Test symmetrically encrypted files for errors - make sure they can be decrypted

Peter Lebbing peter at digitalbrains.com
Mon Jul 24 12:10:36 CEST 2017 

Hi!

On 22/07/17 00:01, karel-v_g at tutanota.com wrote:
> In short I am searching for something like the test option for packed
> files that most archivers offer.

I don't know what OS you're using, so the details might differ but this
works for me:

$ gpg --batch -o /dev/null -d test.txt.gpg ; echo $?
gpg: AES encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: encrypted message has been manipulated!
2

I deliberately corrupted the file. I say it should decrypt and output to
/dev/null, which on OS'es which have a /dev/null means "discard the
output". With an uncorrupted file, the exit status is 0, but here it is
2. Any non-interactive use should carry the --batch parameter so GnuPG
knows it's not currently talking to a human, and it should specify the
command (-d).

Alternatively, you could parse the status fd. The best way to
programmatically interact with GnuPG is through GPGME, but my gut
feeling says that for this really limited case, --status-fd is good
enough and cleaner than just relying on exit status. Perhaps exit status
is already good enough as long as data is not signed (which would
influence exit status), I'm not sure.

$ gpg --status-fd 3 --batch -o /dev/null -d test.txt.gpg 3>&1
1>/dev/null 2>&1
[GNUPG:] NEED_PASSPHRASE_SYM 7 3 2
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_INFO 2 7
[GNUPG:] PLAINTEXT 62 1500889574 test.txt
[GNUPG:] PLAINTEXT_LENGTH 4
[GNUPG:] BADMDC
[GNUPG:] DECRYPTION_FAILED
[GNUPG:] END_DECRYPTION

I'm just keeping what is printed on FD 3 here, be gone with all the
other cruft. What you actually want is a line that says DECRYPTION_OKAY.
If you parse the status-fd output for that line, I'd say you can be
pretty sure that the file is okay. Don't rely on the opposite
(DECRYPTION_FAILED); you want positive confirmation the file is OKAY, so
that's what you should check.

The only way to verify correctness of every byte of data is to decrypt
it; only then can the Modification Detection Code be computed and
verified. But there is no need to write the decrypted data to disk, as I
demonstrated.

HTH,

Peter.

Disclaimer: I don't usually script GnuPG, I might be forgetting about
something important like --batch (which I did remember).

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170724/147fbb97/attachment.sig>

More information about the Gnupg-users mailing list