Page MenuHome GnuPG

--rfc4880 not working in Gpg4win 4.1.0?
Closed, ResolvedPublic


A problem was reported where the option --rfc4880 does not seem to work after an update from Gpg4win 4.0.3 to 4.1.0
The user encrypted with option --rfc4880 and the recipient using the C# library bouncycastle tried to decrypt it.

When the file was encrypted with 4.0.3 the recipient could decrypt it. When it was encrypted with 4.1.0 the recipient could not decrypt it anymore. The recipient told that the problem was that "packet type 20" isn't part of the standard. The file was always encrypted using --rfc4880. The option --openpgp also didn't help.

Event Timeline

cklassen removed External Link.
werner claimed this task.
werner edited projects, added Support, OpenPGP; removed Bug Report.
werner added a subscriber: werner.

OCB mode (i.e. packet 20) is only used if the keys announce it. Thus only after moving a (private) key from GnuPG to a non-GnuPG compatible implementation you will run into this problem. The compatibility options won't override the preference system.

The preference system works in general very good but it has the limit as explained above. FWIW: in the other direction gpg tells you that the preference of a key doesn't match yours and whether you want to update the preferences.

Solution: Use gpg to modify the preferences of the private key used by BC: Run gpg --edit-key on your key and

gpg> pref
[ultimate] (1). someone@somewhere
     S9 S8 S7 S2 A2 H10 H9 H8 H11 H2 Z2 Z3 Z1 [mdc] [aead] [no-ks-modify]

which shows the current preferences. You want to remove the An preference; thus enter

gpg> setpref S9 S8 S7 S2 H10 H9 H8 H11 H2 Z2 Z3 Z1 [mdc] [aead] [no-ks-modify]

follow the promps, run "save", and copy the key again to the BC implementation.