Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

On Wed, Aug 15, 2018 at 12:13 PM, Peter Lebbing
 wrote:
>> So, perhaps enQsig is using 3DES.
>
> Good find! This sounds plausible.

Created a custom key pair not on a smart card, just for this single
transaction. Result:

>gpg --verbose --decrypt encrypted.asc | head
gpg: armor header: Version: enQsig
gpg: public key is FDE5C6E97DA42AE8
gpg: public key is 92663E7CA68E4EC6
gpg: public key is 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: encrypted with 4096-bit RSA key, ID FDE5C6E97DA42AE8, created
2018-09-06
  "Felix E. Klee "
gpg: 3DES encrypted data
gpg: Note: sender requested "for-your-eyes-only"

So yes, 3DES!

Fortunately, as can be seen above, with the custom key I was able to
decrypt the message.

Issue solved.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

ECC smartcard (was: Cannot decrypt file encrypted with enQsig)

[Peter Lebbing]

On 16/08/18 07:52, Felix E. Klee wrote:
> PS: I’m toying with the idea of switching from my smart card to a
> Trezor hardware token. This would mean generating an entirely new key
> (only 256 bit ECC supported).

I didn't look at the Trezor to check, but I'll assume it allows usage
with GnuPG based on the context you brought it up in.

Note that many OpenPGP peers might not support ECC. You could add ECC
subkeys to your current key, and arrange for peers that support them to
prefer those. That way, anybody able to send you an ECC-encrypted
document could do so, and others could fall back to the RSA encryption
subkey.

For signatures, you'd either still use RSA or accept the fact that only
people with ECC-supporting clients could verify your signatures. The
alternative is signing with both keys; if both are on cards/tokens, that
becomes tiresome really quickly, I'd imagine.

If you add ECC subkeys to your current key, you'd still use an RSA
primary key, without anything elliptic about it.

> OTOH there are several advantages such as the Trezor being a well
> documented open source device

There's also the GnuK, which is free software.

My 2 cents,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

On Wed, Aug 15, 2018 at 12:13 PM, Peter Lebbing
 wrote:
> Here's the catch: unless you have an on-disk copy of your private
> encryption key, you can't. [if enQsig uses 3DES]

I do have a backup of the private key, but it’s 1. out of reach at the
moment and 2. it’s a pain to restore. So far, I’m still optimistic that
the sender will eventually provide me with a message that I can decrypt.

Thanks a lot for your explanations!

PS: I’m toying with the idea of switching from my smart card to a Trezor
hardware token. This would mean generating an entirely new key (only
256 bit ECC supported). OTOH there are several advantages such as the
Trezor being a well documented open source device, and – of course – its
size with integrated key pad solution. It also depends on whether I can
get either a smart card reader or the Trezor to work with
Termux/Android.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Peter Lebbing]

On 15/08/18 09:08, Felix E. Klee wrote:
> So, perhaps enQsig is using 3DES.

Good find! This sounds plausible. I myself had completely forgotten
reading about this bug.

Besides, I completely dismissed the encrypting application in this case
because it decided to encrypt the session key to your primary key as
well, which is very clearly not according to specification.

> *How do I find that out?*

Here's the catch: unless you have an on-disk copy of your private
encryption key, you can't. As I just wrote in my other answer in this
thread, the smartcard denies giving out the data it didn't like to see.
But whether 3DES was used can only be decided by looking at the
decrypted... erm... PKESK packet X-D.

If you have a computer with an on-disk copy, you could try it with that
on-disk copy and it will simply tell you when you ask for more verbosity
and stuff. The usual caveats apply: you are using a smartcard to protect
your private key material, but I'm now suggesting you use an on-disk
copy of the key. Treat it like you would if you were transferring the
key to a new smartcard to replace a broken one.

