# [Solved] Gpg can’t decrypt: invalid cipher mode

## cr0wbar

Can’t use 

```
pass
```

 in gentoo for some passwords. Decryption fails only since I have started using a new key, new passwords fail to decrypt with a 

```
invalid cipher mode
```

 error, old password reencrypted using the new key work just fine. Passwords were reencyrpted on a macOS box using gpg 2.3.2, using the the latest version available in gentoo.

```

gpg (GnuPG/MacGPG2) 2.2.27

libgcrypt 1.8.7

Copyright (C) 2021 Free Software Foundation, Inc.

License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Home: /Users/user/.gnupg

Supported algorithms:

Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA

Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

        CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

Compression: Uncompressed, ZIP, ZLIB, BZIP2

```

Any ideas on why that might be happening and how to fix it?Last edited by cr0wbar on Thu Oct 28, 2021 10:43 pm; edited 1 time in total

----------

## mike155

Hi cr0wbar,

welcome to the Gentoo forums!

I completely fail to understand your post. A command "pass" doesn't exist on my Gentoo machine. And why do you want to encrypt passwords? Please tell us what you want to achieve and show us the commands you use. Please post the output of "emerge --info app-crypt/gnupg".

Mike

----------

## Hu

This might be from app-admin/pass, which, as I understand it, is a wrapper around using gnupg to maintain encrypted text files, where the decrypted contents are your usernames+passwords for various services.  mike155's requests look like a good start to me.

----------

## mike155

@Hu: thanks, now it starts to make sense  :Smile: 

The homepage explains how it works:

 *Quote:*   

> Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.

 

----------

## mike155

Do I understand correctly that "pass show" works for some passwords and that it does not work for some other passwords?

Please chdir to your password store directory and analyze the encrypted password files with 'file':

```
# cd ~/.password-store

# file ./Amazon/amazonemail@email.com.gpg

./Amazon/amazonemail@email.com.gpg: PGP RSA encrypted session key - keyid: FC2C3F85 4F5692B7 RSA (Encrypt or Sign) 4096b .
```

Is there a difference in the encryption format (in the example above: 'PGP RSA encrypted session key 4096b') between the key files that work and those that don't work?

You wrote that the issue started when you created a new key? Please run

```
gpg --list-public-keys
```

The command will show your keys and also their algorithms ('rsa4096' for example). Is there a difference in the algorithm between your old key and your new key?

----------

## cr0wbar

Apologies, I should have provided more context.

Yeah pass is a gpg wrapper for storing passwords in separate files encrypted with gpg. The idea is that the files where the passwords are stored are hosted on a private repo to keep them synced across different places, and are stored safely because they are encrypted with gpg. It is possible to decrypt and reencrypt all the files where the password are stored with a single command "pass init <new_key_id>", which will decrypt all the files, and reencrypt their content with the new key.

I have a mac, with gnupg 2.3.2 and libgcrypt 1.9.4, where I have reincrypted the passwords, going from a rsa2048 key to a rsa4096 key.

I can decrypt the keys just fine on the mac.

However, on gentoo with gnupg 2.2.32 and libgcrypt 1.8.8 I can decrypt files that were originally encrypted with the rsa2048 key and reencrypted with the new rsa4096 one, but cannot decrypt new files encrypted only with the new rsa4096  key, which is odd. This is the error i get

```

gpg: encrypted with 4096-bit RSA key, ID <ID>, created <date>

      "KEY DESC <MAILADDRESS>"

gpg: decryption failed: Invalid cipher mode

```

I have manually downloaded and installed libgcrypt 1.9.4 and installed in /opt, and ran  *Quote:*   

> LD_LIBRARY_PATH=/opt/lib

 

gpg now has picked up the new version of libgcrypt, which has been confirmed by gpg --version 's output

```

gpg (GnuPG) 2.2.32

libgcrypt 1.9.4

Copyright (C) 2021 Free Software Foundation, Inc.

License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Home: /home/gdc/.gnupg

Supported algorithms:

Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA

Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

        CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

Compression: Uncompressed, ZIP, ZLIB, BZIP2

```

and now gpg --decrypt works just fine, which is nice, but probably indicates something is wrong with libgcrypt.

----------

## cr0wbar

solved by adding

```

dev-libs/libgcrypt ~amd64

```

to 

```

/etc/portage/package.accept_keywords

```

Not great to have a testing version but it worked just fine   :Very Happy: 

----------

## Hu

The newer version of libgcrypt probably offers, and your Mac used, a cipher that does not work in the v1.8.x line.

You could change your accept_keywords entry to be version-locked, so that it enables you to use the testing version that works, but does not bring you ever newer testing versions.

```
~dev-libs/libgcrypt-1.9.4
```

See man 5 ebuild for the full syntax for atoms you can use here.  Eventually, 1.9.4 will become stable and you can remove the entry.  With the change I propose, Portage will not offer you 1.9.5 and later until those also become stable.

----------

## mike155

 *cr0wbar wrote:*   

> Not great to have a testing version but it worked just fine  

 

It's quite common to have _a few_ packages in package.accept_keywords.  :Smile: 

Follow the advice of Hu. You can remove libgcrypt from package.accept_keywords as soon as libgcrypt 1.9.4 will be stabilized.

----------

## cr0wbar

That’s great advice, I am still learning about gentoo and that really helps. Thank you guys!

----------

