EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PGP Encryption/ Decryption

Posted: 02/25/2014 09:06:10
by Shaik Shafe (Basic support level)
Joined: 02/17/2014
Posts: 7


I have created the key pair(Public key file and secret key file) using Bizcrypto Tools command line and Encrypted the text files using Open PGP protect task in SSIS based on created key files
When I try to decrypt the file Open PGP unprotect task in ssis using same secret key file and public key file , I am not able to decrypt it..

Please help me on this.

Shaik Shafe
Posted: 02/25/2014 12:21:24
by Ken Ivanov (Team)

Hello Shaik,

Thank you for contacting us.

1) Did you provide your secret key passphrase to the decryption components?

2) If you did, what exactly error message are you getting?
Posted: 02/26/2014 00:29:03
by Shaik Shafe (Basic support level)
Joined: 02/17/2014
Posts: 7

Thanks to respond,

Let me explain what exactly I did

1. generate key pair using Open PGP Key tool using following command

"OpenPGPKeyTool -generate -storage keypair -alg elg -bits 1024 -subject emailid@yash.com -expires 1 -pass passpharase"

It generates public and secret key files

2. To Encrypt the file Used the BizCrypto OpenPGP Protect task and encrypted the file using above generated key public key file and selected the option Encryption type is "Both"
and Provided the passphrase value
in Encryption settings and in General setting Operation type is "Encrypt"
once Executed this it created a .pgp file

3. To decrypt the file used BizCrypto OpenPGP Unprotect task.
In Unprotection tab in decrypt settings provided the below values
passphrase = passphrase value
secret key = secret key file
Key passphrase = passphrase value
secret key ring souce = file

In Verify settings

Pulic keys = public key file
check key expiration = true
public key ring source = file

after execution it is getting failed and giving following error
"No appropriate OpenPGP secret key for decryption found"
but secret key file is already located in specified location with .skr extension.

please correct me where I am doing wrong....

Thanks & Regards,
Shaik Shafe
Posted: 02/26/2014 06:28:18
by Ken Ivanov (Team)

Hello Shaik,

In order to localize the issue, please first of all try to simplify all the involved procedures (key generation, encryption and decryption) and check if it changes anything:

- generate a key that does not expire;
- only use the key to encrypt the file (set Encryption Type to Public Key and clear the conventional passphrase);
- on decryption, set Check Key Expiration to false.
Posted: 02/26/2014 06:44:53
by Dmytro Bogatskyy (Team)

Hello Shaik,

Please ensure that ProtectionLevel property for a package is not set to DontSaveSensitive, because all passwords in tasks are marked as sensitive information and encrypted depending on your settings.
Posted: 02/27/2014 00:56:48
by Shaik Shafe (Basic support level)
Joined: 02/17/2014
Posts: 7

Hello Ken/Dmytro

Thanks a lot of your support...
It is working fine now.
Posted: 02/28/2014 04:24:29
by Shaik Shafe (Basic support level)
Joined: 02/17/2014
Posts: 7


I would like to know one more thing on PGP encryption.

Can we encrypt the files using same key files but diffrent passphrases
for example

I have one keypairs Sample.pkr and Sample.skr and passphrase is "password"
and I have 2 text file to encrypt File1, File2
I Would like to encrypt the File1 using Sample key pair and passphrase is "password"
and Encrypt File2 using Sample key pair but expecting passphrase is "diffrent"

Is it possible....

please suggest me

Shaik Shafe
Posted: 02/28/2014 05:27:51
by Ken Ivanov (Team)

Hello Shaik,

Yes, it is possible.

The most important thing to understand here is that you normally operate with two different, independent passwords: 1) the password that was used to encrypt the secret key (you provide it via the KeyPassphrase property), 2) the password that encrypts the message itself (Passphrase property). Key passphrase is only needed for decryption and signing tasks, you do not need to provide it for encryption and verification procedures, which do not involve secret key operations.

If you set EncryptionType to Both, both the provided public key(s) and the password are used to encrypt the message. The recipient can decrypt that message with either the relevant secret key, or with the password. If they prefer to decrypt the message with the secret key, they will need to know the key encryption password (different to message encryption password), which they then will use to decrypt the key.
Posted: 02/28/2014 06:08:13
by Shaik Shafe (Basic support level)
Joined: 02/17/2014
Posts: 7

Thanks Ken,
I tried. it is working
Once again Thanks for your support



Topic viewed 11530 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!