This strange product also encrypted to your primary key, but it's
probably only more difficult to use this than it is to use your
encryption key. You'd have to, again, load an on-disk copy and then
change the usage flags to make in encryption-capable. But if you don't
have a backup of the encryption key but do have one of the primary key,
you could do it. But after all this think about whether you should use
an encryption key you don't have a backup of: if your smartcard ever
dies, you can't decrypt anything anybody has ever sent you encrypted.

> Also, I don’t understand: I was assuming that all the card does is
> decrypt my session key using my private 4096 bit RSA key. *If the
> session key is a 3DES key, why should the card care?*

Because it inspects the decryption result for sanity before handing it
back to the computer. This is done because an attacker might learn
information about the private key if it were able to just have the
smartcard decrypt anything it was given. And the whole point of a
smartcard is that it should not be possible (or at least very hard) to
extract the private key from the smartcard.

I think the bug boils down to the card incorrectly dismissing the
decryption result as invalid. But I'm not intimately acquainted with the
bug, so this might be a misinterpretation.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Peter Lebbing]

On 03/08/18 09:16, Felix E. Klee wrote:
> As I would like to understand things a bit better, do you think it is
> possible to get some more details?

Answering this in any detail would be a lot of answer. But the basic
mechanism is --debug, --debug-level or perhaps just --debug-all and
sifting through it. At the same time having a copy of RFC 4880 and
PKCS#1 to explain all the numbers. The fact that it's a smartcard makes
this more difficult: when the decrypt action fails, you don't see the
actual numerical result. To protect against attacks, the smartcard
denies to divulge this data to protect the private key.

> The only difference: `Old` vs. `New` – Could this be an issue?

I don't think so. There are two ways to encode the packet tag, and GnuPG
takes the "old" if possible. RFC 4880 Section Section 4.2.

> PS: Had to think a bit that PKESK = “Public-Key Encrypted Session Key”.
> The crypto world seems to love acronyms. ;) (which does not make things
> easier for us users)

Yeah, sorry, this occured due to a transient failure in my brain matter
;-). When I wrote it, I really thought you were the first one to use the
acronym, so I could save time by using it as well. Unfortunately this
wasn't the case.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

*Update:* Yesterday, I was reading the [GnuPG wiki page on
SmartCards][1] due to another issue. At its bottom I found listed as
known bug:

  * Encrypted message with 3DES can't be decrypted with OpenPGP Card
(V2.1, V3.3 without fix)

  - Due to the bug, it results: Missing item in object 

  - See: https://dev.gnupg.org/T3576

Well, indeed if I encrypt a message with 3DES, I cannot decrypt it with
my SmartCard:

$ echo "Hello, world!" >foo
$ gpg -e -r felix.k...@inka.de --personal-cipher-preference 3DES foo
$ gpg -d --debug=crypto foo.gpg
[…]
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Missing item in object
gpg: decryption failed: No secret key
gpg: secmem usage: 0/32768 bytes in 0 blocks
$ gpg --version
gpg (GnuPG) 2.2.9
libgcrypt 1.8.3
[…]

“Missing item in object” is the same message that I get when trying to
decrypt the enQsig encrypted message! So, perhaps enQsig is using 3DES.
*How do I find that out?*

Also, I don’t understand: I was assuming that all the card does is
decrypt my session key using my private 4096 bit RSA key. *If the
session key is a 3DES key, why should the card care?*

[1]: https://wiki.gnupg.org/SmartCard

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

On Thu, Aug 2, 2018 at 2:14 PM, Peter Lebbing 
wrote:
> So I think it's a safe bet they also screwed up the PKESK packet for
> your subkey, and the error is indeed related to it not representing a
> valid session key.

As I would like to understand things a bit better, do you think it is
possible to get some more details? In particular:

  * Is the encrypted packet in a bad format?

  * Does the 4096 bit RSA decryption fail?

  * Or: Is the decrypted packet in a bad format?

