Large Files Cannot be Decrypted with PGP "Error 3090: Operation Failed, Bad Packet"
search cancel

Large Files Cannot be Decrypted with PGP "Error 3090: Operation Failed, Bad Packet"

book

Article ID: 157424

calendar_today

Updated On:

Products

PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK Desktop Email Encryption Drive Encryption Endpoint Encryption File Share Encryption Encryption Management Server Gateway Email Encryption

Issue/Introduction

Potential Issue #1
If files are modified in transit, the ASCII code may have been modified to the point that it cannot be parsed properly for decryption.

 

Potential Issue #2

Larger files (2+ GB) from other encryption solutions (Not PGP Command Line) fail to decrypt when using PGP Command Line 10.2 or 10.2.1.

pgp --decrypt encrypted-test.gpg --passphrase "password" --verbose
pgp:decrypt (3157:current local time 2012-12-03T16:39:18-07:00)
C:\Documents and Settings\Administrator\My Documents\PGP\pubring.pkr:open keyrings (1006:public keyring)
C:\Documents and Settings\Administrator\My Documents\PGP\secring.skr:open keyrings (1007:private keyring)
Decoding file encrypted-test.gpg... 99% (Γ╕ѵÿ▒τîÑ)   encrypted-test.gpg:decrypt (3090:operation failed, bad packet)
Wiping file pgp-4448-0.tmp... 100%
pgp-4448-0.tmp:decrypt (0:file wiped successfully)

Cause

It appears there is a failure in parsing data at the close of the decryption process.  It appears that the file does decrypt successfully to a temp file, but  when the command fails to successfully complete, the Temp file is erased.

Resolution

Potential Solution #1:

Obtain a checksum value of the file directly after it was encrypted and then compare to the file you received when trying to decrypt.

If the checksum values don't match, re-transmit the file until the file is not modified during transit.

If it is allowed in your general flow of transferring these files, it may be useful to first compress/zip/archive the files before transit to ensure these ASCII files are not modified during transit.
This may help prevent corruption during transit. 

 

Potential Solution #2:

Currently use the following workaround to resolve the issue by running the PGP decrypt command with "--temp-cleanup off" included. 

For example:
pgp --decrypt --passphrase "your password" --temp-cleanup off --verbose

This should leave the temp file behind.  It should appear in the following format:
pgp-xxxxx-0.tmp

At this point you should be able to rename the file back to its original file name and use the file as you normally would.

This issue is fixed in the following release:
•  10.3.0 build 214 or above.

Please upgrade to the latest available release.  For information on how to download the latest version of PGP Command Line, see the following article:

193931 - How to download Symantec Encryption products from the Broadcom download Portal (And where to find the license number for PGP)

 

 

 

Powered by Wolken Software