Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. devel
PGP/GnuPG Wierdness report...
caskey at technocage
Oct 12, 1998, 9:46 PM
Post #1 of 6 (910 views)
Permalink
Hello all,

As you know I've been experimenting with (and documenting) PGP/GnuPG
integration and a short while ago I had a minor setback. I was getting
the errors about my keys not being valid for encryption by PGP.

This was mysterious and so I tried adding a new encryption subkey to my
GnuPG key to no avail. Odder still was the fact that it wouldn't let me
encrypt with *any* of the keys on my ring. All of them gave the same
error. I finally gave up and deleted all of my keys (and keyrings) and
started over. One thing I noted before I quit was that the expiration
date of my new subkey had been set to 10 days by me and reflected as such
inside of gnupg, however inside of pgp it was displayed as much, much
longer (sometime in 1999).

I've since re-generated my GnuPG keys and re-imported them into PGP using
the --no-armor --no-comment trick and have manged to send encrypted
messages back and forth. Now my problem is ascii armoring.

My prior success with sending messages to my friend may have been affected
by the fact that he was using v.5.5 of PGP, not 5.0 as I am. Currently I
am unable to do ascii armored messages that can be successfully decrypted.
PGP is *awful* about error messages. If it doesn't find any input that it
can decrypt it silently dies.

Does anyone else out there successfully communicate with PGP users?

C=)

--------------------------------------------------------------------------
There is hardly a thing in the world that some man can not
make a little worse and sell a little cheaper.
--------------------------------------------------------------------------
Caskey <caskey*technocage.com> /// pager.818.698.2306
TechnoCage Inc. ///| gpg: xxxxD/xxxxxxxx
--------------------------------------------------------------------------
I didn't fight my way to the top of the food chain to be a vegetarian.
Re: PGP/GnuPG Wierdness report... [ In reply to ]
cova at felix
Oct 13, 1998, 12:00 AM
Post #2 of 6 (901 views)
Permalink
On Mon, Oct 12, 1998 at 09:46:05PM -0700, Caskey L. Dickson wrote:
>
> I've since re-generated my GnuPG keys and re-imported them into PGP using
> the --no-armor --no-comment trick and have manged to send encrypted
> messages back and forth. Now my problem is ascii armoring.
>
> My prior success with sending messages to my friend may have been affected
> by the fact that he was using v.5.5 of PGP, not 5.0 as I am. Currently I
> am unable to do ascii armored messages that can be successfully decrypted.
> PGP is *awful* about error messages. If it doesn't find any input that it
> can decrypt it silently dies.
>
> Does anyone else out there successfully communicate with PGP users?

Well, I've imported my pgp 5.0 secret key (I've removed the passphrase) in
gpg 0.4.1 and actually my pgp5 is unable to verify signatures made by gpg.
(both ascii armored or not). I've also tried with symmetric ciphers, to
avoid use of pub/sec keys, and I'm still unable to exchange cyphertexts
between gpg and pgp5.0, no matter which otpions I'm using.
I'm looking for anyone that succeded in gpg/pgp5.0 messages exchange...


--
Fabio Coatti cova@felix.unife.it
2:332/409.414 Fidonet
http://felix.unife.it/~cova Home page
Old SysOps never die... they simply forget their password.
Re: PGP/GnuPG Wierdness report... [ In reply to ]
wk at isil
Oct 13, 1998, 12:00 AM
Post #3 of 6 (907 views)
Permalink
"Caskey L. Dickson" <caskey@technocage.com> writes:

> As you know I've been experimenting with (and documenting) PGP/GnuPG
> integration and a short while ago I had a minor setback. I was getting
> the errors about my keys not being valid for encryption by PGP.

PGP can't handle type 20 keys (ElGamal sign + encrypt) and it is
unlikely that they will change this behaviour. For GNUPG both keys
are the same and there is no technical reason not to accept a type 20
key for encryption. If you use the default selection for key
generation gnupg will generate a type 16 key, but if you add a subkey,
you may accidently choose type 20 (ElGamal sign+encrypt)

> date of my new subkey had been set to 10 days by me and reflected as such
> inside of gnupg, however inside of pgp it was displayed as much, much
> longer (sometime in 1999).

