OpenPGP.js - Getting an error: "Error decrypting message: Session key decryption failed."

Question

Here is some of the code using openpgp.js:

const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0];
await privKeyObj.decrypt(passphrase);

options = {
 message: await openpgp.message.readArmored(encryptedData),   
 privateKeys: [privKeyObj]
};

let decrypted = await openpgp.decrypt(options)

When I run my code using a PGP file I get this error: "Error decrypting message: Session key decryption failed."

I can decrypt the file using GPG Tools, but GPG Tools warns : “Warning: The Encrypted File was not Integrity Protected. Without integrity protection (missing modification detection code) it is not possible to determine whether or not the encrypted data has been modified.”

If I decrypt the PGP file using GPG Tools and then re-encrypt it in GPG, the new GPG file runs through my code just fine. That's why I think the openpgp error might be related to that MDC warning.

Could this openpgp.js error be related to that? If so, any ideas how to fix it.

score 0 · Answer 1 · answered Oct 21 '20 at 19:41

Your encrypted file was created by a really old version of the protocol. It's insecure, so if possible, you should request whomever created the file re-create it with a more up to date version.

Otherwise, try setting config.ignore_mdc_error=true (where config is the global openpgp config).

OpenPGP.js - Getting an error: "Error decrypting message: Session key decryption failed."

1 Answers1