Quantcast

Problem PGP 2.6.3i encryption results

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem PGP 2.6.3i encryption results

shadwyn
This post was updated on .
Hello,

I'm working on Java project which would centralize PGP encryption by legacy systems.

I choose latest Bouncy Castle OpenPGP libraries - version 1.51.

After lots of research I finally manage to encrypt file so it's content is recognized by old console PGP 2.6.3i applications. Having right keys encrypted file would be successfully decrypted and attached signature verified.

So we went live and almost instantly had problems. In some cases files are decrypted, but signatures are not verified and user receive "WARNING: Bad signature, doesn't match file contents!".

Further investigation showed that in some cases decrypted some parts of file content are shifted or replaced by other parts.

I could not find patter based on which data had shifted, but all test cases looked kinda same. I wrote small program that generates random character lines with specified total length. And it appears that these problems appear in files larger then 8000 bytes, and are mostly observed in middle and end parts of file (That's why we went live, we tested on small files).

I attached some test files I made. I hope it helps.
Initial production file - T070415.TXT
Decryption result - D_T070415.TXT
Initial test file - orig_a9900.txt
Decryption result - a9900.txt

Thank you in advance.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
This is my code.

        /**
	 * Prepares, sings, compresses, and encrypts.<br>
	 *
	 * @param fileContents
	 * @param fileName
	 * @param recipients
	 * @param signer
	 * @return
	 * @throws FreshPgpException
	 */
	public byte[] signAndEcnrypt(byte[] fileContents, String fileName, List<PgpPerson> recipients,
			PgpPerson signer) throws FreshPgpException {

		_LOG.debug("Encrypting file '" + fileName + "' for " + recipients);

		Security.addProvider(new BouncyCastleProvider());

		byte[] literalized = literalize(fileContents, fileName);

		byte[] signed = signer != null ? sign(fileContents, signer) : null;

		byte[] compressed = compress(literalized, signed);

		return encrypt(compressed, recipients);
	}

	/**
	 * Prepares literal data. Uses {@link PGPLiteralDataGenerator#BINARY}.<br>
	 *
	 * @param fileContents
	 * @param fileName
	 * @return
	 * @throws FreshPgpException
	 */
	private byte[] literalize(byte[] fileContents, String fileName) throws FreshPgpException {
		PGPLiteralDataGenerator literalDataGenerator = null;
		ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
		try {
			literalDataGenerator = new PGPLiteralDataGenerator(true);
			OutputStream literalOS = literalDataGenerator.open(byteOS,
					PGPLiteralDataGenerator.TEXT, fileName, fileContents.length,
					PGPLiteralDataGenerator.NOW);
			literalOS.write(fileContents);

		} catch (IOException e) {
			_LOG.error(e.getMessage(), e);
			throw new FreshPgpException("Error while writing liter data packet!");

		} finally {

			if (literalDataGenerator != null) {
				try {
					literalDataGenerator.close();

				} catch (IOException e) {
					_LOG.error(e.getMessage(), e);
					throw new FreshPgpException("Error while closing literal data generator!");
				}
			}
		}
		return byteOS.toByteArray();
	}

	/**
	 * Applies compression using <code>ZIP</code> method. <br>
	 *
	 * @param literalized
	 *            - byte array of literalized input file contents
	 * @param signed
	 *            - <code>(optional)</code> byte array of signed input file
	 *            contents
	 * @return
	 * @throws FreshPgpException
	 */
	private byte[] compress(byte[] literalized, byte[] signed) throws FreshPgpException {
		PGPCompressedDataGenerator compressedDataGenerator = null;
		ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
		try {
			compressedDataGenerator = new PGPCompressedDataGenerator(CompressionAlgorithmTags.ZIP);
			OutputStream compressedOS = compressedDataGenerator.open(byteOS);

			if (signed != null) {
				compressedOS.write(signed);
			}
			compressedOS.write(literalized);

		} catch (IOException e) {
			_LOG.error(e.getMessage(), e);
			throw new FreshPgpException("Error while compressing data!");

		} finally {

			if (compressedDataGenerator != null) {
				try {
					compressedDataGenerator.close();

				} catch (IOException e) {
					_LOG.error(e.getMessage(), e);
					throw new FreshPgpException("Error while closing data compressor!");
				}
			}
		}
		return byteOS.toByteArray();
	}

