Mailing List Archive

brian moore <bem@cmc.net> writes:

> This seems to make PGP5 happy.

Yes, it worked. I have fixed it and posted 25 keys to the keyserver,
expcept for 4 all are now online.

The expections are keys like Ray's key 0x17BA45CE which is a little
bit scrambled. GnuPG tolerates this because it is a buf :-)

I'll add a little bit code to --edit-key which will fix this.

The problem is this

public key packet
user id A
self-signature
subkey packet
subkey bind signature
a signature for user id A

The last one should be before the subkey packet.


Werner

Werner Koch <wk@isil.d.shuttle.de> writes:

> The expections are keys like Ray's key 0x17BA45CE which is a little
> bit scrambled. GnuPG tolerates this because it is a buf :-)

Hmmm, the sequence of that packets was not the real problem:
The algorithm type 20 used for the subkey is not accepted; please use
--edit-key and delkey, addkey to make a new encryption subkey in case
you have a 20 key and not a 16. This does not invalidate
keysignatures.


Werner

On Sat, Oct 17, 1998 at 01:23:28PM +0200, Werner Koch wrote:
> brian moore <bem@cmc.net> writes:
>
> > This seems to make PGP5 happy.
>
> Yes, it worked. I have fixed it and posted 25 keys to the keyserver,
> expcept for 4 all are now online.

The Internic accpted my keys that have never touched PGP.

This makes life a lot better. :)

[.Now, if only people would stop using RSA keys and always sign their own
keys.]

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

On Sat, Oct 17, 1998 at 01:23:28PM +0200, Werner Koch wrote:
> brian moore <bem@cmc.net> writes:
>
> > This seems to make PGP5 happy.
>
> Yes, it worked. I have fixed it and posted 25 keys to the keyserver,
> expcept for 4 all are now online.

Okay, a bit more playing:


This is from '--list-packets' on a GPG generated signature:

:signature packet: algo 17, keyid 377FCE2488322B51
version 4, created 908675026, md5len 0, sigclass 00
digest algo 1, begin of digest 5d 4a
hashed subpacket 2 of length 5 (signature creation time)
subpacket 16 of length 9 (issuer key ID)
data: [158 bits]
data: [160 bits]
And the signature:
-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.4.1 (GNU/Linux)
Comment: For info finger gcrypt@ftp.guug.de

iEYEABEBAAYFAjYpR9IACgkQN3/OJIgyK1FdSgCeIIPLktTAbKdTdjmgohLsF0Qv
3XIAoK908Xn7DPeElLNrAavetaQVzJHh
=8dM6
-----END PGP SIGNATURE-----

The same from a PGP5 generated sig:

:compressed packet: algo=1
:signature packet: algo 17, keyid DB98F728A52DD52A
version 3, created 908675125, md5len 5, sigclass 00
digest algo 2, begin of digest de ae
data: [159 bits]
data: [160 bits]
:literal data packet:
mode b, created 135153312, name="testc",
raw data: 155 bytes

And the signature itself:

-----BEGIN PGP MESSAGE-----
Version: PGP for Personal Privacy 5.0
MessageID: LqMqq+bFTNw+FLXLOGMVmwEAYl9X29K7

owHrZLBnZmUw0/Rovj3ju8ZS3atagkxNXxkWHKv6z/Zkbc29mT67K1/IPRW56cZd
wLDg/4bJyibpx1nblCda1BqprTlUtt9mzbIk1pLU4pJkDj63BfpaXApa+lxcypl5
yTmlKakKNsUlKZn5ehl2SEIlmbmpIBGu3MTMPI3MvBKFxKL0ZB2F5IzEIi0tILtM
k6uaSwEIQCrjS0CUNRdMQMFWIbEkP1MDpC7aMFYTKpNWUAQ0KU0DaF9qURHQMJBe
DTUgqQlUUsvFBQA=
=dOBw
-----END PGP MESSAGE-----

Is something not getting output that should be? The GPG sig seems awful
short.

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

Duh... figured that out (I hate pgp5, I hate pgp5... just when I though
pgp2's command line was ugly pgp5 made it more confusing..)

