decryption failed: Bad session key

Peter Lebbing peter at digitalbrains.com
Mon Jan 21 11:45:47 CET 2019 

On 20/01/2019 22:26, Frank Hrebabetzky wrote:
> It took me quite some time until I got aware of this. A term like
> "key" or "encryption key" would have made it easier for me, the
> "session" was somewhat misleading.

Yes, it is somewhat unfortunate. It is due to the mechanics of
symmetrically-encrypted OpenPGP messages. The passphrase is used to
decrypt the session key. A wrong passphrase just results in garbage on
decryption. This garbage then leads to the "Bad session key" message.

I wrote some stuff about possible changed handling of special
characters. But that doesn't really match what you describe, you said it
occurred only after you encrypted it with the new system. Unless you're
mistaken, it's not likely to be a mismatch in handling special
characters then. But it might give some insight if you try to encrypt a
new file with the same passphrase: can you encrypt and succesfully
decrypt a different file with the same passphrase? In that case, your OS
would seem to handle that specific passphrase without problems. I'm not
committing to a stronger assertion than "would seem to", though :-).

Also, how do you invoke encryption and decryption? Maybe you're doing
something that might explain it that I'm not aware of. If you can give
the specific commands used (but with the filenames edited for privacy)
it might lead to insights.

Furthermore, the pinentry passphrase entry mechanism can interact with a
keyring manager like GNOME Keyring and such. Maybe this is throwing a
spanner into the works? Check your pinentry to see if it indicates some
keyring manager is being used or something like that.

Do you have a backup of the file before it went wrong, by the way?

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190121/f2305c3d/attachment.sig>

More information about the Gnupg-users mailing list