question on decryption with missing passcode

Robert J. Hansen rjh at
Thu Apr 18 01:37:19 CEST 2013

On 4/17/2013 5:05 PM, Beith, Linda wrote:
> Gpg: can’t open ‘rwu.dbdump_Nov2012.sql.gz.gpg’
> Gpg: decrypt_message failed: file open error

This is almost certainly a file permissions error on their end.  Whoever
is running GnuPG doesn't have the necessary permissions to read the file
they're trying to decrypt.  A quick way to test this would be to try and
open it in Notepad or Emacs (after making a copy, of course!).  If you
can't do that, then the problem isn't with GnuPG but is with the
permissions on the file.

> The assumption is  that something went wrong in the original encryption
> of the file. Do you have idea if it is possible to extract data in this
> situation? 

Your assumption is probably incorrect.  Let's look at the source code.
(It's okay if you don't know C: just skip over the source code and go to
the text under it.)

decrypt_message( const char *filename )
    IOBUF fp;
    int rc;

    /* Open the message file.  */
    fp = iobuf_open(filename);
    if (fp && is_secured_file (iobuf_get_fd (fp)))
        iobuf_close (fp);
        fp = NULL;
        errno = EPERM;
    if( !fp ) {
        rc = gpg_error_from_syserror ();
	log_error (_("can't open `%s': %s\n"), print_fname_stdin(filename),
                   gpg_strerror (rc));
        release_progress_context (pfx);
	return rc;

(Some non-essential lines have been removed for ease of reading.)

Your error message appears in here.  It doesn't appear anywhere else, so
we know that this is the source code that's relevant to your problem.[*]
 GnuPG is throwing an error before it's read a single byte of the file.
 It tries to open the file, can't, indicates the problem is disk
permissions ("errno = EPERM"; by long-standing UNIX tradition error
codes start with E), and bails out.

The problem is not that the file has been corrupted; it's that the file
is unreadable.  This is good news for you, since file permission
problems are *much* easier to fix than corruption problems.  :)

Hope this helps.  Let us know if we can be of more assistance.

[*] Technically it does appear other places, but those code paths only
get called for decrypting multiple files.  Here you're just decrypting
one, so the other code paths can be ignored.

More information about the Gnupg-users mailing list