Mailing List Archive

0.3 is available
Hi,

Go and download gnupg-0.3.0.tar.gz from ftp.guug.de:/pub/gcrypt or
get the diff file gnupg-0.3.0.diff.gz from /pub/gcrypt/diffs.
You might also be interested in "ftp> ls old/*.c" :-).

I might have introduced some bugs due to major code changes but it
works fine on x86 and alpha Linux.

I added some assembler stuff for mips3 - but this is not tested.

I hope my DSA key generation is okay - someone with a good
understanding of this should have a close look at it (I can explain
the code on request).


Here are the NEWS:

* New option --emulate-checksum-bug. If your passphrase does not
work anymore, use this option and --change-passphrase to rewrite
your passphrase. Sorry, it was a bad bug I introduced while
switching to real bitlength counting: An encrypted MPI can
have some bits more or less as the encryption is done at full
bytes and so I got the wrong bit count and in turn the checksum
got calculated wrong.

* More complete v4 key support: Preferences and expiration time
is set into the self signature.

* Key generation defaults to DSA/ElGamal keys, so that new keys
are interoperable with pgp5

* DSA key generation is faster and key generation does not anymore
remove entropy from the random generator (the primes are public
parameters, so there is really no need for a cryptographic
secure prime number generator which we had used).

* A complete new structure for representing the key parameters.

* Removed most public key knowledge into the cipher libray.

* Support for dynamic loading of new algorithms.

* Moved tiger to an extension module.


I have done some tests with pgp 2.6.3ia and it failed on checking the
tar.gz.sig file which I created with gnupg. It complains about a
"Bad length in signature certificate (off by -1)" [with some debugging
code]; when I ignore this check, it verifies the signature okay.
PGP 5 seems not to have this problem.


Werner