Cannot decrypt file encrypted with enQsig

Fri Aug 3 09:16:59 CEST 2018

On Thu, Aug 2, 2018 at 2:14 PM, Peter Lebbing <peter at digitalbrains.com>
wrote:
> So I think it's a safe bet they also screwed up the PKESK packet for
> your subkey, and the error is indeed related to it not representing a
> valid session key.

As I would like to understand things a bit better, do you think it is
possible to get some more details? In particular:

  * Is the encrypted packet in a bad format?

  * Does the 4096 bit RSA decryption fail?

  * Or: Is the decrypted packet in a bad format?

Again, the output by `pgpdump` for the packet associated with my
encryption key 04FDF78D1679DD94:

    $ pgpdump 000002-001.pk_enc
    New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
            New version(3)
            Key ID - 0x04FDF78D1679DD94
            Pub alg - RSA Encrypt or Sign(pub 1)
            RSA m^e mod n(4095 bits) - ...
                    -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
    block type 02

For comparison, the output for a packet encrypted with GnuPG:

    $ gpg --version
    gpg (GnuPG) 2.2.9
    libgcrypt 1.8.3
    […]
    $ gpg --recv BEF6EFD38FE8DCA0
    $ echo "Hello world!" >test
    $ gpg -e -r BEF6EFD38FE8DCA0 test
    $ gpgsplit test.gpg
    $ ls -1
    000001-001.pk_enc
    000002-018.encrypted_mdc
    test
    test.gpg
    $ pgpdump 000001-001.pk_enc
    Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
            New version(3)
            Key ID - 0x04FDF78D1679DD94
            Pub alg - RSA Encrypt or Sign(pub 1)
            RSA m^e mod n(4095 bits) - ...
                    -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
    block type 02

The only difference: `Old` vs. `New` – Could this be an issue?

PS: Had to think a bit that PKESK = “Public-Key Encrypted Session Key”.
The crypto world seems to love acronyms. ;) (which does not make things
easier for us users)