#100 ✓released

"Decryption failed" error on content encrypted to my own public key? WTF

Reported by Casemon | November 28th, 2011 @ 04:33 AM | in 1.7 (closed)

As a test, I encrypted some random text using my own public key (sign option is off when encrypting)

I then try to decrypt the result and immediately receive "Decryption failed. Decryption failed." error dialog.

Same thing happens when trying with a file instead of text.

Any solution to this?

Otherwise, how do i even begin to troubleshoot? (Console says nothing useful)

Using OS X Lion with latest GPG.

Comments and changes to this ticket

  • Alex (via GPGTools)

    Alex (via GPGTools) November 28th, 2011 @ 11:54 AM

    • Milestone set to 1.7
    • State changed from “new” to “open”
    • Assigned user set to “Kevin Holzer”
    • Importance changed from “Medium” to “High”

    Can you decrypt your text using the command line? Maybe your public key has no secret key? Could you attach your "General GPGTools System Diagnostics" from http://support.gpgtools.org/kb/faq/how-can-i-generate-debugging-inf... ?

  • Casemon

    Casemon November 28th, 2011 @ 05:13 PM

    Was under the impression I had a secret key with my public key; recall creating it and moving my mouse a lot ;)

    Also, the command gpg2 -ao myprivate.key --export-secret-keys (MyKeyID) runs & creates key without error & GPG Keychain says SEC next to my key, however gpg2 --list-keys doesn't mention any SEC:

    pub 4096R/(MyKeyID) 2011-09-24
    uid MyEmail MyEmail@email.net
    sub 4096R/(SomeOtherID) 2011-09-24

    the output log of the debugging command is attached; have cleaned it of all personal info (like above).

    (as an aside, was very surprised to see a debug command be so cavalier with spreading my personal info, asking for my secret PGP password, then creating an email with an embedded log containing my user name, my computer name, my public keys, my PGP email, several other email addresses from the GPGMail output, and all with no warnings this is being done, etc. This seemed incongruent with the goal of privacy that these tools have; have opened another ticket for this)

  • Alex (via GPGTools)

    Alex (via GPGTools) November 28th, 2011 @ 06:05 PM

    • Assigned user changed from “Kevin Holzer” to “Mento”


    Was under the impression I had a secret key with my public key; recall creating it and moving my mouse a lot ;)

    It seems that you don't have a secret key. The log says: "gpg: decryption failed: No secret key". Can you somehow reproduce what you've done? You are the third user with a public key without having a private counterpart.

    This seemed incongruent with the goal of privacy that these tools have;

    Well, it's congruent with the goal to provide good support. But you're probably right: we should add a big disclaimer.

    @Mento: assigning this ticket to you since I assume there could be a bug with the key generation using GKA

  • Casemon

    Casemon November 28th, 2011 @ 06:18 PM

    As I recall, when installing, I followed the instructions given.

    Opened the Installer, at the end of install, GPG Keychain opened and initiated the new key process. I followed those instructions, moved my mouse around for about a minute, and bob was my uncle. Later found I couldn't decrypt anything :(

    Otherwise, am at a loss. What steps should I take to help this issue?

    Also, created new ticket for personal info appearing in log here:

  • Casemon

    Casemon November 28th, 2011 @ 06:28 PM

    Adding, someone deleted the other ticket just after I received notification the issue was being addressed and that the ticket would remain open :(

  • Casemon

    Casemon November 28th, 2011 @ 06:29 PM

    Also, intend to donate to this project after we get this ticket resolved, FYI

    If it helps :)

  • Alex (via GPGTools)

    Alex (via GPGTools) November 28th, 2011 @ 06:32 PM

    It wasn't deleted. It was moved: http://gpgtools.lighthouseapp.com/projects/65161/tickets/93 - since it's not related to GPGServices.

  • Casemon

    Casemon November 28th, 2011 @ 06:34 PM

    My bad; didn't think the ticket # would get updated if moved (and saw the open count had decreased) so i jumped the gun :O

  • Casemon

    Casemon November 28th, 2011 @ 06:53 PM

    So is there any hope in decrypting the content encrypted to my current public key? I can take bad news, just want to know if I'm wasting time holding out for a solution, or if I should start from scratch with a new key?

