rsa 1024 bit?

Thu, 31 Aug 2000 10:26:46 +0200

On Wed, 30 Aug 2000, L. Sassaman wrote:

> BTW, currently there *is* a bug in the GnuPG regarding RSA. It is not

> possible to encrypt and sign a message if you are using an RSA v3

> key. (Well, you can do the encrypt/sign operation, but it creates a

> literal packet where it shouldn't, and consequently PGP can't decrypt it,

> because it treats the signature as a detached sig.)

You are talking about the fact, that GnuPG is not able to create
signature packet in the way PGP 2 did it:

   signature . signed-data

GnuPG can only do it the v4 way:

   [one-pass-sig . ] signed-data . signature

Another thing is that it has to use partial length encoding at some
places.  There is no way to avoid this without using temporary files or
large amounts of memory.  The suggested solution is to enhance the pgpgpg
wrapper to post-process the data.  There is already one option to help
for that implemented, I have the counterpart of this option already on
file but I am still waiting for some legal papers :-(

  Werner

> -----BEGIN PGP SIGNATURE-----

> Comment: OpenPGP Encrypted Email Preferred.

> 

> iD8DBQE5rXUWPYrxsgmsCmoRAhpQAJ9hqbu8jHgUjxR6XCYorCYTK6SumQCeMvTY

> 0ljnjmAcUpW26BQt2BUB9lI=

> =2Sh0

> -----END PGP SIGNATURE-----

> 

> -- 

> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail

> with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org

> 

> 

-- 
Werner Koch				GnuPG key:  621CC013
OpenIT GmbH                             http://www.OpenIT.de

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org