Again, the output by `pgpdump` for the packet associated with my
encryption key 04FDF78D1679DD94:

$ pgpdump 02-001.pk_enc
New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0x04FDF78D1679DD94
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4095 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02

For comparison, the output for a packet encrypted with GnuPG:

$ gpg --version
gpg (GnuPG) 2.2.9
libgcrypt 1.8.3
[…]
$ gpg --recv BEF6EFD38FE8DCA0
$ echo "Hello world!" >test
$ gpg -e -r BEF6EFD38FE8DCA0 test
$ gpgsplit test.gpg
$ ls -1
01-001.pk_enc
02-018.encrypted_mdc
test
test.gpg
$ pgpdump 01-001.pk_enc
Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0x04FDF78D1679DD94
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4095 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02

The only difference: `Old` vs. `New` – Could this be an issue?

PS: Had to think a bit that PKESK = “Public-Key Encrypted Session Key”.
The crypto world seems to love acronyms. ;) (which does not make things
easier for us users)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Peter Lebbing]

On 02/08/18 11:07, Felix E. Klee wrote:> It seems like the card reader
cannot decrypt the session key. *Is that correct?*
The fact this "enterprise solution" decided to encrypt it to your
primary, non-encryption-capable, key, is a big red flag that this
"solution" is not compatible to "modern-day" OpenPGP. So I think it's a
safe bet they also screwed up the PKESK packet for your subkey, and the
error is indeed related to it not representing a valid session key.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

Hi Dirk,

thanks for all your suggestions!

If I can, I want to avoid creating another key. I prefer getting the
issue resolved and have bugs reported/fixed along the way. I had it once
before that I could not decrypt a document encrypted by a big German
company with my private key. These enterprise “solutions” seem to have
issues.

On Mon, Jul 30, 2018 at 5:14 PM, Dirk Gottschalk via Gnupg-users
 wrote:
> The last packet mentions your signature key as used for encryption,
> this is an error for sure.

I now removed my signature key BEF6EFD38FE8DCA0 from the encrypted
message:

$ gpg --dearmor encrypted.asc
$ gpgsplit encrypted.asc.gpg
$ ls -1
01-001.pk_enc
02-001.pk_enc
03-001.pk_enc
04-001.pk_enc
05-018.encrypted_mdc
encrypted.asc
encrypted.asc.gpg
$ pgpdump 01-001.pk_enc
New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0xBEF6EFD38FE8DCA0
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4096 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02
$ pgpdump 02-001.pk_enc
New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0x04FDF78D1679DD94
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4095 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02
$ pgpdump 03-001.pk_enc
New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0x92663E7CA68E4EC6
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4096 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02
$ pgpdump 04-001.pk_enc
New: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
New version(3)
Key ID - 0x9D8C454A43A6D2DE
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(4094 bits) - ...
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1
block type 02
$ pgpdump 05-018.encrypted_mdc
New: Symmetrically Encrypted and MDC Packet(tag 18)(1718 bytes)
Ver 1
(plain text + MDC SHA1(20 bytes))
$ cat 02-001.pk_enc 03-001.pk_enc 04-001.pk_enc \
05-018.encrypted_mdc >new.gpg

Decryption still fails:

$ gpg -d new.gpg
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created
2016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Missing item in object
gpg: decryption failed: No secret key
$ gpg --list-packets new.gpg
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created
2016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Missing item in object
gpg: decryption failed: No secret key
# off=0 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
data: [4095 bits]
# off=527 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 92663E7CA68E4EC6
data: [4096 bits]
# off=1054 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 9D8C454A43A6D2DE
data: [4094 bits]
# off=1581 ctb=d2 tag=18 hlen=3 plen=1718 new-ctb
:encrypted data packet:
length: 1718
mdc_method: 2

As before, the reason given for “public key decryption failed” depends
on the card reader used:

  * SCM SPR332 v2: “Missing item in object”

  * Cherry ST-2000: “Invalid value”

  * REINER SCT cyberJack: “Missing item in object”

It seems like the card reader cannot decrypt the session key. *Is that correct?*

I also tried removing all keys except for my encryption key
04FDF78D1679DD94. This does not make a difference, i.e. encryption fails
as above.

