(signed) encrypted file has been manipulated!
gaius.petronius
the answer among the documentation i'll post it.
i encrypted and signed a file and then verified the signature and
decrypted it only to get this warning:
gpg: WARNING: encrypted message has been manipulated!
The sequence of events is as follows:
[root@kvm ]# cat test
This is a plain text file
gpg -r yvg -e test
-rw-r--r-- 1 root root 618 test.gpg
[root@kvm ]# gpg --default-key yvg --clearsign test.gpg
-rw-r--r-- 1 root root 906 test.gpg.asc
[root@kvm ]# gpg -d test.gpg.asc >test.gpg.no-sig
gpg: Signature made 2002-02-25 using DSA key ID BBBBBBBB
gpg: Good signature from "yvg (yvg) <a@b.c>"
-rw-r--r-- 1 root root 619 test.gpg.no-sig
. . . . . . . . . . . . . . . . ^
File is now one byte larger than the encrypted ~.gpg file.
But it can still be decrypted:
[root@kvm ]# gpg -d test.gpg.no-sig >test.out
You need a passphrase to unlock the secret key for
user: "yvg (yvg) <a@b.c>"
2048-bit ELG-E key, ID NNNNNNNN, created 2002-02-25 (main key ID
BBBBBBBB)
gpg: encrypted with 2048-bit ELG-E key, ID NNNNNNNN, created
2002-02-25
gpg: WARNING: encrypted message has been manipulated!
[root@kvm ]# cat test.out
This is a plain text file
The key id NNNNNNN == the private key of yvg
The key id BBBBBBB == the public key of yvg
i intended to test the public key and signature of this id.
is this the wrong way to go about it?
if i create a detached signature, doesn't this separate the signature
from the file and make it unverifiable?
What is the standard way to do this please?
gaius.petronius
> This probably should have a simple explanation
why i went about things this way in the first place is because i have
several keys. This particular key i added on the commandline using
'default-key' switch.
if i encrypt and sign simultaneously, as in:
gpg --default-key yvg -es -r yvg test
Then all is well:
gpg --default-key yvg -d test.gpg >test.decrypted
You need a passphrase to unlock the secret key for
user: "yvg (yvg) <a@b.c>"
2048-bit ELG-E key, ID BBBBBBBB, created 2002-02-25 (main key ID
NNNNNNN)
gpg: Good signature from "yvg " et cetera
[root@loki root]# ls -ltr test*
-rw-r--r-- 1 root root 26 test
-rw-r--r-- 1 root root 700 test.gpg
-rw-r--r-- 1 root root 26 test.decrypted
Stefan Bellon
> This probably should have a simple explanation, but since i can't find
> the answer among the documentation i'll post it.
[snip]
> What is the standard way to do this please?
I proceeded exactly like you posted and it worked fine for me (tried
with CVS builds of 1.0.6c and 1.0.6d). What version are you using?
Fup2 comp.security.pgp.tech set.
Greetings,
Stefan.
--
Stefan Bellon * <mailto:sbe...@sbellon.de> * <http://www.sbellon.de/>
PGP 2 and OpenPGP keys available from my home page
Oh My God! They Killed init! You Bastards!
gaius.petronius
>
> I proceeded exactly like you posted and it worked fine for me (tried
> with CVS builds of 1.0.6c and 1.0.6d).
You mean to say that your test (orignal) and test.out (decrypted)
files have the same size?
Did you follow this sequence:
gpg -r yvg -e test
gpg --default-key yvg --clearsign test.gpg
gpg -d test.gpg.asc >test.gpg.no-sig
gpg -d test.gpg.no-sig >test.out
> What version are you using?
I am using 1.06
Stefan Bellon
> Stefan Bellon <sbe...@sbellon.de> wrote in message
> news:<4b0e9a8e...@sbellon.de>...
> > I proceeded exactly like you posted and it worked fine for me
> > (tried with CVS builds of 1.0.6c and 1.0.6d).
> You mean to say that your test (orignal) and test.out (decrypted)
> files have the same size?
Yes, but I now realized that you didn't use --armor (which is in my
options file) in your first step.
At present I don't find any hint in the documentation that you mustn't
use "binary" data, but only text with --clearsign. So, your point is
valid. But it works if you either use --armor in the first step or use
--sign instead of --clearsign. I don't see the usefulness of
clearsigning a non-armored but encrypted message.
Nevertheless, I'll look into it an raise the point with another
developer.
Fup2 comp.security.pgp.tech set.
Greetings,
Stefan.
--
Stefan Bellon * <mailto:sbe...@sbellon.de> * <http://www.sbellon.de/>
PGP 2 and OpenPGP keys available from my home page
10.0 times 0.1 is hardly ever 1.0.
gaius.petronius
>
> At present I don't find any hint in the documentation that you mustn't
> use "binary" data, but only text with --clearsign. So, your point is
> valid. But it works if you either use --armor in the first step or use
> --sign instead of --clearsign. I don't see the usefulness of
> clearsigning a non-armored but encrypted message.
good point.
when it comes to an encrypted file that needs to be clearsigned it is
better to sign and encrypt it in one shot.
The recipient of the file should also have the public key of the
sender in order to verify the signature so perhaps there is no
advantage in --clear-sign(ing) an encrypted file.
i was just wondering where the extra byte came from,
>
> Nevertheless, I'll look into it an raise the point with another
> developer.
don't lose too much time over this if there is no clear advantage
Perhaps an addition to the documentation pointing out that clear-sign
signatures are for plaintext files only
> Greetings,
>
> Stefan.
Thanks again