Cannot decrypt file encrypted with enQsig

Peter Lebbing peter at
Wed Aug 15 11:50:58 CEST 2018

On 03/08/18 09:16, Felix E. Klee wrote:
> As I would like to understand things a bit better, do you think it is
> possible to get some more details?

Answering this in any detail would be a lot of answer. But the basic
mechanism is --debug, --debug-level or perhaps just --debug-all and
sifting through it. At the same time having a copy of RFC 4880 and
PKCS#1 to explain all the numbers. The fact that it's a smartcard makes
this more difficult: when the decrypt action fails, you don't see the
actual numerical result. To protect against attacks, the smartcard
denies to divulge this data to protect the private key.

> The only difference: `Old` vs. `New` – Could this be an issue?

I don't think so. There are two ways to encode the packet tag, and GnuPG
takes the "old" if possible. RFC 4880 Section Section 4.2.

> PS: Had to think a bit that PKESK = “Public-Key Encrypted Session Key”.
> The crypto world seems to love acronyms. ;) (which does not make things
> easier for us users)

Yeah, sorry, this occured due to a transient failure in my brain matter
;-). When I wrote it, I really thought you were the first one to use the
acronym, so I could save time by using it as well. Unfortunately this
wasn't the case.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list