: [hidden email]
Subject: RE: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Thanks Justin. I will keep that in mind.

 

I am new to PGP and hence a following question.

Even when I do not sign the file, but only encrypt using their public key, their software is not able to recognize that the file has been encrypted by their file. Instead throws an error “Not encrypted to our key”.

 

Any pointers on that error message.

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email][hidden email]

W: www.fcsbusinesssolutions.com


From: Justin Kolb [mailto:[hidden email]]
Sent: Friday, December 09, 2005 4:06 PM
To: Hemanth Kashinath; [hidden email]
Subject: RE: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

If you are using signatures PGPv7 can only decode version 3 signatures. To make version 3 signatures with BouncyCastle use the PGPV3SignatureGenerator instead of  the PGPSignatureGenerator.

-----Original Message-----
From: Hemanth Kashinath [mailto: [hidden email]]
Sent: Friday, December 09, 2005 5:00 PM
To: [hidden email]
Subject: [dev-crypto] PGP v7 software unable to decrypt BCPG encryption

 

Hi Everybody,

 

My clients are unable to decrypt the file encrypted by Bouncy Castle API.

 

Please find the details below.

 

Encryption Details:

----------------------------

Bouncy Castle: Version 1.23

Java VM: Sun Java VM 1.4

Environment: Windows Professional XP

 

Public Certificate Used (Report retrieved using Bouncy Castle) :

-------- Public Key Report --------

     File Name: <filename>.asc

       Version: 4

 Creation Time: Thu Nov 14 11:03:38 MST 2002

     Algorithm: DSA

  Bit Strength: 1021

   Fingerprint: 781326d01a282e340401766b6fb3644aa09a45c5

        Key ID: 6fb3644aa09a45c5

Encryption Key: false

    Master Key: true

-----------------------------------

 

Decryption Details:

----------------------------

PGP Software: Version 7

Environment: Unix

 

Unfortunately, I don’t have many details about the decryption piece.

 

The decryption process is not even able to recognize that the file has been encrypted by their public key.

 

Any help would be much appreciated.

 

Please do not hesitate to contact me if you need more information.

 

Thanks in advance,

 

Hemanth Kashinath

Integration Architect, webMethods

FCS Business Solutions, Inc.

E: [hidden email][hidden email]

W: www.fcs-inc.com

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: PGP v7 software unable to decrypt BCPG encryption

Andrew Paterson-2
In reply to this post by Hemanth Kashinath
Justin Kolb said:
> If you are using signatures PGPv7 can only decode
> version 3 signatures.

You could try going further than that and using older format for the
encryption as well. The following extracts are from BCRampage in the
full BouncyCastle distribution (oldFormat is a boolean value indicating
whether the older format should be used).

1. Use a different constructor for PGPEncryptedDataGenerator:

   PGPEncryptedDataGenerator cPk = oldFormat?
      new PGPEncryptedDataGenerator(PGPEncryptedData.CAST5,
                                    new SecureRandom(),
                                    oldFormat,
                                    "BC"):
      new PGPEncryptedDataGenerator(PGPEncryptedData.CAST5,
                                    withIntegrityCheck,
                                    new SecureRandom(),
                                    "BC");

2. Set the flag on the PGPLiteralDataGenerator constructor:

   PGPLiteralDataGenerator lData = new
PGPLiteralDataGenerator(oldFormat);

HTH

Andrew
All opinions are completely my own - after all, who else would want to
take credit for them?

Loading...