Cannot decrypt files

allistair's Avatar

allistair

30 Jun, 2018 03:24 PM

Which of our tools is giving you problems?

GPGService/GPGKeyChain on Mac

Attach a screenshot of the version info for all installed components (how to: https://gpgtools.tenderapp.com/kb/faq/where-can-i-find-version-info...):

Version 1.4.4 (9010342) (1464n)

Describe your problem. Add as much detail as possible.

Created a public/private keypair end of 2017 and this is used by another party to encrypt files they send to us. I can see in GPGKeyChain that is has this key with Type sec/pub.

It used to be that I could right click one of the encrypted files and decrypt it, however the last couple of updates by GPGTools have stopped my being able to decrypt with error:

Decryption failed! (No public key) Code = 9

Via CLI I get the same issue:

gpg --output ~/Desktop/data.xml --decrypt ~/Desktop/data.xml.gpg

gpg: WARNING: cipher algorithm CAST5 not found in recipient preferences
gpg: encrypted with ELG key, ID xxx
gpg: encrypted with 4096-bit RSA key, ID xxx, created 2017-10-02
"xxx Production [email blocked]" gpg: Signature made Sat 23 Jun 03:30:01 2018 BST
gpg: using DSA key xxx
gpg: issuer "xxx Production [email blocked]"
gpg: Can't check signature: No public key
gpg: WARNING: message was not integrity protected
gpg: Hint: If this message was created before the year 2003 it is
likely that this message is legitimate. This is because back then integrity protection was not widely used. gpg: Use the option '--ignore-mdc-error' to decrypt anyway.
gpg: decryption forced to fail!

If I add --ignore-mdc-error to the CLI command then it works - is there a way to set --ignore-mdc-error via the GPG Suite tools or otherwise resolve this?

What did you expect instead

A decrypted file.

Describe steps leading to the problem.

I open the encrypted filee with GPGKeyChain or GPGServices.app

Are you using any other Mail.app plugins?

No

  1. Support Staff 1 Posted by Luke Le on 07 Jul, 2018 03:16 PM

    Luke Le's Avatar

    Hi allistair,

    we are very sorry you are having problems with GPG Suite.
    When you try to decrypt the message, do you see a warning about integrity protection (from 2018.3 onward)? Even if you see an error dialog, is the file really not decrypted in the end? It might be that only the error is shown, but the file is still decrypted, since the error is related to the signature of the file.

    And last, please let us know what kind of software the other party is using, since they seem to be sending files without integrity protection (MDC) which is pretty bad from a security perspective (to learn why see efail)

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac