EldoS | Feel safer!

Software components for data protection, secure storage and transfer

No appropriate OpenPGP secret key for decryption found.

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#10107
Posted: 05/21/2009 17:22:42
by Bryan Smith (Standard support level)
Joined: 05/21/2009
Posts: 2

I am a delphi developer and have a requirement to decrypt files that have been encrypted using PGP. I downloaded PGPDesktop, generated a public/private key pair, sent the public key to the company that would be encrypting the files I need to decrypt.

I am able to manually decrypt the files now using PGPDesktop but I wanted to automate the process so I purchased SecureBlackBox VCL library.

I could not get the PGPBlackBox components to work in my program. I get the error message “No appropriate OpenPGP secret key for decryption found.”

I compiled the sample project FilesExample.dpr and get the same error when it runs.

Here is my code…..

krECI.Load('c:\pubring.pkr', 'c:\secring.skr', True );
PGPReader.KeyPassphrase := 'MyPrivateKey';
PGPReader.Passphrase := ' MyPrivateKey ';
PGPReader.DecryptingKeys := krECI;

PGPReader.DecryptAndVerifyFile('c:\MGIVR_090520.xml.pgp');

This call throws the exception described above.

The PGPReaderSigned event is never triggered so I’m pretty sure the file is not signed.

How can I trouble shoot this and find the problem?
#10110
Posted: 05/22/2009 00:11:52
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. Have you installed IDEA module, available at downloads section?
#10115
Posted: 05/22/2009 02:19:31
by Eugene Mayevski (EldoS Corp.)

I don't think IDEA module is related here (although it can be).

Let's start with the following checks:

1) If you use FilesExample with your keyrings to encrypt and sign the file, and then decrypt and verify the file using the same keyrings, will decryption fail?

2) If you use PGP Desktop with our sample keyrings (found in \PGPKeys folder) to encrypt and sign the file, and then decrypt and verify the file using the same keyrings, will decryption fail?

We need to understand, whether the problem is specific to your keyrings or to PGP Desktop or to both of them combined, so please check all cases.


Sincerely yours
Eugene Mayevski
#10116
Posted: 05/22/2009 02:30:41
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

IDEA module can be an issue, when secret key is encrypted with IDEA algorithm, so this also should be checked.
#10153
Posted: 05/26/2009 10:28:28
by Bryan Smith (Standard support level)
Joined: 05/21/2009
Posts: 2

Thanks for your help. I was able to get the decryption to work.
One question. How can I embed the pub and private keys in my program? All I have is the pub.asc and pri.asc files. Here is an example of the pub file

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Desktop 9.10.0 (Build 500)

mQENBEoLDZgBCACWpQhtMErYGsXpjmUHGsYYFo9rSlM4MOKbw5EIiIKbQy0BRq2j
pQjQ9VqnPV6Q0dJZ14LO3IGjRZADspwHvAoRZkfjMyWJo0KTrRHuGk49TqdRw61c
cgye9T6hKVXKfNJXrNcJ7p0Dde3101PfK0CwKbPr3TxlRNZCwSzqYu58RkHIlBU2
pXaNjBJUvR8Af50+s4RkefDP099O+RKlV4qDTgzEsWgpRxvCDxoIn5p1OALFad1i
BCKgdV89jDPqDsGrDbaZrQbhBXUuFYtnZjWyiXG2n6UTqXZJl6YkiY9GmkDTjQrZ
YEFK7HixKRnk4MXMgiIPwt+aUHsvfhView3rABEBAAG0Hk0yTSwgTExDIDxicnlh
bkBlYXJ0aHdhbGsuY29tPokBbQQQAQIAVwUCSgsNmTAUgAAAAAAgAAdwcmVmZXJy
ZWQtZW1haWwtZW5jb2RpbmdAcGdwLmNvbXBncG1pbWUHCwkIBwMCCgIZAQUbAwAA
AAMWAgEFHgEAAAAEFQgJCgAKCRA04TVqOO5eYL4PB/wIu13FOKz7OvacaX5p00hU
eahDv6FE7naeyKzd9FNeliOonU5pFoa8Gn1QrLrrbxnp12rsaTXxv8skLjA9VhKb
xC0zyQjkGnZcqYbRTpX9uhT2i/6OIDitvhNXhukoECzhcy4GD65BNbt2Z/82lLWf
a0zbFrADoepMwCivtHeg+DlHQcSw96s6fx0yG6eKJU+yOJB66bDAteXWo0RBcXVj
+jHUmcvtc0nqpqmtIff5x4DI5MSHsBtILCpXA4HL41bA+jpeafxFwX8jDlhdJ1+H
M/mI5kHWNEhguKVLvjZgZUQG6CgJgAhIFansD7zjIBbB3MTGuV9EYC4ZcqNAbUGv
uQENBEoLDZkBCADHzN3Nm9FePZS28yPMjRAzG0OAWjz1isq24ikuKAsB1NFvhyyp
yViwC07+TE+ubvfXr0QPq7cQ4Tr5tPQFtjCu3dj7xxIpndy2+1DztzGZl9x4oYP1
d54JkrL3ZNu/FNG9vDEcGcTocdgvrivdxJdMCB2h83nUEAxa4b3qzrRBHphovuPm
QhfhcVytMn11ZiGvq/bS6emoJTJTyNTXcS1w0gUKbfX1Uqwsbt9plPI/eBHcASKR
9DZ5xWJyjD1f07TIQ4Ix1zKNIuLVqRwKOepRbTdPIeu4fP1NrrdwsFEJSyyJWVLS
7dhdrc+4V3Q2rYdeYe4JHaK11k3K8HEB5EO3ABEBAAGJAkEEGAECASsFAkoLDZoF
GwwAAADAXSAEGQEIAAYFAkoLDZkACgkQRfwawqSRsbptUgf9FTiAINaDJVjGsBXG
0uaUHWgDsB+XIiCJyGp5BNLp2ViWRIU/+IZf6LWiCrlzDTSoss1WvkVOOv58HsfH
gPro+dpcnWyIJtMrjn4ig9FROpiLJsQa0U/b+xO98MWg/rM+AP2ggWoAlIuMj0V3
nDKmdLrj8lH2BIXkTm+Cjco2J8BeGCdLJdvht1oIZVcdVO497Ub5pENZ8ja2GUph
ZoZEEEPNrc1liYamlOD7kZowLA4LNz/CGGpr5hnhFlL6PrTZP20uFg7WOOSLX+Mz
JsTwzKSwvRjOtzUSqRftDmnyGpmJWsypuZTCuUr/yE8Ek+i5Vxbsv14kEQxgP1rC
PhGP6QAKCRA04TVqOO5eYGn7B/9RzgPhUntbwqYqemgpAp96xGPnOjhN8zhrU1CQ
WbZtmW8otEldn36DCfofAwPzMq4UodDnhtYeEDetrxQ1JBk4/FQGQBH0+g5TJxVf
SZmJj1luBMYymXwbyJ1hr3SHk41NcRyzxnVErSPDRdDGondsRLIHMB8Wk4e+P95c
ii9paVPZimVIMZo0FCkRQG4HVjaVFRa8xDaIyJ60kUs6TQo/zIm7mWrIngUZ8bC2
UmHXMBHu/C5PCC/1ggE1PZa5IbB17bmQP2xlb5wvf6+2NoKt6wHGlSWWjbTXj8rf
lulVEFjGMMS5qETVT7FsMyIW6gGV9vM9VnRG0czbDNHjKpPr
=nSvd
-----END PGP PUBLIC KEY BLOCK-----


What part of this file is the actual key? Does the key include carriage return line feeds or are they ignored? Or are they stripped out when a .asc file is given to the PGPKeyring.Load method?
#10154
Posted: 05/26/2009 11:21:07
by Eugene Mayevski (EldoS Corp.)

You should keep the complete data as you posted it, including CRLF and the starting and ending lines, which are used as markers when the key is loaded.

You can keep this data in the resources but keep in mind that if you keep them this way, they can be easily extracted. So you need to take additional care about protection of the secret key and of the passphrase which opens access to encrypted secret key.


Sincerely yours
Eugene Mayevski
#10156
Posted: 05/26/2009 13:33:46
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

The other way is to save public and secret key in binary format (with Armoring set to false), and after convert that binary representation into byte array and store as constant in your code. It should be more secure.
#10157
Posted: 05/26/2009 13:52:24
by Eugene Mayevski (EldoS Corp.)

"Secure" here means less visible. But still quite easily accessible for an experienced reverse engineer (like me ;).


Sincerely yours
Eugene Mayevski
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.

Reply

Statistics

Topic viewed 4909 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!