"decryption forced to fail" due to missing signature?

Alexander Strobel Alexander.Strobel at giepa.de
Tue Jan 23 11:45:01 CET 2018 

Thunderbird/Enigmail shows an error "decryption failed" when I decrypt
an email that was not signed.
For testing I did an en/decryption on command line and see the error
"gpg: decryption forced to fail" when I decrypt my file.

Here is what I did with GnuPG v2.2.4:

c:\users\...>dir * > toencrypt.txt
c:\users\...>gpg --encrypt toencrypt.txt

c:\users\...> gpg -vv -o decrypted.txt --decrypt toencrypt.txt.gpg
# off=0 ctb=85 tag=1 hlen=3 plen=524
:pubkey enc packet: version 3, algo 1, keyid AC4E42952F82C45E
        data: [4095 bits]
gpg: public key is AC4E42952F82C45E
gpg: using subkey AC4E42952F82C45E instead of primary key 874D04CCA111C47B
gpg: public key encrypted data: good DEK
# off=527 ctb=c9 tag=9 hlen=2 plen=0 partial new-ctb
:encrypted data packet:
        length: unknown
gpg: using subkey AC4E42952F82C45E instead of primary key 874D04CCA111C47B
gpg: encrypted with 4096-bit RSA key, ID AC4E42952F82C45E, created
2015-01-27
      "Alexander Strobel (Giegerich & Partner GmbH)"
gpg: AES256 encrypted data
# off=547 ctb=a3 tag=8 hlen=1 plen=0 indeterminate
:compressed packet: algo=2
# off=549 ctb=ad tag=11 hlen=3 plen=1495
:literal data packet:
        mode b (62), created 1516703454, name="toencrypt.txt",
        raw data: 1476 bytes
gpg: original file name='toencrypt.txt'
gpg: WARNING: message was not integrity protected
gpg: decryption forced to fail


As long as I use GnuPG 1.4.22 it is working as expected:
c:\users\...>dir * > toencrypt.txt
c:\users\...>gpg --encrypt toencrypt.txt

c:\users\...> gpg -vv -o decrypted.txt --decrypt toencrypt.txt.gpg
:pubkey enc packet: version 3, algo 1, keyid AC4E42952F82C45E
        data: [4095 bits]
gpg: public key is 2F82C45E
gpg: can't handle public key algorithm 22
gpg: can't handle public key algorithm 18
gpg: using subkey 2F82C45E instead of primary key A111C47B

You need a passphrase to unlock the secret key for
user: "Alexander Strobel (Giegerich & Partner GmbH)"
gpg: using subkey 2F82C45E instead of primary key A111C47B
4096-bit RSA key, ID 2F82C45E, created 2015-01-27 (main key ID A111C47B)

gpg: public key encrypted data: good DEK
:encrypted data packet:
        length: 390
gpg: encrypted with 4096-bit RSA key, ID 2F82C45E, created 2015-01-27
      "Alexander Strobel (Giegerich & Partner GmbH)"
gpg: AES256 encrypted data
:compressed packet: algo=2
:literal data packet:
        mode b (62), created 1516704178, name="toencrypt.txt",
        raw data: 835 bytes
gpg: original file name='toencrypt.txt'
gpg: decryption okay
gpg: WARNING: message was not integrity protected


Is this behavior intended?


Best regards
Alex Strobel
gpg4o.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180123/c434383d/attachment.sig>

More information about the Gnupg-devel mailing list