BAD signature - potential timezone problem

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

BAD signature - potential timezone problem

Greg Sosna

I’ve received two files from the same sender who uses OpenPGPBlackbox, they assure me that they are both encrypted the same way with the same parameters, just at different times. The sender is located in Sydney, NSW, Australia and I am located in Auckland, New Zealand.  The files are generated at 10pm and 4am Sydney time.  Both of the files decrypt correctly using GnuPG 2.1.18 but the one generated at 10pm receives bad signature, while the one at 4am receives good signature irrelevant of what time I try to decrypt them. The times of the signing that GPG reports are correct (in American date format).

 

My question is whether there is anything else I can do to troubleshoot this issue to get to the bottom of the problem ?

 

.\GnuPG\bin\gpg.exe --verbose -o output_4am.txt --decrypt decryptedfile_4am.gpg

 

gpg: public key is ...

gpg: public key is ...

gpg: using subkey ... instead of primary key ...

gpg: encrypted with 4096-bit RSA key, ID ..., created 2016-10-20

      "GPG key TEST"

gpg: encrypted with 4096-bit RSA key, ID ..., created 2016-10-20

      "GPG key TEST"

gpg: CAST5 encrypted data

gpg: Note: sender requested "for-your-eyes-only"

gpg: Signature made 04/12/17 06:06:36 New Zealand Standard Time

gpg:                using RSA key ...

gpg: using pgp trust model

gpg: Good signature from "..." [full]

gpg: textmode signature, digest algorithm SHA1, key algorithm rsa2048

 

 

.\GnuPG\bin\gpg.exe --verbose -o output_10pm.txt --decrypt decryptedfile_10pm.gpg

 

gpg: public key is ...

gpg: public key is ...

gpg: using subkey ... instead of primary key ...

gpg: encrypted with 4096-bit RSA key, ID ..., created 2016-10-20

      "GPG key TEST"

gpg: encrypted with 4096-bit RSA key, ID ..., created 2016-10-20

      "GPG key TEST"

gpg: CAST5 encrypted data

gpg: Note: sender requested "for-your-eyes-only"

gpg: Signature made 04/12/17 00:02:13 New Zealand Standard Time

gpg:                using RSA key ...

gpg: using pgp trust model

gpg: BAD signature from "..." [full]

gpg: textmode signature, digest algorithm SHA1, key algorithm rsa2048

 

regards,

 

Greg Sosna


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Loading...