	/**
	 * Generates and initializes PGP signer instance and signs input data using
	 * <code>MD5</code> hash algorithm.<br>
	 *
	 * @param fileContents
	 *            - data to be signed
	 * @param signer
	 * @return
	 * @throws FreshPgpException
	 */
	private byte[] sign(byte[] fileContents, PgpPerson signer) throws FreshPgpException {
		ByteArrayOutputStream byteOS = new ByteArrayOutputStream();

		try {
			PGPSecretKey secretKey = PgpKeyManager.findSecretKey(signer);
			PGPPrivateKey privateKey = PgpKeyManager.extractPrivateKey(secretKey,
					signer.getPrivateKeyPassword());

			PGPV3SignatureGenerator signatureGenerator = new PGPV3SignatureGenerator(
					new BcPGPContentSignerBuilder(secretKey.getPublicKey().getAlgorithm(),
							HashAlgorithmTags.MD5));
			signatureGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privateKey);
			signatureGenerator.update(fileContents);
			signatureGenerator.generate().encode(byteOS);

		} catch (PGPException | IOException | KeyNotFoundException e) {
			_LOG.error(e.getMessage(), e);
			throw new FreshPgpException("Error while signing message!");
		}
		return byteOS.toByteArray();
	}

	/**
	 * Encrypts data using <code>IDEA</code> algorithm.<br>
	 *
	 * @param compressed
	 *            - used when compression applied
	 * @param recipients
	 * @return
	 * @throws FreshPgpException
	 */
	private byte[] encrypt(byte[] compressed, List<PgpPerson> recipients) throws FreshPgpException {
		ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
		PGPEncryptedDataGenerator encryptedDataGenerator = null;
		try {
			BcPGPDataEncryptorBuilder builder = new BcPGPDataEncryptorBuilder(
					SymmetricKeyAlgorithmTags.IDEA);
			encryptedDataGenerator = new PGPEncryptedDataGenerator(builder, true);
			for (PgpPerson recipient : recipients) {
				PGPPublicKey publicKey = PgpKeyManager.findPublicKey(recipient.getUserId());
				encryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(
						publicKey));
			}
			OutputStream encryptedOS = encryptedDataGenerator.open(byteOS, compressed.length);

			if (compressed != null) {
				encryptedOS.write(compressed);
			}

		} catch (KeyNotFoundException | IOException | PGPException e) {
			_LOG.error(e.getMessage(), e);
			throw new FreshPgpException("Error while encrypting data!");

		} finally {

			if (encryptedDataGenerator != null) {
				try {
					encryptedDataGenerator.close();

				} catch (IOException e) {
					_LOG.error(e.getMessage(), e);
					throw new FreshPgpException("Error while closing encryptor!");
				}
			}
		}
		return byteOS.toByteArray();
	}
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
In reply to this post by shadwyn
Looks like I messed up with providing example files from production system.

Here are additional:
  1. before-encryption.TXT
  2. after-decryption.TXT
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

David Hook

Nothing obvious. Try generating a file that is correct using the other system, see what you get back using the Java code. Look for differences in the encrypted files.

Regards,

David

On 22/04/15 17:24, shadwyn wrote:
Looks like I messed up with providing example files from production system.

Here are additional:
  1. before-encryption.TXT
  2. after-decryption.TXT


View this message in context: Re: Problem PGP 2.6.3i encryption results
Sent from the Bouncy Castle - Dev mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

martijn.list
In reply to this post by shadwyn

Hi,

It looks like you forgot to close a couple of streams.

1. literalOS should be closed (before closing literalDataGenerator)

2. compressedOS should be closed (before closing compressedDataGenerator)

3. encryptedOS should be closed (before closing encryptedDataGenerator)

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

http://www.ciphermail.com

Twitter: http://twitter.com/CipherMail


On 04/17/2015 12:28 PM, shadwyn wrote:

