Mailing List Archive

On Fri, 25 Aug 2000, Mr Griffon wrote:

> I'm having a problem with inter-operating PGP 6.5.3 and GNUPG on Windows. I
> got to export my public and private keys from GNUPG to PGP without problems
> - and I can use it to encrypt/decrypt with PGP, but everytime I try decrypt
> with PGP a message encrypted with GNUPG I get a "bad packet" error. Did
> anyone got this problem and found a solution ?

PGP does not understand the Blowfish cipher algorithm but die to the
fact that you created the key with GnuPG, this key indicates GnuPG that
your decryption software understands Blowfish.

Blowfish used to be in the first PGP 5 version which I used for
interoperabilty testing - later versions of PGP removed Blowfish.
However Blowfish is a legal OpenPGP algorithm. Due to these problems
I am going to change the preferences to use CAST5 in favor of Blowfish.

Neither GnuPG nor PGP has currently a simple way to chnage the
preferences. With GnuPG is is possible but you need to know a little
bit aboput programming: Edit the file g10/keygen.c, function
keygen_add_std_prefs() and change the sequence of algorithms given there
to have CAST5 come before Blowfish:

Original:
buf[0] = CIPHER_ALGO_TWOFISH;
buf[1] = CIPHER_ALGO_BLOWFISH;
buf[2] = CIPHER_ALGO_CAST5;
After your modification:
buf[0] = CIPHER_ALGO_CAST5;
buf[1] = CIPHER_ALGO_TWOFISH;
buf[2] = CIPHER_ALGO_BLOWFISH;

then use gpg's edit menu and for example use "expire" to recreate your
self-signature. In General it is not a good idea to chnage
implementaions after creating the key; the preferences mechanism
assumes that you use the same implementations. Negotiating parameters
in am email system is not rwally possible and preferences are the only
thing we can do.

In future we are going to use Twofish and I have checked with the PGP
creators, that we can interoperate.

There is also a GnuPG version for Windows available.


Werner




--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

Well my goal was not so much to use PGP but to provide a GUI to decode GnuPG
messages under Windows. So far GPA is Unix only, and GnuPG for Windows is
command-line only. I did a little app with Delphi to help my users, but they
still have to type their password under a command line every time they need
to decode something, which is not good when you do that 100 times a day :(

I know GnuPG has a way to automate decoding with the option passphrase-fd
but that seems to be only for Unix. So far I quite don't see how to automate
under Windows (but if someone knows, I'd be cool because making a win32 GUI
for GnuPG would be really easy and quick with Delphi !)


>PGP does not understand the Blowfish cipher algorithm but die to the
>fact that you created the key with GnuPG, this key indicates GnuPG that
>your decryption software understands Blowfish.
>
>Blowfish used to be in the first PGP 5 version which I used for
>interoperabilty testing - later versions of PGP removed Blowfish.
>However Blowfish is a legal OpenPGP algorithm. Due to these problems
>I am going to change the preferences to use CAST5 in favor of Blowfish.
>
>Neither GnuPG nor PGP has currently a simple way to chnage the
>preferences. With GnuPG is is possible but you need to know a little
>bit aboput programming: Edit the file g10/keygen.c, function
>keygen_add_std_prefs() and change the sequence of algorithms given there
>to have CAST5 come before Blowfish:
>
> Original:
> buf[0] = CIPHER_ALGO_TWOFISH;
> buf[1] = CIPHER_ALGO_BLOWFISH;
> buf[2] = CIPHER_ALGO_CAST5;
> After your modification:
> buf[0] = CIPHER_ALGO_CAST5;
> buf[1] = CIPHER_ALGO_TWOFISH;
> buf[2] = CIPHER_ALGO_BLOWFISH;
>
>then use gpg's edit menu and for example use "expire" to recreate your
>self-signature. In General it is not a good idea to chnage
>implementaions after creating the key; the preferences mechanism
>assumes that you use the same implementations. Negotiating parameters
>in am email system is not rwally possible and preferences are the only
>thing we can do.
>
>In future we are going to use Twofish and I have checked with the PGP
>creators, that we can interoperate.
>
>There is also a GnuPG version for Windows available.
>
>
> Werner
>
>
>
>
>--
>Werner Koch GnuPG key: 621CC013
>OpenIT GmbH http://www.OpenIT.de
>
>--
>Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
>with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

If you already have code for it (delphi front-end) i could help out. i have delphi experience mostly database stuff and winapi.
because i feel the need in our lab initially for running silent/encrypted maybe eventually to be used by instructors at our college.

i have been almost always at the recieving end of gpl using samba/lprng/gpg/openssh maybe its time to give
something back to the community. sorry for the speech, i really wanna help out.

btw. have u seen the gnome frontend for pgp, maybe we could use it as a user-interface template or something.
again good day to you people.

*********** REPLY SEPARATOR ***********

On 8/28/00 at 9:57 AM Mr Griffon wrote:

>Well my goal was not so much to use PGP but to provide a GUI to decode GnuPG
>messages under Windows. So far GPA is Unix only, and GnuPG for Windows is
>command-line only. I did a little app with Delphi to help my users, but they
>still have to type their password under a command line every time they need
>to decode something, which is not good when you do that 100 times a day :(
>
>I know GnuPG has a way to automate decoding with the option passphrase-fd
>but that seems to be only for Unix. So far I quite don't see how to automate
>under Windows (but if someone knows, I'd be cool because making a win32 GUI
>for GnuPG would be really easy and quick with Delphi !)

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

Well in fact I had already started designing a neat Windows frontend for
gnupg, with all the bells'n whitles (Win98 style toolbars, etc...). Then I
found out that the current version of GnuPG for Windows has absolutely NO
way of getting the secret key password from another program. This means
that, no matter what, when decrypting something, the front-end had to let
GnuPG open a shell window and have the user type in his password there...
since I don't know much C, I can't do anything else than wait that this is
fixed. The gnome front-end is possible because the password passing feature
exists and works on the Unix version of GnuPG. I quite don't understand why
there's no "secret-password-is" option for GnuPG that lets someone pass the
password directly, it is not less secure than having someone type it
interactively.

>If you already have code for it (delphi front-end) i could help out. i have
>delphi experience mostly database stuff and winapi.
>because i feel the need in our lab initially for running silent/encrypted
>maybe eventually to be used by instructors at our college.
>
>i have been almost always at the recieving end of gpl using
>samba/lprng/gpg/openssh maybe its time to give
>something back to the community. sorry for the speech, i really wanna help
>out.
>
>btw. have u seen the gnome frontend for pgp, maybe we could use it as a
>user-interface template or something.
>again good day to you people.
>
>*********** REPLY SEPARATOR ***********
>
>On 8/28/00 at 9:57 AM Mr Griffon wrote:
>
> >Well my goal was not so much to use PGP but to provide a GUI to decode
>GnuPG
> >messages under Windows. So far GPA is Unix only, and GnuPG for Windows is
> >command-line only. I did a little app with Delphi to help my users, but
>they
> >still have to type their password under a command line every time they
>need
> >to decode something, which is not good when you do that 100 times a day
>:(
> >
> >I know GnuPG has a way to automate decoding with the option passphrase-fd
> >but that seems to be only for Unix. So far I quite don't see how to
>automate
> >under Windows (but if someone knows, I'd be cool because making a win32
>GUI
> >for GnuPG would be really easy and quick with Delphi !)
>
>--
>Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
>with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org