/ Felix

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Dirk Gottschalk via Gnupg-users]

Hello Again. :-D

Am Montag, den 30.07.2018, 12:18 +0200 schrieb Felix E. Klee:

To compare the output of your packet analysis, I encrypted a file for
myself and got this result with --list-packets:

$ gpg -v --list-packets WoV-Logs.7z.gpg
gpg: Öffentlicher Schlüssel ist CAE07B251AE3F69E
gpg: der Unterschlüssel CAE07B251AE3F69E wird anstelle des
Hauptschlüssels 40810B181ED8E838 verwendet
gpg: der Unterschlüssel CAE07B251AE3F69E wird anstelle des
Hauptschlüssels 40810B181ED8E838 verwendet
gpg: verschlüsselt mit 4096-Bit RSA Schlüssel, ID CAE07B251AE3F69E,
erzeugt 2018-03-01
  "Dirk Gottschalk "
gpg: AES256 verschlüsselte Daten
# off=0 ctb=85 tag=1 hlen=3 plen=524
:pubkey enc packet: version 3, algo 1, keyid CAE07B251AE3F69E
data: [irrelevant hex data snipped]
# off=527 ctb=d2 tag=18 hlen=2 plen=0 partial new-ctb
:encrypted data packet:
length: unknown
mdc_method: 2
# off=548 ctb=a3 tag=8 hlen=1 plen=0 indeterminate
:compressed packet: algo=2
# off=550 ctb=90 tag=4 hlen=2 plen=13
:onepass_sig packet: keyid 40810B181ED8E838
version 3, sigclass 0x00, digest 10, pubkey 1, last=1
# off=565 ctb=ae tag=11 hlen=5 plen=191470
:literal data packet:
mode b (62), created 1532964524, name="WoV-Logs.7z",
raw data: 191453 bytes
# off=192040 ctb=89 tag=2 hlen=3 plen=563
:signature packet: algo 1, keyid 40810B181ED8E838
version 4, created 1532964524, md5len 0, sigclass 0x00
digest algo 10, begin of digest e0 4e
hashed subpkt 33 len 21 (issuer fpr v4
DDCBAF8E0132AA5420ABB86440810B181ED8E838)
hashed subpkt 2 len 4 (sig created 2018-07-30)
subpkt 16 len 8 (issuer key ID 40810B181ED8E838)
data: [irrelevant hex data snipped]

The signature key is only mentioned in the signature packet, but not in
combination with the en-/decryption. I really think this is an enQsig
issue and should be filed as a bug report to it's developers.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: 
https://github.com/Dirk1980ac id="-x-evo-selection-start-marker">


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Dirk Gottschalk via Gnupg-users]

Hi.

Am Montag, den 30.07.2018, 12:18 +0200 schrieb Felix E. Klee:
> Zum Vergleich eine Datei, die ich selbst für mich verschlüsselt habe,
> und die ich erfolgreich entschlüsseln kann:
> 
> >gpg --list-packets foo.gpg
> gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94,
> created 2
> 016-12-17
>   "Felix E. Klee "
> # off=0 ctb=85 tag=1 hlen=3 plen=524
> :pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
> data: [4094 bits]
> # off=527 ctb=d2 tag=18 hlen=2 plen=76 new-ctb
> :encrypted data packet:
> length: 76
> mdc_method: 2
> # off=548 ctb=a3 tag=8 hlen=1 plen=0 indeterminate
> :compressed packet: algo=2
> # off=550 ctb=cb tag=11 hlen=2 plen=23 new-ctb
> :literal data packet:
> mode b (62), created 1532945681, name="",
> raw data: 17 bytes

As a dirty workaroung you could generate a dedicated key without
subkeys with the capabilities set to [SCE] and try this key, which
should work. This will not fix the Issue per se, but should get your
decryption working while you try to solve the main problem. I don't npw
how important the data exchange in your case is.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: 
https://github.com/Dirk1980ac id="-x-evo-selection-start-marker">


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Dirk Gottschalk via Gnupg-users]

Hi.

