Bug#458795: Cannot reproduce this behaviour with libgnupg-perl

Fri Jun 5 05:45:26 UTC 2009

Hi Markus Matuszczak

This Bugreport is a bit older but I looked into it, I cannot reproduce
the behaviour you mentioned regarding symmentric encryption/decryption
with the Version in unstable (0.10-1):

Let's first encrypt but try to decrypt with a wrong passphrase with
symmentric cryptography (note I set the passphrase to "wrong"): 

---(testcode)---------------------------------------------------------
#!/usr/bin/perl -w

use strict;
use GnuPG;

my $gpg = new GnuPG();

# now set my secret for symentric encryption/decryption ...
my $secret="mysecret";

$gpg->encrypt(plaintext => "plain.txt", output => "save.gpg",
        symmetric => 1, passphrase => $secret);

$gpg->decrypt(ciphertext => "save.gpg", output => "plainoutwrong.txt",
        symmetric => 1, passphrase => "wrong");
----------------------------------------------------------------------

Let's test what happens now:
---(output)-----------------------------------------------------------
$ echo "this a secret" > plain.txt
$ cat plain.txt
this a secret
$ ls -l plain*
-rw-r--r-- 1 salvi salvi 14 2009-06-05 07:27 plain.txt
$ ls -l save.gpg
ls: cannot access save.gpg: No such file or directory
$ ./testcode
invalid passphrase - DECRYPTION_FAILED at /usr/share/perl5/GnuPG.pm line 154
        GnuPG::abort_gnupg('GnuPG=HASH(0x8eb2880)', 'invalid passphrase - DECRYPTION_FAILED') called at /usr/share/perl5/GnuPG.pm line 741
        GnuPG::decrypt_postwrite('GnuPG=HASH(0x8eb2880)', 'ciphertext', 'save.gpg', 'output', 'plainoutwrong.txt', 'symmetric', 1, 'passphrase', 'wrong', ...) called at /usr/share/perl5/GnuPG.pm line 711
        GnuPG::decrypt('GnuPG=HASH(0x8eb2880)', 'ciphertext', 'save.gpg', 'output', 'plainoutwrong.txt', 'symmetric', 1, 'passphrase', 'wrong', ...) called at ./testcode line 16
$ ls -l plain*
-rw-r--r-- 1 salvi salvi 14 2009-06-05 07:27 plain.txt
-rw-r--r-- 1 salvi salvi  0 2009-06-05 07:28 plainoutwrong.txt
$ cat plainoutwrong.txt
$      
----------------------------------------------------------------------

Ok this is like as expected, save.gpg cannot be decrypted, and
plainoutwrong.txt is empty.

Now the test with decryption with the right passphrase, so here is the
testcode first:
---(testcode)---------------------------------------------------------
#!/usr/bin/perl -w

use strict;
use GnuPG;

my $gpg = new GnuPG();

# now set my secret for symentric encryption/decryption ...
my $secret="mysecret";

$gpg->encrypt(plaintext => "plain.txt", output => "save.gpg",
        symmetric => 1, passphrase => $secret);

$gpg->decrypt(ciphertext => "save.gpg", output => "plainout.txt",
        symmetric => 1, passphrase => $secret);
----------------------------------------------------------------------

Let's test again:
---(output)-----------------------------------------------------------
$ echo "this is a secret" > plain.txt
$ cat plain.txt
this is a secret
$ ls -l plain* save.gpg
ls: cannot access save.gpg: No such file or directory
-rw-r--r-- 1 salvi salvi 17 2009-06-05 07:30 plain.txt
$ ./testcode
$ ls -l save.gpg plain*
-rw-r--r-- 1 salvi salvi 17 2009-06-05 07:30 plain.txt
-rw-r--r-- 1 salvi salvi 17 2009-06-05 07:31 plainout.txt
-rw-r--r-- 1 salvi salvi 55 2009-06-05 07:31 save.gpg
$ cat plainout.txt
this is a secret
$ gpg --decrypt save.gpg # using "mysecret" as passphrase
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
this is a secret
gpg: WARNING: message was not integrity protected
$    
----------------------------------------------------------------------

So I cannot reproduce your bugreport, could you please provide more
information, in case you still can? (Note there was a "typo"(?) in
your testcode, one time you use save.gpg, the other time save.pgp and
there was also a missing ")").

Kind regards and hope that solves for you too
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20090605/6c11e3b7/attachment.pgp>