> This is my code.
>
>         /**
> * Prepares, sings, compresses, and encrypts.<br>
> *
> * @param fileContents
> * @param fileName
> * @param recipients
> * @param signer
> * @return
> * @throws FreshPgpException
> */
> public byte[] signAndEcnrypt(byte[] fileContents, String fileName, List<PgpPerson> recipients,
> PgpPerson signer) throws FreshPgpException {
>
> _LOG.debug("Encrypting file '" + fileName + "' for " + recipients);
>
> Security.addProvider(new BouncyCastleProvider());
>
> byte[] literalized = literalize(fileContents, fileName);
>
> byte[] signed = signer != null ? sign(fileContents, signer) : null;
>
> byte[] compressed = compress(literalized, signed);
>
> return encrypt(compressed, recipients);
> }
>
> /**
> * Prepares literal data. Uses {@link PGPLiteralDataGenerator#BINARY}.<br>
> *
> * @param fileContents
> * @param fileName
> * @return
> * @throws FreshPgpException
> */
> private byte[] literalize(byte[] fileContents, String fileName) throws FreshPgpException {
> PGPLiteralDataGenerator literalDataGenerator = null;
> ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
> try {
> literalDataGenerator = new PGPLiteralDataGenerator(true);
> OutputStream literalOS = literalDataGenerator.open(byteOS,
> PGPLiteralDataGenerator.TEXT, fileName, fileContents.length,
> PGPLiteralDataGenerator.NOW);
> literalOS.write(fileContents);
>
> } catch (IOException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while writing liter data packet!");
>
> } finally {
>
> if (literalDataGenerator != null) {
> try {
> literalDataGenerator.close();
>
> } catch (IOException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while closing literal data generator!");
> }
> }
> }
> return byteOS.toByteArray();
> }
>
> /**
> * Applies compression using <code>ZIP</code> method. <br>
> *
> * @param literalized
> *            - byte array of literalized input file contents
> * @param signed
> *            - <code>(optional)</code> byte array of signed input file
> *            contents
> * @return
> * @throws FreshPgpException
> */
> private byte[] compress(byte[] literalized, byte[] signed) throws FreshPgpException {
> PGPCompressedDataGenerator compressedDataGenerator = null;
> ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
> try {
> compressedDataGenerator = new PGPCompressedDataGenerator(CompressionAlgorithmTags.ZIP);
> OutputStream compressedOS = compressedDataGenerator.open(byteOS);
>
> if (signed != null) {
> compressedOS.write(signed);
> }
> compressedOS.write(literalized);
>
> } catch (IOException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while compressing data!");
>
> } finally {
>
> if (compressedDataGenerator != null) {
> try {
> compressedDataGenerator.close();
>
> } catch (IOException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while closing data compressor!");
> }
> }
> }
> return byteOS.toByteArray();
> }
>
> /**
> * Generates and initializes PGP signer instance and signs input data using
> * <code>MD5</code> hash algorithm.<br>
> *
> * @param fileContents
> *            - data to be signed
> * @param signer
> * @return
> * @throws FreshPgpException
> */
> private byte[] sign(byte[] fileContents, PgpPerson signer) throws FreshPgpException {
> ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
>
> try {
> PGPSecretKey secretKey = PgpKeyManager.findSecretKey(signer);
> PGPPrivateKey privateKey = PgpKeyManager.extractPrivateKey(secretKey,
> signer.getPrivateKeyPassword());
>
> PGPV3SignatureGenerator signatureGenerator = new PGPV3SignatureGenerator(
> new BcPGPContentSignerBuilder(secretKey.getPublicKey().getAlgorithm(),
> HashAlgorithmTags.MD5));
> signatureGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privateKey);
> signatureGenerator.update(fileContents);
> signatureGenerator.generate().encode(byteOS);
>
> } catch (PGPException | IOException | KeyNotFoundException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while signing message!");
> }
> return byteOS.toByteArray();
> }
>
> /**
> * Encrypts data using <code>IDEA</code> algorithm.<br>
> *
> * @param compressed
> *            - used when compression applied
> * @param recipients
> * @return
> * @throws FreshPgpException
> */
> private byte[] encrypt(byte[] compressed, List<PgpPerson> recipients) throws FreshPgpException {
> ByteArrayOutputStream byteOS = new ByteArrayOutputStream();
> PGPEncryptedDataGenerator encryptedDataGenerator = null;
> try {
> BcPGPDataEncryptorBuilder builder = new BcPGPDataEncryptorBuilder(
> SymmetricKeyAlgorithmTags.IDEA);
> encryptedDataGenerator = new PGPEncryptedDataGenerator(builder, true);
> for (PgpPerson recipient : recipients) {
> PGPPublicKey publicKey = PgpKeyManager.findPublicKey(recipient.getUserId());
> encryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(
> publicKey));
> }
> OutputStream encryptedOS = encryptedDataGenerator.open(byteOS, compressed.length);
>
> if (compressed != null) {
> encryptedOS.write(compressed);
> }
>
> } catch (KeyNotFoundException | IOException | PGPException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while encrypting data!");
>
> } finally {
>
> if (encryptedDataGenerator != null) {
> try {
> encryptedDataGenerator.close();
>
> } catch (IOException e) {
> _LOG.error(e.getMessage(), e);
> throw new FreshPgpException("Error while closing encryptor!");
> }
> }
> }
> return byteOS.toByteArray();
> }
>
>
>
>
>
>
>
> ------------------------------------------------------------------------
>
> View this message in context: Re: Problem PGP 2.6.3i encryption results <http://bouncy-castle.1462172.n4.nabble.com/Problem-PGP-2-6-3i-encryption-results-tp4657603p4657604.html>
>
> Sent from the Bouncy Castle - Dev mailing list archive <http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html> at Nabble.com.
>
>
>



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
martijn.list wrote
Hi,

It looks like you forgot to close a couple of streams.

1. literalOS should be closed (before closing literalDataGenerator)

2. compressedOS should be closed (before closing compressedDataGenerator)

3. encryptedOS should be closed (before closing encryptedDataGenerator)

Kind regards,

Martijn Brinkers
As I expected - closing those output streams had no effect.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
In reply to this post by David Hook
David Hook wrote
Nothing obvious. Try generating a file that is correct using the other
system, see what you get back using the Java code. Look for differences
in the encrypted files.

Regards,

David
What should I use to compare encrypted files' content?
What should I be looking for?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

martijn.list
In reply to this post by shadwyn
On 04/24/2015 07:50 AM, shadwyn wrote:

> martijn.list wrote
>> Hi,
>>
>> It looks like you forgot to close a couple of streams.
>>
>> 1. literalOS should be closed (before closing literalDataGenerator)
>>
>> 2. compressedOS should be closed (before closing compressedDataGenerator)
>>
>> 3. encryptedOS should be closed (before closing encryptedDataGenerator)
>>
>> Kind regards,
>>
>> Martijn Brinkers
>
> As I expected - closing those output streams had no effect.

The sentence with "As I expected.. had no effect" sounds a bit impolite
but since I'm not a bad person I continue to help :)

How did you confirm that it did not work? Was the output still messed up
or did the signature verification failed? This is important to know. In
your example your data was messed up which indicated that there was some
buffer which was either overrun or not written, hence the suggestion to
close the streams. The reason for not validating might be because it
looks like your code does not correctly canonicalize the input for a
CANONICAL_TEXT_DOCUMENT.

So, my question is the output still messed up when closing the streams
as suggested by me or was it only the signature that failed?

Regards,

Martijn Brinkers

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

David Hook
In reply to this post by shadwyn

Differences.

Confirm you can decrypt what you generate on your side using the same tools.
Confirm you can decrypt what is generated on the other side using the
other sides tools.
Confirm you can decrypt what is generated on the other side using your
tools.

If you get to here you should have an example of an encrypted message
which the other side will accept, at that point it's a matter of using
dump utilities such as "gpg --list-packets" and others to look at the
contents of the example and compare it to what your application is
generating.

The other thing with this one - given how you describe the problem and
the data you have provided there is nothing to indicate this is related
to PGP. The before/after decryption.TXT files are the same byte length,
although the after file is one line longer, and a decryption error
normally isn't this "polite" about how it manifests - there's no binary
data or crazy characters and there is something suspiciously regular
about the differences.

For example after:

NRDEE3100004466TAL1T           B1102       FIEQDM01                
500        A1     3913:37:1R008      A0                        
91204           XTAL0000012015-03-03                        
AOR008      A0                                        XTAL  EUR

versus before

NRDEE3100004466TAL1T           B1102       FIEQDM01                
500      500   0.83913:37:141                                  
912048              0000012015-03-03                        
AOR008      A0                                        XTAL  EUR

I would check that you can decrypt what you generate correctly using the
BC API first. After that I'd be more inclined to look for things like
InputStream.read(byte[])/InputStream.read(byte[],int,int) on the other
side where someone has forgotten that there's a reason for the integer
return value on those methods.

Regards,

David

On 24/04/15 18:51, shadwyn wrote:

> David Hook wrote
>> Nothing obvious. Try generating a file that is correct using the other
>> system, see what you get back using the Java code. Look for differences
>> in the encrypted files.
>>
>> Regards,
>>
>> David
> What should I use to compare encrypted files' content?
> What should I be looking for?
>
>
>
> --
> View this message in context: http://bouncy-castle.1462172.n4.nabble.com/Problem-PGP-2-6-3i-encryption-results-tp4657603p4657617.html
> Sent from the Bouncy Castle - Dev mailing list archive at Nabble.com.
>
>


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
In reply to this post by martijn.list
martijn.list wrote
How did you confirm that it did not work? Was the output still messed up
or did the signature verification failed? This is important to know.
Yes. Output was corrupted in exactly same way as before suggested changes.

