Signing Problem after Moving GPG and Keys

Clough, Samuel (USPC.PRG.Atlanta) Samuel_Clough at princetonrg.com
Tue Sep 16 15:02:11 CEST 2008


I'm sorry, what I meant to say was that when I test with a test key, gpg
decrypts and says that the file is signed.  Our Vendor, however, says
the file is not signed when they decrypt it.  The follow up to this was
my second message where rolling back gpg to version 1.2.1 fixed the
problem (although I don't understand why).

-----Original Message-----
From: David Shaw [mailto:dshaw at jabberwocky.com] 
Sent: Monday, September 15, 2008 6:30 PM
To: Clough, Samuel (USPC.PRG.Atlanta)
Cc: gnupg-users at gnupg.org
Subject: Re: Signing Problem after Moving GPG and Keys

On Sep 10, 2008, at 3:32 PM, Clough, Samuel (USPC.PRG.Atlanta) wrote:

> I have a very frustrating problem with a file that is ascii armored  
> and signed.  Any help would be greatly appreciated as I've spent  
> hours on this with no solution and have never had a problem like  
> this before.
>
> For various reasons, we had to move our gpg installation from a  
> RedHat server to a Windows server.  The only differences (other than  
> the obvious OS difference) is that the RedHat GPG version is 1.2.1  
> and the Windows GPG install is version 1.4.9.  We needed the exact  
> same keys, so I moved all the contents of ~/.gnupg from the Linux  
> server to the gpg home on the windows server.  I didn't touch or  
> change the keyring and everything seemed to work fine.  Encryption  
> and decryption scripts are running just fine.  However, one major  
> vendor is complaining that when they get our file there is no  
> signature on it.   Their file is ascii armored and signed.  It  
> apparently decrypts on their end but the signature doesn't pass.  As  
> noted, I moved the keyring files, I didn't do any import or export  
> and I've made sure by copying the keyring again.  I'm also using the  
> exact same GPG command path.  The gpg return code is 0 on both  
> boxes.  The gpg output to stdout is identical except that on RedHat  
> I get  a line starting with "gpg: DSA signature" and on Windows I  
> get a line starting with "gpg: DSA/SHA1 signature."

Please clarify.  You state both that there is "no signature" and also  
that the "signature doesn't pass".  Is there a signature on the file  
or not?

David 
--------------------------------------------------------

Princeton Retirement Group, Inc - Important Terms 
This E-mail is not intended for distribution to, or use by, any person or entity in any location where such distribution or use would be contrary to law or regulation, or which would subject Princeton Retirement Group, Inc. or any affiliate to any registration requirement within such location. 
This E-mail may contain privileged or confidential information or may otherwise be protected by work product immunity or other legal rules. No confidentiality or privilege is waived or lost by any mistransmission. Access, copying or re-use of information by non-intended or non-authorized recipients is prohibited. If you are not an intended recipient of this E-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute any portion of this E-mail. 
The transmission and content of this E-mail cannot be guaranteed to be secure or error-free. Therefore, we cannot represent that the information in this E-mail is complete, accurate, uncorrupted, timely or free of viruses, and Princeton Retirement Group, Inc. cannot accept any liability for E-mails that have been altered in the course of delivery. Princeton Retirement Group, Inc. reserves the right to monitor, review and retain all electronic communications, including E-mail, traveling through its networks and systems (subject to and in accordance with local laws). If any of your details are incorrect or if you no longer wish to receive mailings such as this by E-mail please contact the sender by reply E-mail. 

--------------------------------------------------------



More information about the Gnupg-users mailing list