Problems with compatibility between GnuPG 1.2.2 and PGPTools 7.0.3

Boix Ricart Marc mricart at montrouge.sema.slb.com
Mon Sep 8 17:51:02 CEST 2003


Hello again,

At 12:37 PM 09/04/03 -0400, you wrote:
>On Thu, Sep 04, 2003 at 06:06:41PM +0200, Boix Ricart Marc wrote:
> > Hello all,
> > First, when:
> >         - I import a RSA legacy pair of keys (generated with PGPTools) 
> in  GnuPG,
> >         - Next I encrypt a message with the public key (of the previous 
> pair) with PGPTools
> >         - And finally I try to decrypt the message with GnuPG
> > I receive the error GPGME_Cipher_IDEA (I'm using GPGMe to develop). Do you
> > know if it's normal?
>
>Yes.  PGP assumes that if you are encrypting to a legacy RSA key (aka
>"v3 RSA"), then it must use IDEA as the cipher.  GnuPG doesn't have
>IDEA by default (see http://www.gnupg.org/why-not-idea.html), so this
>doesn't work.
>
>The answer is not to use legacy RSA keys.  Use regular modern RSA
>keys.

Ok!

> > And now, my big problem!
> >         - I generate a pair of keys (the type isn't important) with GnuPG
> >         - I export the secret key from GnuPG and I import it in PGPTools.
> >         - Next I encrypt a message with its public key with GnuPG.
> >         - And finally I try to decrypt the message with PGPTools
> > The PGPTools not recognize the passphrase of the secret key. Actually,
> > PGPTools has correctly imported the secret key, but it doesn't catch the
> > passphrase, because if I try to sign with the same secret key with
> > PGPTools, it say that the secret key hasn't passphrase.
> > I don't understand why! ;P
>
>GnuPG uses a more secure way to store secret keys, but PGP 7 can't
>handle it (PGP 8 can).  Do this:
>
>gpg --simple-sk-checksum --edit (thekey)
>passwd
>(Change the password.  You can change it back to the same thing if you
>like.)
>save
>
>Now you have a secret key that PGP 7 can handle.
>
>David

I have done this steps and the PGPTools recognize the secret key passphrase 
(now, I can change the passphrase imported from GnuPG to PGTools without 
problems).
But another problem appears! :)
         - I create the key pair with GnuPG
         - I edit the key, with --simple-sk-checksum, and I change the password
         - I export the secret and the public keys from GnuPG
         - I import the pair with the PGPTools
         - I encrypt with the public key with GnuPG
         - I try to decrypt the file with PGPTools and the following error 
appears:
                 An error has occurred: bad packet
         But I can decrypt the same file with GnuPG, it's not a corrupted file.

Do you have any idea referent to this problem. I don't find documentation 
about this.

Thank you very much!
Marc


























>Yes.  PGP assumes that if you are encrypting to a legacy RSA key (aka
>"v3 RSA"), then it must use IDEA as the cipher.  GnuPG doesn't have
>IDEA by default (see http://www.gnupg.org/why-not-idea.html), so this
>doesn't work.
>
>The answer is not to use legacy RSA keys.  Use regular modern RSA
>keys.

> > And now, my big problem!
> >         - I generate a pair of keys (the type isn't important) with GnuPG
> >         - I export the secret key from GnuPG and I import it in PGPTools.
> >         - Next I encrypt a message with its public key with GnuPG.
> >         - And finally I try to decrypt the message with PGPTools
> > The PGPTools not recognize the passphrase of the secret key. Actually,
> > PGPTools has correctly imported the secret key, but it doesn't catch the
> > passphrase, because if I try to sign with the same secret key with
> > PGPTools, it say that the secret key hasn't passphrase.
> > I don't understand why! ;P
>
>GnuPG uses a more secure way to store secret keys, but PGP 7 can't
>handle it (PGP 8 can).  Do this:
>
>gpg --simple-sk-checksum --edit (thekey)
>passwd
>(Change the password.  You can change it back to the same thing if you
>like.)
>save
>
>Now you have a secret key that PGP 7 can handle.
>
>David
>
>_______________________________________________
>Gnupg-devel mailing list
>Gnupg-devel at gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-devel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/attachments/20030908/3a9e0940/attachment.htm


More information about the Gnupg-devel mailing list