Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. devel
[patch] PGP 2.x compatibility
rguyom at mail
Mar 15, 1999, 8:32 PM
Post #1 of 2 (116 views)
Permalink
Hi all,

With this (a bit large) patch, encrypting to only RSA v3 pubkeys,
signing with RSA v3 seckeys or symmetric encrypting with --rfc1991
selects a slightly different output format which is compatible with
PGP 2.6.3i and PGP 5.0i.

This patch automatically select the right format, cipher algo,
compression algo, hash algo based on the list of pubkeys and seckey
used. You can easily change this by requiring --rfc1991 to be present
before using the PGP 2.x format, but this will produce by default
files which at least PGP 2.6.3i and PGP 5.0i can't grok. This is IMHO
a bad thing, since people who didn't bothered to generate an
DSA/ElGamal key pair are probably still using PGP 2.x, for example to
use the type 1 remailer network (which is still heavly based on PGP
2.x format).

PGP 2.6.3i and PGP 5.0i needs an exact byte count in nearly all
packets (encrypted data packet, compressed packet, litteral data
packet), so GPG needs to use temp files to compute those
lengths.
Additionaly, I've found that PGP 2.6.3i and 5.0i put the signature
packet *before* the litteral data packet in an encrypted and signed
file, and cannot verify the signature if it's after the litteral data
packet like GPG does (in fact PGP 2.6.3i don't see the signature, and
PGP 5.0i think it's a detached signature...). The pach use another=20
temp file to swap those packets.

I also added textmode support in the symmetric encrypting code and in
the store code (this is not related to PGP 2.x compatibility, but it
doesn't hurt :-).

PS: I've done all tests using the Debian PGP 2.6.3i and 5.0i
packages. I didn't had time to test the files produced by PGP 5.5.3i
or 6.0.2i as I don't have a win32 box handy.

--
RĂ©mi <rguyom@mail.dotcom.fr> | Don't waste your computer's time :
PGP-encrypt anything important: | http://www.distributed.net/
www.gnupg.org - KeyID:0x85BD8B1B | http://www.distributed.net/cores/

Attached Files:

Re: [patch] PGP 2.x compatibility [ In reply to ]
wk at isil
Mar 16, 1999, 12:03 PM
Post #2 of 2 (113 views)
Permalink
Remi Guyomarch <rguyom@mail.dotcom.fr> writes:

> With this (a bit large) patch, encrypting to only RSA v3 pubkeys,
> signing with RSA v3 seckeys or symmetric encrypting with --rfc1991
> selects a slightly different output format which is compatible with
> PGP 2.6.3i and PGP 5.0i.

Thanks for all the work you did but I'm sorry to say, that I can't
apply it:

1. For such a long patch the FSF needs a disclaimer - If you can do
so - fine. And I'd really like to see more people with a FSF
"clearance" - I know thta this is sometimes problematic if your
employer wnat sign his part.

2. I don't like the idea of temporary files. It makes the program
more complicated and one goal of GnuPG is to avoid such things.

3. I will (and can't) not add any support for the patented algorithm
IDEA - there is no need for it.

4. Most of the patches are intended for better PGP 2
interoperability. If you need this - use PGP 2 or ask Michael to
add a fallback mechanism to pgpgpg. PGP 2 should be replaced by
more modern programs and therefore I don't think that it is a
good idea to do too much work to help old PGP 2 users.

5. There is a standard called OpenPGP which is defined in RFC 2440
and if PGP >= 5 has problems with this standard it is simply
NAIs duty to fix this. We can't worlk around all the bugs in
PGP5. I'm willing to add what's really needed (ala
--force-v3-sigs) but not everything. It would make the standard
senseless.

> DSA/ElGamal key pair are probably still using PGP 2.x, for example to
> use the type 1 remailer network (which is still heavly based on PGP
> 2.x format).

So they have to stick with PGP 2 or change the remailers.

> PGP 2.6.3i and PGP 5.0i needs an exact byte count in nearly all

This is correct for pgp 2. PGP 5.0 is quite old and has a couple of
bugs. We are not going to work around them.

> packets (encrypted data packet, compressed packet, litteral data
> packet), so GPG needs to use temp files to compute those
> lengths.

It would but rfc2440 allows partial length headers and newer version
of pgp know hoe to handle them.

> Additionaly, I've found that PGP 2.6.3i and 5.0i put the signature
> packet *before* the litteral data packet in an encrypted and signed

Yes. And this is a Bad Thing. GnuPG knows hoe to verify them but
won't create them. A wrapper program can handle this.

> I also added textmode support in the symmetric encrypting code and in
> the store code (this is not related to PGP 2.x compatibility, but it
> doesn't hurt :-).

Okay. I apply this.

I hope you won't give up hacking and testing GnuPG even if I have
rejected your changes.


Werner

--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal