Decrypt an encrypted mail with detached signature?! ?

Holger Sesterhenn Holger.Sesterhenn@aachen.utimaco.de
Fri Jul 25 16:17:02 2003


Hi,

I have received a mail which is encrypted by a CryptEx OpenPGP client.

Using 'gpg --decrypt mail.asc' I see this output:
---------------------------
user@compi:~/tmp/> gpg --status-fd 2 --decrypt mail.asc
[GNUPG:] ENC_TO 1111111111111111 16 0
[GNUPG:] GOOD_PASSPHRASE
[GNUPG:] ENC_TO 2222222222222222 16 0
gpg: encrypted with 2048-bit ELG-E key, ID 11111111, created 2011-11-11
      "user...">"
gpg: encrypted with 2048-bit ELG-E key, ID 22222222, created 2003-05-07
      "Holger.Sesterhenn@aachen.utimaco.de
<Holger.Sesterhenn@aachen.utimaco.de>"
[GNUPG:] BEGIN_DECRYPTION
Testmessage signed and encrypted with PGP
Detached signature.
Please enter name of data file:
----------------------------
This mail is encrypted to me and the senders key (11111). The text of the
mail is just "Testmessage signed and encrypted with PGP"

It is a simple PGP/INLINE mail, no attachment, no additional data file:

+----BEGIN PGP MESSAGE-----
Version: CryptoEx OpenPGP Engine Version 2.1
Comment: CryptoEx Client Suite - http://www.cryptoex.com

wcFOAw5PUUHNeYvGEAf9EUipyK3V6ohzYZRwruRSyXyrv+QRvdG8lSEI9V7c+P5U
[...]
r5ppwy1kJqn3OXZJJouQL7UuO+ZDpFXsfzik+i/+Vt7DLpIJWKd6pZSbp781WkTE
7hdN4GM=
=lwaz
+----END PGP MESSAGE-----

I have tried to see more with --verbose --verbose --verbose but I could not
find a hint that this mail has a deteched signature. Which signature type
from RFC2440 does mark a detached signature? Type 0x00???

PGPDUMP does not help because it as an encrypted mail :)

I have then imported my key into PGP 8.0 for Windows and

"%&!"&&GRRR"

it does decrypt and verify the message without any error message.

Whats going on?

Best Regards,
Utimaco Safeware AG

Holger Sesterhenn
Development Engineer Security Gateway
--
Tel.:       +49 (0) 241 1696-200
Fax.:       +49 (0) 241 1696-199
mailto:Holger.Sesterhenn@aachen.utimaco.de
Internet   http://www.utimaco.de