Can I encrypt with GnuPG and decrypt with OpenSSL?

Question

I wonder why this does not work on Linux?

gpg --cipher-algo AES256 -c -o test.zip.enc test.zip 
Enter passphrase:

openssl enc -AES-256-CBC -d -in test.zip.enc -out test.zip
enter aes-256-cbc decryption password:
bad magic number

To give a context, I have an application where I encrypt a file on Linux with GnuPG and I want Mac users to be able to decrypt it without need to install additional software (OpenSSL comes pre-installed on OS X).

Sure, I just wondered if there was a quick solution without modifying application code and bumped into the above problem. — xtrb8433, Nov 29 '16 at 09:16

score 6 · Answer 1 · answered Nov 30 '16 at 18:01

6

OpenSSL implements the X.509 standard, while GnuPG implements OpenPGP. While both use mostly the same cryptographic algorithms with lots of overlap, both protocols have their own file formats and minor differences, especially in the mode of operation for symmetric encryption.

Both OpenSSL and GnuPG are available for pretty much all operating systems, while GnuPG is only shipped by default with most Linux distributions, but OpenSSL is readily available for pretty much all unixoid operating systems.

If you insist on using GnuPG, also have a look at GnuPG's gpgsm component which is an implementation of X.509 compatible to OpenSSL (but cannot use OpenPGP keys because of the different formats, thus requires an X.509 key).

answered Nov 30 '16 at 18:01

Jens Erat

23,446
12
72
96

Actually, for gpgsm can be persuaded -- perhaps tricked -- to convert a PGP-format RSA key to a SMIME-format one; see https://superuser.com/questions/435321/how-can-i-export-public-keys-in-pem-format-with-gnupg#1414277 and my derivative https://security.stackexchange.com/questions/238641/#238681 :=? – dave_thompson_085 Oct 08 '20 at 00:56
Interesting, if the OpenSSL can make the same as PGP then why to use PGP? The more formats and different tools then harder to maintain security – Sergey Ponomarev Jul 01 '22 at 10:45

score 3 · Answer 2 · answered Nov 29 '16 at 09:41

OpenPGP (GPG) and OpenSSL use different encryption formats for (slightly) different uses. Those formats are not interchangeable. In particular, OpenSSL cannot parse OpenPGP encrypted data.

I would recommend using the same software on both Linux and OS X.

score 0 · Answer 3 · answered Oct 07 '20 at 15:58

OpenSSL & GPG have different implementations of same algorithms, so with current versions, aren't compatible eg. different magic bits (until someone comes up with an intermediate software that translates between the two eg. translator or virtual machine).

This issue arises in every new technology/industry (cf. NTSC & PAL, MacOS & Windows, Diesel vs Petrol), and may even remain unsolved.

OpenSSL also comes pre-installed with most flavors of Linux eg. CentOS, Ubuntu, Red Hat & Arch Linux, so to solve your problem, encrypt with OpenSSL for your "Mac users to be able to decrypt it without need to install additional software".

Another solution would be to send files over https (TLS) implemented for similar algorithms by web browsers (if your reason for encryption is secure transport of files).

score -2 · Answer 4 · edited Mar 18 '18 at 00:58

-2

On the most known Linux distributions, openssl is already loaded after fresh installation.

I have the same problem when writing books because I primary use Linux for composing the texts and MacOSX for ebook publication. Because Linux is my usual OS, I have gpg keys only on Linux, so I use OpenSSL that I found installed on both OS after installation.

In my script, used by both OSes I use:

to encrypt:

openssl des3 -salt -in MyBook.tar -out MyBook.tar.encrypt

to decrypt:

openssl des3 -d -salt -in MyBook.tar.encrypt -out MyBook.tar

edited Mar 18 '18 at 00:58

forest

64,616
20
206
257

answered Mar 17 '18 at 10:41

Giuseppe Curto

11

Please upgrade your cryptography to the 21st century. There's no way to encrypt a message in a way that isn't broken with the `openssl` command line tool. Use PGP/GPG instead: it's exactly designed for that. – Gilles 'SO- stop being evil' Mar 17 '18 at 11:59
@Gilles'SO-stopbeingevil': that was an exaggeration. OpenSSL commandline does CMS and SMIME which aren't broken. Commandline `enc` can use a raw key from e.g. E-S ECDH + hash and random IV both of which commandline can also do, which aren't broken. Only _password-based enc_ using lame EVP_BytesToKey with super-lame iter=1 was broken -- and that was fixed adequately if not excellently by adding PBKDF2 in 1.1.1, which was in beta when you commented in 2018 and released soon after. – dave_thompson_085 Oct 08 '20 at 01:00
@dave_thompson_085 It's still a command line interface that requires you to move the key around, and that happily lets you select broken parameters such as DES and ECB. Even now that the cryptographic primitive isn't stupid, the interface is still stupid. – Gilles 'SO- stop being evil' Oct 08 '20 at 09:36

Can I encrypt with GnuPG and decrypt with OpenSSL?

4 Answers4