martijn.list wrote
The reason for not validating might be because it
looks like your code does not correctly canonicalize the input for a
CANONICAL_TEXT_DOCUMENT.
Signature is not always invalid. If to change literal data type to BINARY and signature type to BINARY - problem still occurs.
Form all tests I've do I assume it's because signature is being created based on correct file contents, but after decryption (decrypted file contents is corrupt/differs from original) it can't be validated.

martijn.list wrote
So, my question is [..] or was it only the signature that failed?
Problem does not occur for smaller files. For those after decryption signature is considered valid and decrypted file contents matches original.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

shadwyn
In reply to this post by David Hook
David Hook wrote
Confirm you can decrypt what you generate on your side using the same tools.
Confirm you can decrypt what is generated on the other side using the
other sides tools.
Confirm you can decrypt what is generated on the other side using your
tools.
For tests I used:
   A. Old PGP 2.6.3i console application
   B. My Java code with BC
   C. GnuPG application with IDEA extension installed

Results:
A -> B - works (except signature validation cause I haven't figured out how to do it without one-pass signatures)
A -> C - works

B -> A - does not work
B -> C - works (surprisingly!)

C -> A - works (with --rfc1991 option)
C -> B - works (with --rfc1991 option)

So looks like my code does not work with only tool that it needs to work with.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

martijn.list
On 04/28/2015 02:51 PM, shadwyn wrote:

> David Hook wrote
>> Confirm you can decrypt what you generate on your side using the same
>> tools.
>> Confirm you can decrypt what is generated on the other side using the
>> other sides tools.
>> Confirm you can decrypt what is generated on the other side using your
>> tools.
>
> For tests I used:
>    A. Old PGP 2.6.3i console application
>    B. My Java code with BC
>    C. GnuPG application with IDEA extension installed
>
> Results:
> A -> B - /works/ (except signature validation cause I haven't figured out
> how to do it without one-pass signatures)
> A -> C - /works/
>
> B -> A - /does not work/
> B -> C - /works /(surprisingly!)
>
> C -> A - /works /(with --rfc1991 option)
> C -> B - /works /(with --rfc1991 option)
>
> So looks like my code does not work with only tool that it needs to work
> with.

What happens if you only encrypt (i.e., skip signing)?

Kind regards,

Martijn


--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

David Hook

Also what's different between C and B in the produced message? It sounds
like it may also be the interpretation of the literal data object.

Regards,

David

On 28/04/15 23:21, martijn.list wrote:

> On 04/28/2015 02:51 PM, shadwyn wrote:
>> David Hook wrote
>>> Confirm you can decrypt what you generate on your side using the same
>>> tools.
>>> Confirm you can decrypt what is generated on the other side using the
>>> other sides tools.
>>> Confirm you can decrypt what is generated on the other side using your
>>> tools.
>> For tests I used:
>>    A. Old PGP 2.6.3i console application
>>    B. My Java code with BC
>>    C. GnuPG application with IDEA extension installed
>>
>> Results:
>> A -> B - /works/ (except signature validation cause I haven't figured out
>> how to do it without one-pass signatures)
>> A -> C - /works/
>>
>> B -> A - /does not work/
>> B -> C - /works /(surprisingly!)
>>
>> C -> A - /works /(with --rfc1991 option)
>> C -> B - /works /(with --rfc1991 option)
>>
>> So looks like my code does not work with only tool that it needs to work
>> with.
> What happens if you only encrypt (i.e., skip signing)?
>
> Kind regards,
>
> Martijn
>
>


mbg
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem PGP 2.6.3i encryption results

mbg
This post has NOT been accepted by the mailing list yet.
Hello,

We have exactly the same problem with bouncycastle java pgp encryption.
Some files ( usually small size ) encrypted/encrypted and signed with my java program ( using bouncycastle 1.55 version  (bcpg-jdk15on-155.jar ))  can be successfully decrypted and verified by PGP Desktop, by the same java program using bouncycastle and also by console PGP 2.6.3i application.
But some files encrypted/encrypted and signed with the same program can be successfully decrypted and verified by PGP Desktop, by the same java program using bouncycastle, but decrypting with PGP 2.6.3i application we get file that differs from original encrypted file. If we encrypt these files with 2.6.3i application, then they can be decrypted by all mentioned programs.
The same effect described in the topic.
Have you any progress with this problem investigation or solution?

Thanks in advance
Loading...