Databases
StackOverflow2013
Postsdbo
POWe encrypt a file for a client using BouncyCastle API. He gets a "For your eyes only" message from PGP when trying to decrypt it. Why?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POWe encrypt a file for a client using BouncyCastle API. He gets a "For your eyes only" message from PGP when trying to decrypt it. Why?
    text
    copied!<p>We use the Bouncy.Castle C# API to do PGP encryption. I am by no means an expert on PGP encryption and the various options available. </p> <p>The encryption seems to run fine, however, when the client tries to decrypt it, he says that PGP won't output to file but only output to screen because it is marked "For your eyes only." This is the --verbose message:</p> <pre><code>pgp --decrypt Client_FileExport_20110510_020011.zip.pgp Client_FileExport_20110511_132203.zip.pgp --info verbose McAfee E-Business Server v8.5 - Full License (c) 1991-2006 McAfee, Inc. All Rights Reserved. Setting temporary directory to C:\DOCUME~1\$963\LOCALS~1\Temp\ Decoding data.... event 1: initial event 13: BeginLex event 8: Analyze File is encrypted. event 9: Recipients Secret key is required to read it. Key for user ID "Client_RSAv4_Key &lt;Bob.Smith@Client.com&gt;" event 6: Passphrase You need a pass phrase to unlock your secret key. Enter pass phrase: event 23: Decryption symmetric cipher used: CAST5 event 11: Output options typecode: 0062 for your eyes only This message is marked "For your eyes only". Display now (Y/n)? </code></pre> <p>I have no clue as to how to go about debugging this. Anybody know?</p> <p>Here is the general code we use to encrypt data. In this scenario we are not signing the document, so that portion of the code can be ignored.</p> <pre><code>private void EncryptImpl(Stream inputStream, Stream outputStream, bool signOutput) { const int BUFFER_SIZE = 1 &lt;&lt; 16; // should always be power of 2 bool armor = true; bool withIntegrityCheck = true; if (armor) outputStream = new ArmoredOutputStream(outputStream); var encKey = PgpHelper.ReadPublicKey(this.EncryptionPublicKey); // Init encrypted data generator PgpEncryptedDataGenerator encryptedDataGenerator = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom()); encryptedDataGenerator.AddMethod(encKey); Stream encryptedOut = encryptedDataGenerator.Open(outputStream, new byte[BUFFER_SIZE]); // Init compression PgpCompressedDataGenerator compressedDataGenerator = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip); Stream compressedOut = compressedDataGenerator.Open(encryptedOut); PgpSignatureGenerator signatureGenerator = null; if (signOutput) { // Init signature var pgpSecKey = PgpHelper.ReadSecretKey(this.OrigamiSecretKey); PgpPrivateKey pgpPrivKey = pgpSecKey.ExtractPrivateKey(this.PassPhrase.ToCharArray()); signatureGenerator = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1); signatureGenerator.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); foreach (string userId in pgpSecKey.PublicKey.GetUserIds()) { PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); spGen.SetSignerUserId(false, userId); signatureGenerator.SetHashedSubpackets(spGen.Generate()); // Just the first one! break; } signatureGenerator.GenerateOnePassVersion(false).Encode(compressedOut); } // Create the Literal Data generator output stream PgpLiteralDataGenerator literalDataGenerator = new PgpLiteralDataGenerator(); // TODO: Use lastwritetime from source file Stream literalOut = literalDataGenerator.Open(compressedOut, PgpLiteralData.Binary, PgpLiteralDataGenerator.Console, DateTime.Now, new byte[BUFFER_SIZE]); // Open the input file byte[] buf = new byte[BUFFER_SIZE]; int len; while ((len = inputStream.Read(buf, 0, buf.Length)) &gt; 0) { literalOut.Write(buf, 0, len); if (signOutput) signatureGenerator.Update(buf, 0, len); } literalOut.Close(); literalDataGenerator.Close(); if (signOutput) signatureGenerator.Generate().Encode(compressedOut); compressedOut.Close(); compressedDataGenerator.Close(); encryptedOut.Close(); encryptedDataGenerator.Close(); inputStream.Close(); if (armor) outputStream.Close(); } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload