Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

PGP for Personal Privacy, Version 5.0 AIX 6.1 strange key issue.

Created: 10 Aug 2012 | 5 comments

I hope this is the right forum  to pose such a question given the age of the product.

I am receiving a file from a vendor - the file is encrypted with our public key obviously.

I have received several public keys from the vendor as they have had several successive keys with which they sign the file after the encryption with our pub key.

All three of the vendor's pub keys have been added to the local pub keyring and I have signed each key in my keyring and each key displays "complete" in the validity column.

When I issue pgpk -l I see all three keys, however when I decypt the file I get the following :

pgp@myserver[/home/pgp]==> pgpv -vm TEST-aug6.pgp

Reading secret keyring "/home/pgp/.pgp/secring.skr"

Reading public keyring "/home/pgp/.pgp/pubring.pkr"

Message is encrypted.

Need a pass phrase to decrypt private key:

  1024 bits, Key ID D33989CF, Created 1999-01-21

   "PGP Robot <pgpbot@mycorp.com>"

Enter pass phrase:

Pass phrase is good.

Cannot decrypt message.  It can only be decrypted by:

0x36ECBD09

  1024 bits, Key ID D33989CF, Created 1999-01-21

   "PGP Robot <pgpbot@mycorp.com>"

From what I understand

0x36ECBD09 is a key somewher in the vendor's realm that is part of the vendor's signature/encryption tool chain?

 

Thanks

Comments 5 CommentsJump to latest comment

Tom Mc's picture

Of course, PGP 5.0 is quite old, and was produced by PGP Inc - three owners of PGP since then.  I think it may have been version 5.0 that had a product with RSA and DH support, and one that only had DH support.  If this is correct, and if yours is DH only, the problem might possibly be due to the vendor using an RSA key (either signing with it, or additionally encrypting the file to it). 

PGP 5.0 was not able to use the current v4 RSA keys (it used v3 RSA keys, which are now referred to as Legacy RSA) or RSA keys larger than 2048 bits, so again this might be causing problems related to what key the vender is using.  Your version can also not handle the current default signing hash.

It might be possible for the decryption to work for you, it the vender does not sign the encrypted file and/or does not also encrypt the file to his/her key.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

jcoopnyaix's picture

Tom Mc.

 

Thanks a lot for the immediate response!. This has been very helpful.
Is there a Symantec version of PGP for AIX and is it fully backward compatible with pgp 5.0?

 

Thanks

 

J

Tom Mc's picture

You can read about it here.  I don't use the command line product, but believe it is consistent with the other PGP products in retaining backwards compatiblity with PGP 5.0 versions.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Alex_CST's picture

Yes PGP CL is fully backwards compatible

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

Tom Mc's picture

Do you have further questions/concerns on this?

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &