Quantcast
Channel: Symantec Connect - Security - Discussions
Viewing all articles
Browse latest Browse all 203

pgp --verify verifies an encrypted file (which is not signed).

$
0
0
I need a solution

Hi,

For an encrypted file, if I run the verify command, it returns the success. Please note, the file is not signed.

Scenario -

Creating the encrypted file.

pgp --encrypt abc.txt --recipient <The owner of public key in your key ring/ to whom you want to send the encrypted file>

(here recipient's pub ring is already imported and signed by private key).

Verification of the file

on the other side, once the file is received by the recipient, this file can be verified, with below command.

pgp --verify abc.txt.pgp --passphrase <passphrase>

This verifies successfully although this file is not signed.

Please advice on below : -

1. Is anyting missing here to avoid the encrypted file getting verified successfully.

2. The basic requirement is if the file is not signed, verification should fail.

3. Is it that, while encrypting, pgp is also adding the signautre (kind of) on the encrypted file which is verified while verification. Is yes, how to avoid the files getting signature on it.

 

Thanks & Regards

Abhijit

 


Viewing all articles
Browse latest Browse all 203

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>