Decryption issue with files provided by Bendigo Bank

anon50049466 · January 5, 2021, 3:18am

ur local bank is sending encrypted text files to us that we were decrypting using Gpg4win version 2.3.3.

After a Windows 10 update and our vulnerability software seeing it as a risk and updating it to the latest version, I have been unable to reinstall V2.3.3 as it loops at the point where it advises to close running apps and will not progress.

So, given that it seems that I have to use the latest version… how can I get V3 to permit the decryption of badly encrypted files from the bank?

The error given is:

ES256.CFB encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected
gpg: decryption forced to fail!

I am guessing from this that I need to prevent the “forced to fail”? Can this be done?

aheinecke · January 5, 2021, 8:04am

oh my,

for really legacy messages Kleopatra offers an option in the GUI to decrypt anyway but you are seeing a modern cipher without the MDC code.

So you have to pass “–ignore-mdc-error” to the command. Probably also “–rfc2440” to the command.

That should work. You can also put them in %APPDATA%\gnupg\gpg.conf as “ignore-mdc-error” (without the dashes) so that they are passed even if kleopatra is used for decryption.