[Announce] GnuPG 1.3.93 released

David Shaw dshaw at jabberwocky.com
Wed Dec 15 04:46:36 CET 2004 

On Wed, Dec 15, 2004 at 01:42:07AM +0100, Johan Wevers wrote:
> Werner Koch wrote:
> 
> Builds OK on a libc5 Linux system and passes all tests.
> 
> However, I noticed one strange thing and a bug. When I encrypt a message
> conventionally in pgp2 mode, compression seems to be switched off.
> --list-packets confirms this. However, pgp2 is still able to decrypt the
> message.
> 
> When I try to set compression manually, the commands
> 
> gpg -c --pgp2 --compress-algo=zip file and
> gpg -c --pgp2 --compress-level=1 file
> 
> ignores it and the resulting file is still uncompressed.

It's been a long time since I looked at this, but I seem to recall the
reason is that we use indeterminate length encoding for compressed
packets (we pretty much have to since you can't tell how big something
will be after compression without using temp files).  Since we're
pushing something of indeterminate size into an encrypted data packet,
the encrypted data packet length is necessarily indeterminate as well,
and that chokes PGP 2.x.

The thing is, this isn't something new for 1.4.  Like I said, it's
been a good while since I looked at this, but I think it's been this
way since at least the 1.0.6 days.  Are you sure that you got
compression with --pgp2 before?

> When I try
> 
> gpg -c --pgp2 --compression-algo=zip file
> 
> I get a segfault, which can't be the right.

Definitely not!  Here's a fix:

Index: g10.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/g10.c,v
retrieving revision 1.292
diff -u -r1.292 g10.c
--- g10.c	11 Dec 2004 04:47:33 -0000	1.292
+++ g10.c	15 Dec 2004 01:20:53 -0000
@@ -542,7 +542,7 @@
 
   /* hidden options */
     { aListOwnerTrust, "list-ownertrust", 256, "@"}, /* deprecated */
-    { oCompressAlgo, "compression-algo", 1, "@"}, /* alias */
+    { oCompressAlgo, "compression-algo", 2, "@"}, /* alias */
     { aPrintMDs, "print-mds" , 256, "@"}, /* old */
     { aListTrustDB, "list-trustdb",0 , "@"},
     /* Not yet used */

> Further I noticed the SHA512 and 384 hash are finally read-write by
> default.

Yes, but use at your own risk. ;)  They are not widely supported
outside of GnuPG.

> But what is the Hx format I see mentioned in md.c on line 133?

It's a bit of backwards compatibility.  1.2.x used the Hx format in
"setpref" to set key preferences.  To be compatible with that, 1.4
still allows them.

> And why is MD5 suddenly deprecated?

The latest 2440bis draft (bis-12) deprecates it.

Thanks for the report!

David

More information about the Gnupg-users mailing list