The problem is REALLY this:
[thorin:~] 8:33:52pm 153 % gpg --list-packets testc-pgp5.asc
gpg (GNUPG) 0.4.1; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

:signature packet: algo 17, keyid DB98F728A52DD52A
version 3, created 908680015, md5len 5, sigclass 00
digest algo 2, begin of digest 86 29
data: [160 bits]
data: [157 bits]
[thorin:~] 8:33:55pm 154 % gpg --list-packets testc.asc
gpg (GNUPG) 0.4.1; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

:signature packet: algo 17, keyid 377FCE2488322B51
version 4, created 908681632, md5len 0, sigclass 00
digest algo 2, begin of digest 34 14
hashed subpacket 2 of length 5 (signature creation time)
subpacket 16 of length 9 (issuer key ID)
data: [160 bits]
data: [158 bits]

Which is documented in the OpenPGP file:

* PGP 5.x does not accept V4 signatures for anything other than
key material.

(This is a detached signature.... so that's why it's mad.)

* (5.5.2) states that an implementaion MUST NOT create a v3 key
with an algorithm other than RSA. GNUPG has an option to
create an ElGamal key in a v3 packet; the properties of such
a key are as good as a v4 key. RFC1991 does not specifiy how
to create fingerprints for algorithms other than RSA and so it
is okay to choose a special format for ElGamal.

What's that option? I guessed --rfc1991, but that's not it.

* A special format of partial packet length exists for v3 packets
which can be considered to be in compliance with RFC1991; this
format is only created if a special option is active.

Or is it this one.

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

On Sat, Oct 17, 1998 at 08:41:58PM -0700, brian moore wrote:
> What's that option? I guessed --rfc1991, but that's not it.

From looking at the code, it seems no option is for just signing.

But lookie:

[thorin:~] 10:33:47pm 308 % gnupg-0.4.1/g10/gpg -s -a -b --force-v3
testc
gpg (GNUPG) 0.4.1; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: Warning: using insecure memory!

You need a passphrase to unlock the secret key for
user: "brian moore <bem@cmc.net>"
(1024-bit DSA key, ID 88322B51, created 1998-10-17)

File 'testc.asc' exists. Overwrite (y/N)? y
[thorin:~] 10:33:57pm 309 % gpg --list-packets testc.asc
gpg (GNUPG) 0.4.1; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

:signature packet: algo 17, keyid 377FCE2488322B51
version 3, created 908688837, md5len 5, sigclass 00
digest algo 2, begin of digest 32 3c
data: [158 bits]
data: [160 bits]
[thorin:~] 10:34:03pm 310 % pgpv testc.asc
This signature applies to another message
File to check signature against [testc]:
Good signature made 1998-10-18 05:33 GMT by key:
1024 bits, Key ID 88322B51, Created 1998-10-17
"brian moore <bem@cmc.net>"
"brian moore <bem@thorin.cmc.net>"
"brian moore <bem@news.cmc.net>"

The code is rather silly: it's basically the option stuff in g10.c to
allow the 'force-v3' flag, and two changes to sign.c: one in
only_old_style to always return 1 if opt.forcev3 is set, and one in
sign_file if'ing the 'sig->version = sk->version;' at 370 and setting
sig->version to 3 if opt.forcev3 is set.

This is a bit more than my one line change last night, but it's WAY cool
that pgp5 now verifies signatures properly. I'll clean it my /* XXX */
stuff that I used to flag my changes and send a patch along in a bit.

This should mean that you can send signed-with-gpg files to PGP5 users
and have them not flinch (or segfault, which is what it did for me).

(And, yeah, I know it's not OpenPGP compliant, hence why it probably
should be a --force-misbehavior, but it should be very useful in the
real world. :))

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

And the patch for the --force-v3 option that makes PGP5 happy with
GPG signatures.

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

On Sat, Oct 17, 1998 at 11:04:55PM -0700, brian moore wrote:
> And the patch for the --force-v3 option that makes PGP5 happy with
> GPG signatures.
>

And a similar patch to clearsign_file, but I'll leave that as an
excercise. :)

--
Brian Moore | "The Zen nature of a spammer resembles
Sysadmin, C/Perl Hacker | a cockroach, except that the cockroach
Usenet Vandal | is higher up on the evolutionary chain."
Netscum, Bane of Elves. Peter Olson, Delphi Postmaster

brian moore <bem@cmc.net> writes:

> allow the 'force-v3' flag, and two changes to sign.c: one in

I will use --force-v3-sigs .

> (And, yeah, I know it's not OpenPGP compliant, hence why it probably
> should be a --force-misbehavior, but it should be very useful in the
> real world. :))

I'm not sure:

Implementations MUST accept V3 signatures. Implementations SHOULD
generate V4 signatures. Implementations MAY generate a V3 signature
that can be verified by PGP 2.6.x.

somewhat vague.