bug?: gpg 1.0 symmetric crypto 3DES problems with PGP
5.0/6.5.1
Richard Johnson
rdump at river.com
Tue Sep 28 15:25:01 CEST 1999
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 21:16 -0600 on 9/27/99, Werner Koch wrote:
> Richard Johnson <rdump at river.com> writes:
>
> > As expected, gpg can decrypt the conventionally encrypted files PGP 6.5.1
> > produces. (We avoid IDEA, of course.)
>
> Can you please run the decryption process with option "-vv" and mail the
> result, so that we can see how the packets are constructed. Please
> for both versioan: encrypted using PGP and using GPG.
>
>
> --
> Werner Koch at guug.de www.gnupg.org keyid 621CC013
OK, here you go. First a test of 3DES created by gpg on OpenBSD 2.5 x86,
then PGP 6.5.1 freeware on Windows 95, and PGP 6.5.1 on MacOS PPC. Those are
followed by tests of CAST5 on the same platforms.
It turns out that the 3DES-encrypted file created by PGP is not decryptable
by gpg (I hadn't tried that combination before). Turn-about is fair play?
:-)
On the files created by gpg, gpg reports "raw data: 0 bytes" when decrypting.
This is in contrast to it reporting a more sensible "raw data: 1080 bytes" on
files created by PGP. Since this occurs with both CAST5 and 3DES, it's
probably a separate (and more minor) problem than the 3DES passphrase
incompatibility.
Richard
- -------
3DES created by gpg 1.0 (bogus passphrase error from PGP 5.0/6.5.1)
| % gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: GnuPG v1.0.0 (OpenBSD)
| gpg: armor header: Comment: For info see http://www.gnupg.org
| :symkey enc packet: version 4, cipher 2, s2k 3, hash 3
| salt 0df0838783541e23, count 96
|
| gpg: loaded digest 3
| :encrypted data packet:
| length: unknown
| gpg: 3DES encrypted data
| :compressed packet: algo=1
| :literal data packet:
| mode t, created 938494143, name="foo",
| raw data: 0 bytes <-- ?
| gpg: original file name='foo'
| gpg: loaded digest 2
| gpg: loaded digest 1
| gpg: decryption okay
| % wc -c foo
| 1051 foo
| %
3DES created by PGP 6.5.1 on Windows 95 (bad key error from gpg 1.0)
| gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: PGPfreeware 6.5.1 for non-commercial use
| <http://www.pgp.com>
| :marker packet:
| 50 47 50
| :symkey enc packet: version 4, cipher 2, s2k 3, hash 2
| salt eb3e56b87202f2a4, count 96
|
| gpg: loaded digest 2
| :encrypted data packet:
| length: 606
| gpg: 3DES encrypted data
| gpg: decryption failed: bad key
| %
3DES created by PGP 6.5.1 on MacOS (bad key error from gpg 1.0)
| % gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: PGP Personal Privacy 6.5.1
| gpg: armor header: Comment:
| www.europarl.eu.int/dg4/stoa/en/publi/166499/execsum.htm
| :marker packet:
| 50 47 50
| :symkey enc packet: version 4, cipher 2, s2k 3, hash 2
| salt 95ba002f5cbea067, count 96
|
| gpg: loaded digest 2
| :encrypted data packet:
| length: 620
| gpg: 3DES encrypted data
| gpg: decryption failed: bad key
| %
CAST5 created by gpg 1.0 (decryptable by PGP 5.0/6.5.1)
| % gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: GnuPG v1.0.0 (OpenBSD)
| gpg: armor header: Comment: For info see http://www.gnupg.org
| :symkey enc packet: version 4, cipher 3, s2k 3, hash 3
| salt 2f1025417f503548, count 96
|
| gpg: loaded digest 3
| :encrypted data packet:
| length: unknown
| gpg: CAST5 encrypted data
| :compressed packet: algo=1
| :literal data packet:
| mode t, created 938494020, name="foo",
| raw data: 0 bytes <-- ?
| gpg: original file name='foo'
| gpg: loaded digest 2
| gpg: loaded digest 1
| gpg: decryption okay
| % wc -c foo
| 1051 foo
| %
CAST5 created by PGP 6.5.1 on Windows 95 (decryptable by gpg 1.0)
| % gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: PGPfreeware 6.5.1 for non-commercial use
| <http://www.pgp.com>
| :marker packet:
| 50 47 50
| :symkey enc packet: version 4, cipher 3, s2k 3, hash 2
| salt b6de05bd80a999b6, count 96
|
| gpg: loaded digest 2
| :encrypted data packet:
| length: 606
| gpg: CAST5 encrypted data
| :compressed packet: algo=1
| :literal data packet:
| mode b, created 4177526784, name="foo",
| raw data: 1051 bytes
| gpg: original file name='foo'
| gpg: loaded digest 3
| gpg: loaded digest 1
| gpg: decryption okay
| % wc -c foo
| 1051 foo
| %
CAST5 created by PGP 6.5.1 on MacOS (decryptable by gpg 1.0)
| % gpg -vv foo.asc
| gpg: Warning: using insecure memory!
| gpg: armor: BEGIN PGP MESSAGE
| gpg: armor header: Version: PGP Personal Privacy 6.5.1
| gpg: armor header: Comment:
| www.europarl.eu.int/dg4/stoa/en/publi/166499/execsum.htm
| :marker packet:
| 50 47 50
| :symkey enc packet: version 4, cipher 3, s2k 3, hash 2
| salt d4c7805e91bb1b40, count 96
|
| gpg: loaded digest 2
| :encrypted data packet:
| length: 620
| gpg: CAST5 encrypted data
| :compressed packet: algo=1
| :literal data packet:
| mode t, created 1392508928, name="foo",
| raw data: 1080 bytes
| gpg: original file name='foo'
| gpg: loaded digest 3
| gpg: loaded digest 1
| gpg: decryption okay
| % wc -c foo
| 1051 foo
| %
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: www.europarl.eu.int/dg4/stoa/en/publi/166499/execsum.htm
iQA/AwUBN/Ej+mKSuJuuNAZUEQL10QCgsFQkFC5ZORN5TT74cPfsSDrm4J8AoMTw
Nx8/8u2A7f2aZG5sJGRgK84o
=uDef
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list