Am Montag, den 30.07.2018, 11:26 +0200 schrieb Felix E. Klee:
> On Sun, Jul 29, 2018 at 11:37 PM, Dirk Gottschalk via Gnupg-users
>  wrote:
> > > My encryption key is the sub key 04FDF78D1679DD94. The private
> > > key is
> > > on a smart card. […]
> > 
> > Does this key work as expected in other programs, MUAs for example?
> 
> I use it daily for encryption/decryption of documents, though only
> with
> GnuPG.
> 
> > I didn't test it mysqlf, but exporting a only a sub key should be
> > no
> > problem.
> 
> *But how?*
> 
> Your suggestion doesn’t seem to work:
> 
> >gpg --export 04FDF78D1679DD94 | gpg --keyid-format long
> gpg: WARNING: no command supplied.  Trying to guess what you mean
> ..

Try "gpg --key-id-long -a --export 04FDF78D1679DD94". But, I just
tested it and it unfortunately seems to export the whole key bundle.
I'll look deeper into this.


> > Have you tried to inspect the packets in the file with
> > "--list-packets"?
> 
> Here you go (again my encryption key is `04FDF78D1679DD94`):
> 
> >gpg --list-packets encrypted.asc
> # off=0 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
> :pubkey enc packet: version 3, algo 1, keyid BEF6EFD38FE8DCA0
> data: [4096 bits]
> # off=527 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
> :pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
> data: [4095 bits]
> # off=1054 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
> :pubkey enc packet: version 3, algo 1, keyid 92663E7CA68E4EC6
> data: [4096 bits]
> # off=1581 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
> :pubkey enc packet: version 3, algo 1, keyid 9D8C454A43A6D2DE
> data: [4094 bits]
> gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
> gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
> gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94,
> created 2
> 016-12-17
>   "Felix E. Klee "
> gpg: public key decryption failed: Missing item in object
> gpg: encrypted with 4096-bit RSA key, ID BEF6EFD38FE8DCA0,
> created 2
> 016-12-17
>   "Felix E. Klee "
> gpg: public key decryption failed: Invalid ID
> gpg: decryption failed: No secret key
> # off=2108 ctb=d2 tag=18 hlen=3 plen=1718 new-ctb
> :encrypted data packet:
> length: 1718
> mdc_method: 2
> 
> I wonder what “Missing item in object” means.

The file seems to be encrypted (also) for the correct subkey. I wonder
about the signature key being mentioned in the first encrypted package
line, but I didn't test if this is normal.

Probably enQsig does not format the OpenPGP packet correctly. Missing
object is an error message that I've never seen before.

Your key bundle ist okay, otherwise you should habe the same problems
with other encrypted files.

The last packet mentions your signature key as used for encryption,
this is an error for sure. Invalid ID means that the key with this ID
does nor have the capabelity to encrypt or decrypt, which is correct.
In this case you really have no secret key to decrypt the file.

EnQsif seems really to mess up the encryption thing for unknown
reasons. I'll check for a way to eyport a public subkey. This schould
work because exporting a secret subkey is also possible.

Regards,
Dirk


-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: 
https://github.com/Dirk1980ac id="-x-evo-selection-start-marker">


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

On Mon, Jul 30, 2018 at 12:40 PM, Felix E. Klee 
wrote:
> “Invalid value”

Same on Linux BTW (with the Cherry ST-2000).

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

Now I tried a different card reader (after restarting Windows 7x64).
This time it’s a Cherry ST-2000. Previously it was a ReinerSCT
cyberJack.

