I have a very frustrating problem with a file that is ascii armored and signed. Any help would be greatly appreciated as I've spent hours on this with no solution and have never had a problem like this before.
For various reasons, we had to move our gpg installation from a RedHat server to a Windows server. The only differences (other than the obvious OS difference) is that the RedHat GPG version is 1.2.1 and the Windows GPG install is version 1.4.9. We needed the exact same keys, so I moved all the contents of ~/.gnupg from the Linux server to the gpg home on the windows server. I didn't touch or change the keyring and everything seemed to work fine. Encryption and decryption scripts are running just fine. However, one major vendor is complaining that when they get our file there is no signature on it. Their file is ascii armored and signed. It apparently decrypts on their end but the signature doesn't pass. As noted, I moved the keyring files, I didn't do any import or export and I've made sure by copying the keyring again. I'm also using the exact same GPG command path. The gpg return code is 0 on both boxes. The gpg output to stdout is identical except that on RedHat I get a line starting with "gpg: DSA signature" and on Windows I get a line starting with "gpg: DSA/SHA1 signature." Are these two versions somehow signing differently? Neither install uses any kind of custom conf file. Does anybody have any clue where to even begin looking? At this point I'm thinking about trying to get the 1.2.1 version of GPG for windows and install it, although I don't see how a version change would cause this problem, but I have nowhere else to look at this point. Any help is greatly appreciated as I'm having to manually encrypt and send critical files because our automated process has moved to the Windows environment but the encryption is not working properly, or at least not properly by the vendors definition. -------------------------------------------------------- Princeton Retirement Group, Inc - Important Terms This E-mail is not intended for distribution to, or use by, any person or entity in any location where such distribution or use would be contrary to law or regulation, or which would subject Princeton Retirement Group, Inc. or any affiliate to any registration requirement within such location. This E-mail may contain privileged or confidential information or may otherwise be protected by work product immunity or other legal rules. No confidentiality or privilege is waived or lost by any mistransmission. Access, copying or re-use of information by non-intended or non-authorized recipients is prohibited. If you are not an intended recipient of this E-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute any portion of this E-mail. The transmission and content of this E-mail cannot be guaranteed to be secure or error-free. Therefore, we cannot represent that the information in this E-mail is complete, accurate, uncorrupted, timely or free of viruses, and Princeton Retirement Group, Inc. cannot accept any liability for E-mails that have been altered in the course of delivery. Princeton Retirement Group, Inc. reserves the right to monitor, review and retain all electronic communications, including E-mail, traveling through its networks and systems (subject to and in accordance with local laws). If any of your details are incorrect or if you no longer wish to receive mailings such as this by E-mail please contact the sender by reply E-mail. --------------------------------------------------------
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
