Decrypt error: "gpg: block_filter: 1st length byte missing"

Alan Watt alan.watt at per-se.com
Thu Jan 19 16:11:23 CET 2006 

I get this error several times a week, out of a decryption volume of 
about 10,500 files per week.  The verbose output is:

===========================================
	 gpg: public key is 268C2A61
	[GNUPG:] ENC_TO 60019F71268C2A61 16 0
	gpg: using secondary key 268C2A61 instead of primary key B0B2EBAF
	[GNUPG:] USERID_HINT 60019F71268C2A61 <company name deleted>
	[GNUPG:] NEED_PASSPHRASE 60019F71268C2A61 694D94E7B0B2EBAF 16 0
	[GNUPG:] GOOD_PASSPHRASE
	gpg: using secondary key 268C2A61 instead of primary key B0B2EBAF
	gpg: encrypted with 2048-bit ELG-E key, ID 268C2A61, created 1999-11-04
	      "<company name deleted>"
	[GNUPG:] BEGIN_DECRYPTION
	gpg: CAST5 encrypted data
	gpg: original file name='ED_32509.hpf'
	[GNUPG:] PLAINTEXT 62 0 ED_32509.hpf
	gpg: block_filter: 1st length byte missing
	[GNUPG:] DECRYPTION_OKAY
	gpg: WARNING: message was not integrity protected
	[GNUPG:] END_DECRYPTION
===========================================


I have an old (version 5) copy of PGP we use as a backup if GPG fails. 
This decrypts the same files
without complaint. Usually the GPG output is identical to the PGP 
output, and in the cases where
the file has some kind of text structure I can examine, it appears 
intact.  That is, it appears this is a false alarm.

The production system is still using GPG 1.0.6, but I have confirmed the 
same results on a test
system with GPG 1.2.6.

This happens with files from a number of different sending partners, and 
using several different public keys (in other words, it does not appear 
to be limited to one particular encryption implementation or key).

In the past I have run into this error when the encrypted file contained 
extra NUL characters at
the end, due to incorrect FTP record size parameters when passing 
through a mainframe system,
but these files do not appear to have that problem.

I did not see any mention of this problem being identified and fixed in 
the bug notes.

Does anyone have any insight on this?  I want to toss the old PGP 
software completely, but I can't as long as I keep getting these errors.

More information about the Gnupg-devel mailing list