EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Corrupt Signature when using sample application.

Posted: 10/24/2012 10:19:42
by jacob omaits (Standard support level)
Joined: 10/23/2012
Posts: 3

I am using the sample application to generate a pgp key and have provided the key to a vendor. They are using PGP Desktop. When importing, he gets a message that states the key is corrupt. I downloaded the PGP Desktop trial and am able to validate this on my end. When using the sample application, it states the signature is valid...so I am unsure why PGP Desktop reports otherwise.

Is there a known issue with PGP Desktop? Or is there additional work that needs done on my end in regards to the sample application. Any help would be appreciated. I am unsure what information I can provide to you to help so if you need anything, just ask!


Posted: 10/24/2012 12:05:53
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

Keys generated by OpenPGPBlackbox should work with PGP Desktop without any problems. Could you post a key via Helpdesk for investigation.
Posted: 10/24/2012 12:30:26
by Eugene Mayevski (Team)

For me it sounds like the key is indeed corrupted, and that it was corrupted during transfer. To check this you can ask your other party to put the key they've received from you to ZIP archive and send you the archive. Then you can compare your local key with contents of the ZIP file.

Sincerely yours
Eugene Mayevski
Posted: 10/25/2012 11:09:32
by jacob omaits (Standard support level)
Joined: 10/23/2012
Posts: 3

Thanks for the input. I have created a ticket regarding this matter (21710). I can replicate the issue on my local machine so I do not believe the signature is actually corrupted...unless it has something to do with changing the qbits and ascii encoding the key. (see ticket)

Thanks! I'll be sure to post the resolution from the ticket back here for future users.
Posted: 10/25/2012 15:50:28
by jacob omaits (Standard support level)
Joined: 10/23/2012
Posts: 3

The error occurred becuase I had changed the qbits value to an incorrect number (160 as that is the max gpg would handle). It still worked find in GPG but not PGP Desktop. Here is the explanation:

Hi. DSA Q parameter size should correspond to the key size.
For 2048 bit key you should use at least 224-bit QBits.
This is probably why PGP Desktop doesn't like such key.
Posted: 10/26/2012 01:28:25
by Vsevolod Ievgiienko (Team)

Thank you for sharing the answer with other users.



Topic viewed 858 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!