Unable to decrypt S/MIME email encrypted using the RSAES-OAEP key transport algorithm with PGP Encryption Server (Symantec Encryption Management Server)
search cancel

Unable to decrypt S/MIME email encrypted using the RSAES-OAEP key transport algorithm with PGP Encryption Server (Symantec Encryption Management Server)

book

Article ID: 170265

calendar_today

Updated On:

Products

Encryption Management Server PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK Desktop Email Encryption Drive Encryption Endpoint Encryption File Share Encryption Gateway Email Encryption

Issue/Introduction

The PGP Encryption Server (Symantec Encryption Management Server) cannot decrypt S/MIME email encrypted using the RSAES-OAEP (RSA Encryption Scheme - Optimal Asymmetric Encryption Padding) key transport algorithm.

The mail log will contain entries like this when the PGP Encryption Server attempts to decrypt an RSAES-OAEP encrypted message:

2017/10/11 09:30:09 +01:00  INFO   pgp/messaging[3412]:      SMTP-00001: recipient [email protected]: policy rule match: chain: "Inbound", rule: "Decrypt Message (SMTP)"
2017/10/11 09:30:09 +01:00  WARN   pgp/messaging[3412]:      SMTP-00001: fatal exception evaluating policy for recipient [email protected]: unimplemented public key operation - jumping to Exception chain

Resolution

If you are using RSAES-OAEP, and finding that decryption is failing, this not currently supported.  

If you are running into this issue, reach out to Symantec Encryption Support for further guidance.

Additional Information

EPG-37432

Powered by Wolken Software