Invalid Marker Packet issue using PGP to encrypt using GnuPG certificate

[David Shaw]

> On Apr 12, 2010, at 12:45 PM, Michael E. Strout wrote:
> 
>> Hi all,
>>                We're using GnuPG to both create an asynchronous key pair, the public key of which we provide to clients, and to decrypt the files encrypted with that certificate after its been transfered.  One particular client is uploading files which return an "Invalid Marker Packet" error when I try to decrypt them.
>> 
>> I've tried installing the newest versions of gpg, but it doesn't matter whether I'm using 1.4.9 or 2.0.12, I get an "invalid marker packet" error.
>> 
>> I've opened up an older upload which I was able to decrypt and the most recent upload in a hex editor and can see that the bytes following the PGP in the marker packet are different,
>> 
>> i.e. the one in the old file is 50 47 50 c1 c0 4c which reads as P G P 193 192 76 or PGP 12697676 or PGPÁÀL
>> While the one in the new file is 50 47 50 C1 C1 4E  which reads as P G P 193 193 78 or PGP 12697934 or PGPÁÁN
> 
> The only valid marker packet contains exactly 3 bytes: P, G, and P.  Given that the following byte is C1, it looks like that's the beginning of the next packet, rather than part of the marker packet.  C1 would be the encrypted session key packet, which makes sense at that point in the document.
> 
> Can you tell me a few bytes from *before* the P, G, P?  Perhaps the length is wrong.

On Apr 12, 2010, at 6:07 PM, Michael E. Strout wrote:

> Both Files begin with A8 03 50 47 50

A8 == Marker packet
03 == Length (3 bytes)
50 == 'P'
47 == 'G'
50 == 'P'

That looks fine.  It's possible there is corruption elsewhere in the file so that there is something that looks like a (mangled) marker packet, but this one is valid.

I'd check into how the client is sending you the files. If they're using FTP, make sure they are sending in binary or image mode and not ascii or text mode.

David