Mismatch between binary and ASCII-armored output for encrypted message

Chris Sutton lists at chrissutton.org
Wed Sep 30 11:27:45 CEST 2009


I'm using the GPG command-line tool to generate test data for a system
and I'm having trouble with the binary and ASCII-armored output not
seeming to correspond for encrypted messages. If anyone could point out
where I'm going wrong or what I've misunderstood, I'd really appreciate it.

What works

When I generate private and public keys, I can export them in binary
form and then use a base64 encoder (in this case
http://base64.sourceforge.net/) to generate a base64-encoded version. I
can also export them using GPG's -a option to generate the
base64-encoded version directly.

If I remove the '-----' header and footer, and the checksum, the two
blocks match. Similarly, if I use the corresponding base64 decoder to
decode GPG's ASCII-armored block, the binary file it produces matches
GPG's binary output.

So far, so good!

What doesn't work

I was under the impression that exactly the same process should work for
a message encrypted using GPG. I pass in a plaintext file with the -e
and -r options, and generate the binary and ASCII-armored versions as
above. However, when I base64 encode the binary, or base64 decode
the ASCII, the result does not match GPG's other version.

It appears as if GPG is putting slightly different binary data into the
ASCII-armored version as into the direct binary output. Is this possible?

Any advice would be much appreciated,


Chris Sutton

More information about the Gnupg-users mailing list