With the Cherry I get a different error message! This time it’s “Invalid
value” instead of “Invalid ID”!

*What does that mean?*

>gpg --list-packets encrypted.asc
# off=0 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid BEF6EFD38FE8DCA0
data: [4096 bits]
# off=527 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
data: [4095 bits]
# off=1054 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 92663E7CA68E4EC6
data: [4096 bits]
# off=1581 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 9D8C454A43A6D2DE
data: [4094 bits]
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Invalid value
gpg: encrypted with 4096-bit RSA key, ID BEF6EFD38FE8DCA0, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Invalid ID
gpg: decryption failed: No secret key
# off=2108 ctb=d2 tag=18 hlen=3 plen=1718 new-ctb
:encrypted data packet:
length: 1718
mdc_method: 2

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

Zum Vergleich eine Datei, die ich selbst für mich verschlüsselt habe,
und die ich erfolgreich entschlüsseln kann:

>gpg --list-packets foo.gpg
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2
016-12-17
  "Felix E. Klee "
# off=0 ctb=85 tag=1 hlen=3 plen=524
:pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
data: [4094 bits]
# off=527 ctb=d2 tag=18 hlen=2 plen=76 new-ctb
:encrypted data packet:
length: 76
mdc_method: 2
# off=548 ctb=a3 tag=8 hlen=1 plen=0 indeterminate
:compressed packet: algo=2
# off=550 ctb=cb tag=11 hlen=2 plen=23 new-ctb
:literal data packet:
mode b (62), created 1532945681, name="",
raw data: 17 bytes

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

On Sun, Jul 29, 2018 at 11:37 PM, Dirk Gottschalk via Gnupg-users
 wrote:
>> My encryption key is the sub key 04FDF78D1679DD94. The private key is
>> on a smart card. […]
>
> Does this key work as expected in other programs, MUAs for example?

I use it daily for encryption/decryption of documents, though only with
GnuPG.

> I didn't test it mysqlf, but exporting a only a sub key should be no
> problem.

*But how?*

Your suggestion doesn’t seem to work:

>gpg --export 04FDF78D1679DD94 | gpg --keyid-format long
gpg: WARNING: no command supplied.  Trying to guess what you mean ..
.
pub   rsa4096/BEF6EFD38FE8DCA0 2016-12-17 [SC] [expires: 2018-12-17]
  5EF8B6017F668171259945D6BEF6EFD38FE8DCA0
uid   Felix E. Klee 
sub   rsa4096/04FDF78D1679DD94 2016-12-17 [E] [expires: 2018-12-17]

> Could you provide an example file with this error, in best case
> generated from the Sender?

I can ask him of course. First I would like to see, though, if GnuPG can
tell us what’s the problem.

> Have you tried to inspect the packets in the file with
> "--list-packets"?

Here you go (again my encryption key is `04FDF78D1679DD94`):

>gpg --list-packets encrypted.asc
# off=0 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid BEF6EFD38FE8DCA0
data: [4096 bits]
# off=527 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 04FDF78D1679DD94
data: [4095 bits]
# off=1054 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 92663E7CA68E4EC6
data: [4096 bits]
# off=1581 ctb=c1 tag=1 hlen=3 plen=524 new-ctb
:pubkey enc packet: version 3, algo 1, keyid 9D8C454A43A6D2DE
data: [4094 bits]
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Missing item in object
gpg: encrypted with 4096-bit RSA key, ID BEF6EFD38FE8DCA0, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Invalid ID
gpg: decryption failed: No secret key
# off=2108 ctb=d2 tag=18 hlen=3 plen=1718 new-ctb
:encrypted data packet:
length: 1718
mdc_method: 2

I wonder what “Missing item in object” means.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

[Dirk Gottschalk via Gnupg-users]

Hi.

