XLSX files corrupted during encryption

1

I have a vendor encrypting an xlsx file using McAfee E-Business server with PGP version 7.1.1 using the following command:

pgp --encrypt --sign --user ${vendorpgpkey} --passphrase InputFilename --force --overwrite --output OutputFilename

I am trying to decrypt the file using the following command.

gpg -d --output "${PGPDecryptedFileName}" "${PGPEncryptedFileName}"

This process works when the vendor is sending me .txt, .csv, or .pdf files. However, if they try to encrypt and send me a .xlsx file, the file is getting corrupted when decrypted.

The vendor is sending the file to me via SFTP using binary transfer.

I can encrypt the file on my local laptop and decrypt it without any issues so I'm assuming it's something related to how the vendor is handling encryption. I also checked Symantec help and couldn't find any leads.

Any help identifying the issue or pointing out additional debugging steps would be appreciated.

user1193339

Posted 2016-08-25T19:31:35.480

Reputation: 11

I've always had rather good success using the following syntax for PGP file-level encryption pgp -e "<sourcedir>\<Filename>" -r <key> --output "<Outputdir>" --temp-dir "%temp%" --verbose --debug >> %tmplogfile% 2<&1 & then I can review the log file later if there are issues to see if there were any errors, etc. if someone screams; although, I'd likely get an email about a "known" error from the job before someone screamed with the way I setup these jobs. You might as them to send you their PGP log or turn on verbose and review. Can you add what error you get exactly when you have the issue? – Pimp Juice IT – 2016-08-25T20:36:15.550

On the decryption side with PGP I use this syntax pgp --decrypt "<sourcedir>\<filename>" -o "<outputdir>" --passphrase <passphrase> --temp-dir "%temp%" --verbose --debug >> %tmplogfile% 2<&1... you might confirm that you don't need a passphrase with the GPG commands in case that's what is going on and when you encrypt and decrypt with your own keys there may be something implicit that makes that work versus an external entity encrypting with your public key. The SFTP using BINARY should be be a problem either change to ASCII mode to easily test otherwise though. – Pimp Juice IT – 2016-08-25T20:40:30.640

Sorry for all the darn comments but I just though of something else... Ask them to send you an XLSX file via the SFTP connection and without the file-level encryption to see what results you get. Since the FTP is encrypted via SSH, the file contents will be well protected and you can be watching in the mailbox to move the file right away if data-at-rest security once on the FTP server is a concern for them... Just thinking of simple ways I'd troubleshoot this sort of issue. – Pimp Juice IT – 2016-08-25T20:43:15.627

This sounds like PGP's text mode might be in effect... Is there a --no-text option in pgp or such? – user1686 – 2016-08-25T20:59:22.610

Thanks @PIMP_JUICE_IT. I'm asking for a copy of an unencrypted file now to see if I can notice the issue. Will try your verbose logging as well. – user1193339 – 2016-08-25T21:00:05.350

Answers

0

These files are really .zip files, so you can try to unpack the .xlsx file like a .zip and try if the password matches the used one. If unpacking will go well then there is problem with the content of the archive. If not - CRC checksum doesn't match the one in the file and you need to get file once again.

pbies

Posted 2016-08-25T19:31:35.480

Reputation: 1 633

Unpacking didn't work. Every .xlsx file the vendor sends has this issue while other files work correctly (csv, txt, pdf). I'm thinking it's definitely an issue with how the files are being encrypted. – user1193339 – 2016-08-25T19:42:31.810

Asked: 2016-08-25T19:31:35.480

Viewed: 570 times

Active: 2019-10-27T14:22:39.003