    Maybe can start with where would the private key be located? If it was deleted somehow, maybe I have a backup.

  • Casemon

    Casemon November 28th, 2011 @ 07:12 PM

    Not to keep replying to my own comments, but I ran this command gpg2 --list-secret-keys and it output the expected info:

    sec   4096R/(MyKeyID) 2011-09-24
    uid                  MyEmail 

    So it seems the private key is there, just not being used on decrypt?

    Will keep digging!

  • Casemon

    Casemon November 28th, 2011 @ 07:28 PM

    Despite the above command working fine, when trying to decrypt via command line I get the same error as with GUI: gpg: decryption failed: No secret key

    The error message suggests the content (encrypted with my public key) is actually encrypted with the ID of the sub key? Is this expected? Obviously I don't know much about this.

    All I know is that GPG Keychain Access shows SEC with an ID and then has 2 children; 1st child is SUB with another ID and then UID with only name & email.

    Am getting very worried that all my encrypted content is lost... :|

  • Casemon

    Casemon November 28th, 2011 @ 08:47 PM

    Ahh I see that I'm duplicating the effort of the debug script a little... ok, am learning :)

    To help resolve this, tried Christophe's solution of deleting the pub & sec rings and reimporting keys, as mentioned here: http://gpgtools.lighthouseapp.com/projects/67607/tickets/97-service...

    But this did not resolve the issue for me :(

  • Luke Le

    Luke Le November 28th, 2011 @ 09:06 PM

    Just to find out if GKA is really at fault here, could you try creating a key manually.

    1.) $> gpg --gen-key
    ... insert all info wait until key is generated

    2.) Create a test file
    3.) $> gpg -e -a -r $email entered before$ $path to test file$ (without the dollar signs)
    4.) $> gpg --decrypt $path to test file$.asc (without the dollar signs again)

  • Casemon

    Casemon November 28th, 2011 @ 09:16 PM

    I started fresh; backed up keys, then uninstalled GPGTools, deleted everything that was left over, including ~/.gnupg folder & the PrefPane that doesn't get uninstalled (whoops!), then reinstalled latest GPGTools (20111127 yesterday) and hit ESC when GPG Keychain asked me to create a new key.

    Then ran the above commands Terminal commands. Result:

    • Step 3 failed, saying gpg: [stdin]: encryption failed: No public key

    I won't do any more until i hear back from you, so as to not pollute this fresh install state.

  • Luke Le

    Luke Le November 28th, 2011 @ 09:20 PM

    Wow, this really is strange.
    If you want to, we could have a screen sharing session where I log into
    your computer and try to get this thing sorted.

    I'd propose to use Team Viewer which provides a free download.

    Of course you have to tell us if you feel comfortable with that.

  • Casemon

    Casemon November 28th, 2011 @ 09:33 PM

    @Luke Sent you a mail ;)

  • Luke Le

    Luke Le November 28th, 2011 @ 09:39 PM

    Hmm... I didn't get one. Could you resend it to lukas@dressyvagabonds.com or lukele@gpgtools.org?

  • Casemon
  • Luke Le
  • Casemon

    Casemon November 29th, 2011 @ 04:47 PM

    Haha, it is true; I saw a button and it was shiny, so I had to click!! :)

  • steve

    steve November 29th, 2011 @ 08:08 PM

    This reminds me of the simpsons scene where homer can't resist to push the red button which says "don't push". he pushes it and out of the corner comes karate-man and knocks him over :P

  • Casemon

    Casemon November 29th, 2011 @ 09:37 PM

    Just realized i left the video camera on when i first came across the bug... posted the footage here, unedited so you can see exactly what happened:

    (i'm the small chunky one :P )

  • Luke Le

    Luke Le November 29th, 2011 @ 10:04 PM

    @Casemon: muahaha, the first part of your message read like a cheap sex spam :D

  • steve

    steve January 29th, 2012 @ 03:04 PM

    • State changed from “open” to “fixed”


  • steve

    steve June 18th, 2015 @ 04:26 PM

    • State changed from “fixed” to “released”
    • Importance cleared.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Shared Ticket Bins


Referenced by