Am Freitag, den 27.07.2018, 16:49 +0200 schrieb Felix E. Klee:
> From what I can tell, the file has been encrypted with four keys. My
> encryption key is the sub key 04FDF78D1679DD94. The private key is on
> a smart card. As you can see, decryption fails with an error message:
> “gpg: public key decryption failed: Missing item in object”

Does this key work as expected in other programs, MUAs for example?

> *What does the error message mean? Why does encryption fail?*

> I wonder if perhaps enQsig cannot properly deal with encryption sub
> keys:

> *Would it be possible to extract the public encryption sub key?* (to
> only provide that to the sender)

IIRC, a "gpg --export " should do exactly this. I didn't
test it mysqlf, but exporting a only a sub key should be no problem.

> I am using Gpg4win 3.1.2 on Windows 7x64. If more information is
> needed,
> then I am happy to provide it!

Could you provide an example file with this error, in best case
generated from the Sender?

Have you tried to inspect the packets in the file with
"--list-packets"?

This would show the key IDs which were used to encrypt, probably enQsig
really uses the wrong key to encrypt. Your primary key will fail then
when it's not capable to encrypt, which is the default.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen
Tel.: +49 1573 1152350


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Cannot decrypt file encrypted with enQsig

[Felix E. Klee]

To receive a document in encrypted form, I provided my public key to the
sender. See attachment. The key contains a sub key for encryption:

sec  rsa4096/BEF6EFD38FE8DCA0
 created: 2016-12-17  expires: 2018-12-17  usage: SC
 card-no: 0005 4980
 trust: ultimate  validity: ultimate
ssb  rsa4096/04FDF78D1679DD94
 created: 2016-12-17  expires: 2018-12-17  usage: E
 card-no: 0005 4980
[ultimate] (1). Felix E. Klee 

The sender then prepared the encrypted file using a software called
enQsig: “wir verwenden eine zentrale Gateway Verschlüsselungslösung
(EnQsig).” (German)

After I received `encrypted.asc` from the sender, I tried to decrypt it,
to no avail:

C:\Users\Felix\Desktop>gpg -v -d encrypted.asc
gpg: armor header: Version: enQsig
gpg: public key is BEF6EFD38FE8DCA0
gpg: no running gpg-agent - starting 'C:\Program Files (x86)\Gpg4win
\..\GnuPG\bin\gpg-agent.exe'
gpg: waiting for the agent to come up ... (5s)
gpg: waiting for the agent to come up ... (4s)
gpg: connection to agent established
gpg: pinentry launched (9620 qt 1.1.1-beta5 - - -)
gpg: public key is 04FDF78D1679DD94
gpg: using subkey 04FDF78D1679DD94 instead of primary key BEF6EFD38F
E8DCA0
gpg: pinentry launched (4608 qt 1.1.1-beta5 - - -)
gpg: public key is 92663E7CA68E4EC6
gpg: public key is 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE
gpg: encrypted with RSA key, ID 92663E7CA68E4EC6
gpg: using subkey 04FDF78D1679DD94 instead of primary key BEF6EFD38F
E8DCA0
gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Missing item in object
gpg: encrypted with 4096-bit RSA key, ID BEF6EFD38FE8DCA0, created 2
016-12-17
  "Felix E. Klee "
gpg: public key decryption failed: Invalid ID
gpg: decryption failed: No secret key

>From what I can tell, the file has been encrypted with four keys. My
encryption key is the sub key 04FDF78D1679DD94. The private key is on a
smart card. As you can see, decryption fails with an error message:
“gpg: public key decryption failed: Missing item in object”

*What does the error message mean? Why does encryption fail?*

I wonder if perhaps enQsig cannot properly deal with encryption sub keys:

*Would it be possible to extract the public encryption sub key?* (to
only provide that to the sender)

I am using Gpg4win 3.1.2 on Windows 7x64. If more information is needed,
then I am happy to provide it!


5EF8B6017F668171259945D6BEF6EFD38FE8DCA0.asc
Description: Binary data
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users