I have to check this.

> My prior success with sending messages to my friend may have been affected
> by the fact that he was using v.5.5 of PGP, not 5.0 as I am. Currently I
> am unable to do ascii armored messages that can be successfully decrypted.
> PGP is *awful* about error messages. If it doesn't find any input that it

Yes really and the Windoze version 5.5 is even more worse.

We have to look at the differences of 5.0 to 5.5 armors

> Does anyone else out there successfully communicate with PGP users?

Yes, I did this to check the DES implementation and it worked - don't
know whether I checked with ascii armors.


Werner
Re: PGP/GnuPG Wierdness report... [ In reply to ]
cova at felix
Oct 13, 1998, 2:59 PM
Post #4 of 6 (907 views)
Permalink
On Mon, Oct 12, 1998 at 09:46:05PM -0700, Caskey L. Dickson wrote:

> Does anyone else out there successfully communicate with PGP users?

Well, I've just tried to follow the hints that I've found in your home page
about gpg-pgp migration.

I've generated my own gpg key, then I've imported my public pgp5.0i key in
gpg (0.4.1) keyring, with a plain gpg --import.
Now gpg --list-keys reports the following:

-----------------------------
pub 1024D/33333333 1998-10-13 Fabio Coatti (Cova) <cova@felix.unife.it>
sig 33333333 1998-10-13 [selfsig]
sub 2048g/22222222 1998-10-13
sig 33333333 1998-10-13 [keybind]
gpg: /usr/lib/gnupg/idea: IDEA ($Revision: 1.7 $)
gpg: /usr/lib/gnupg/rsa: RSA ($Revision: 1.8 $)
pub 1024D/44444444 1997-09-03 Fabio Coatti <cova@felix.unife.it>
sig 44444444 1997-09-03 [selfsig]
sig BBBBBBBB 1997-09-08 [User id not found]
sig CCCCCCCC 1997-11-15 [User id not found]
sub 4096g/99999999 1997-09-03
sig 44444444 1997-09-03 [keybind]


Now I'm unable to do anything with key 4444444, I got the following error
message:

gpg: using secondary key 99999999 instead of primary key 44444444
gpg: LID 35: error building sigs on the fly: g10err=134615971
gpg: key 99999999.35: trust check failed: g10err=134615971
gpg: 0x44444444: error checking key: g10err=134615971
gpg: [stdin]: encryption failed: g10err=134615971

Can someone explain me what I'm doing wrong?
Thanks in advance..

I'm using gpg 0.4.1 compiled under i386 redhat 5.1 (glibc2), and I've both
idea and rsa extensions loaded.



--
Fabio Coatti
2:332/409.414 Fidonet
cova@felix.unife.it Internet
http://felix.unife.it/~cova Home page
Old SysOps never die... they simply forget their password.
Re: PGP/GnuPG Wierdness report... [ In reply to ]
wk at isil
Oct 14, 1998, 1:13 AM
Post #5 of 6 (904 views)
Permalink
Fabio Coatti <cova@felix.unife.it> writes:

> Now I'm unable to do anything with key 4444444, I got the following error
> message:
>
> gpg: using secondary key 99999999 instead of primary key 44444444

Just to tell you that you have given a seconday key. pgp 5.x allows
to do this instead of the primary key - so GnuPG allows this to.

> gpg: LID 35: error building sigs on the fly: g10err=134615971

Uninitalized record code :-(. I rewrote large parts of the trustdb
stuff and with that, I have removed this error message :-)


Werner
Re: PGP/GnuPG Wierdness report... [ In reply to ]
wk at isil
Oct 14, 1998, 3:18 AM
Post #6 of 6 (904 views)
Permalink
Werner Koch <wk@isil.d.shuttle.de> writes:

> Uninitalized record code :-(. I rewrote large parts of the trustdb

s/record/return/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal