GnuPG is broken when used as filter :-((
Khimenko Victor
khim at sch57.msk.ru
Sat Aug 14 22:14:46 CEST 1999
Below is transcript of session where you can see problem: even if
redhat-release-6.0-1.noarch.rpm is signed and encrypted after decrypting
there are no information about sign and decrypted file is bigger then
encrypted -- few tens of bytes attached in the end :-/ Looks like it's "lost"
signature but it's clearly unappropriate result...
Linux kernel 2.2.10ac10, GLibC 2.1.1, zLib 1.1.3 ...
-- cut --
$ gpg --gen-key
gpg (GnuPG) 0.9.10; Copyright (C) 1999 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
gpg: /home/khim/.gnupg: directory created
gpg: /home/khim/.gnupg/options: new options file created
gpg: /home/khim/.gnupg/secring.gpg: keyring created
gpg: /home/khim/.gnupg/pubring.gpg: keyring created
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) ElGamal (sign and encrypt)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
minimum keysize is 768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
What keysize do you want? (1024) 1024
Requested keysize is 1024 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct (y/n)? y
You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh at duesseldorf.de>"
Real name: testname
Email address:
Comment:
You selected this USER-ID:
"testname"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++++++++++++++++++++++++++++++++++++++++++..+++++.+++++.++++++++++..++++++++++.+++++++++++++++.++++++++++..++++++++++++++++++++.+++++.++++++++++.....>...+++++.........+++++
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 10 more bytes)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++.+++++.+++++++++++++++++++++++++.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.+++++++++++++++++++++++++...........+++++^^^^
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 75 more bytes)
public and secret key created and signed.
$ wget ftp://ftp.redhat.com/pub/redhat/redhat-6.0/i386/RedHat/RPMS/redhat-release-6.0-1.noarch.rpm
--19:23:03-- ftp://ftp.redhat.com:21/pub/redhat/redhat-6.0/i386/RedHat/RPMS/redhat-release-6.0-1.noarch.rpm
=> `redhat-release-6.0-1.noarch.rpm'
Connecting to ftp.redhat.com:21... connected!
Logging in as anonymous ... Logged in!
==> TYPE I ... done. ==> CWD pub/redhat/redhat-6.0/i386/RedHat/RPMS ... done.
==> PORT ... done. ==> RETR redhat-release-6.0-1.noarch.rpm ... done.
Length: 1,190 (unauthoritative)
0K -> . [100%]
19:23:38 (561.32 B/s) - `redhat-release-6.0-1.noarch.rpm' saved [1190]
$ gpg --sign --encrypt < redhat-release-6.0-1.noarch.rpm > test.gpg
You need a passphrase to unlock the secret key for
user: "testname"
1024-bit DSA key, ID 21E9DA03, created 1999-08-14
You did not specify a user ID. (you may use "-r")
Enter the user ID: testname
gpg: /home/khim/.gnupg/trustdb.gpg: trustdb created
$ gpg < test.gpg > test.rpm
You need a passphrase to unlock the secret key for
user: "testname"
1024-bit ELG-E key, ID ED84F995, created 1999-08-14 (main key ID 21E9DA03)
$ ls -al *.rpm
-rw-rw-r-- 1 khim khim 1190 Aug 14 19:23 redhat-release-6.0-1.noarch.rpm
-rw-rw-r-- 1 khim khim 1255 Aug 14 19:26 test.rpm
-- cut --
More information about the Gnupg-devel
mailing list