How to verify the file was successfully encrypted...

Jonathan Rockway jon at
Wed Jul 12 20:11:20 CEST 2006

> There is no way to design such a self-check.  This isn't a lack in
> GnuPG, but a design impossibility for any program.  Think about it: a
> "check mode" would try and account for a bug in GnuPG and warn you
> that the file was not encrypted properly.  However, if you're
> presuming a bug, then who says you should trust the check mode?
> If GnuPG completes successfully, that means it succeeded.  If you want
> more assurance than that, the only way to do it is to decrypt the file
> and compare.

If you wanted to be really sure that GPG didn't mess something else, try 
decrypting it with some other OpenPGP implementation.  If you're using 
perl, use Crypt::OpenPGP.  (And Text::Diff to do your diff, and 
File::Slurp to read in the files for Text::Diff :)

BTW, why are you encrypting these files anyway?  If someone broke into 
your computer they could just steal the crypto key too.

Jonathan Rockway

More information about the Gnupg-users mailing list