We encrypt a file for a client using BouncyCastle API. He gets a “For your eyes only” message from PGP when trying to decrypt it. Why?

Question

We use the Bouncy.Castle C# API to do PGP encryption. I am by no means an expert on PGP encryption and the various options available.

The encryption seems to run fine, however, when the client tries to decrypt it, he says that PGP won't output to file but only output to screen because it is marked "For your eyes only." This is the --verbose message:

pgp --decrypt Client_FileExport_20110510_020011.zip.pgp
  Client_FileExport_20110511_132203.zip.pgp --info verbose

McAfee E-Business Server v8.5 - Full License
(c) 1991-2006 McAfee, Inc.  All Rights Reserved.

Setting temporary directory to C:\DOCUME~1\$963\LOCALS~1\Temp\
Decoding data....

event 1: initial
event 13: BeginLex
event 8: Analyze
File is encrypted.  event 9: Recipients
Secret key is required to read it.
Key for user ID "Client_RSAv4_Key <Bob.Smith@Client.com>"
event 6: Passphrase
You need a pass phrase to unlock your secret key.

Enter pass phrase:

event 23: Decryption

symmetric cipher used: CAST5
event 11: Output options
typecode: 0062
for your eyes only


This message is marked "For your eyes only".  Display now (Y/n)?

I have no clue as to how to go about debugging this. Anybody know?

Here is the general code we use to encrypt data. In this scenario we are not signing the document, so that portion of the code can be ignored.

private void EncryptImpl(Stream inputStream, Stream outputStream, bool signOutput)
    {
        const int BUFFER_SIZE = 1 << 16; // should always be power of 2
        bool armor = true;
        bool withIntegrityCheck = true;

        if (armor)
            outputStream = new ArmoredOutputStream(outputStream);

        var encKey = PgpHelper.ReadPublicKey(this.EncryptionPublicKey);

        // Init encrypted data generator
        PgpEncryptedDataGenerator encryptedDataGenerator =
            new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom());
        encryptedDataGenerator.AddMethod(encKey);
        Stream encryptedOut = encryptedDataGenerator.Open(outputStream, new byte[BUFFER_SIZE]);

        // Init compression
        PgpCompressedDataGenerator compressedDataGenerator = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip);
        Stream compressedOut = compressedDataGenerator.Open(encryptedOut);

        PgpSignatureGenerator signatureGenerator = null;
        if (signOutput)
        {
            // Init signature
            var pgpSecKey = PgpHelper.ReadSecretKey(this.OrigamiSecretKey);
            PgpPrivateKey pgpPrivKey = pgpSecKey.ExtractPrivateKey(this.PassPhrase.ToCharArray());
            signatureGenerator = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
            signatureGenerator.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
            foreach (string userId in pgpSecKey.PublicKey.GetUserIds())
            {
                PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
                spGen.SetSignerUserId(false, userId);
                signatureGenerator.SetHashedSubpackets(spGen.Generate());
                // Just the first one!
                break;
            }
            signatureGenerator.GenerateOnePassVersion(false).Encode(compressedOut);
        }

        // Create the Literal Data generator output stream
        PgpLiteralDataGenerator literalDataGenerator = new PgpLiteralDataGenerator();

        // TODO: Use lastwritetime from source file
        Stream literalOut = literalDataGenerator.Open(compressedOut, PgpLiteralData.Binary,
            PgpLiteralDataGenerator.Console, DateTime.Now, new byte[BUFFER_SIZE]);

        // Open the input file
        byte[] buf = new byte[BUFFER_SIZE];
        int len;
        while ((len = inputStream.Read(buf, 0, buf.Length)) > 0)
        {
            literalOut.Write(buf, 0, len);

            if (signOutput)
                signatureGenerator.Update(buf, 0, len);
        }

        literalOut.Close();
        literalDataGenerator.Close();

        if (signOutput)
            signatureGenerator.Generate().Encode(compressedOut);

        compressedOut.Close();
        compressedDataGenerator.Close();
        encryptedOut.Close();
        encryptedDataGenerator.Close();
        inputStream.Close();

        if (armor)
            outputStream.Close();
    }

Answer 1

I'm guessing that PgpLiteralDataGenerator.Console is what is causing it to show up only in the console of the client machine.

Stream literalOut = literalDataGenerator.Open(
    compressedOut, 
    PgpLiteralData.Binary,             
    PgpLiteralDataGenerator.Console,
    DateTime.Now, 
    new byte[BUFFER_SIZE]);

Answer 2

This message is shown when the encrypted file doesn't include a name of the original file. If you are not encrypting the file, you can put almost anything to that field (given that it constitutes a file name, valid for the target system).