Problems with compatibility between GnuPG 1.2.2 and PGPTools 7.0.3
Boix Ricart Marc
mricart at montrouge.sema.slb.com
Mon Sep 8 17:51:02 CEST 2003
Hello again,
At 12:37 PM 09/04/03 -0400, you wrote:
>On Thu, Sep 04, 2003 at 06:06:41PM +0200, Boix Ricart Marc wrote:
> > Hello all,
> > First, when:
> > - I import a RSA legacy pair of keys (generated with PGPTools)
> in GnuPG,
> > - Next I encrypt a message with the public key (of the previous
> pair) with PGPTools
> > - And finally I try to decrypt the message with GnuPG
> > I receive the error GPGME_Cipher_IDEA (I'm using GPGMe to develop). Do you
> > know if it's normal?
>
>Yes. PGP assumes that if you are encrypting to a legacy RSA key (aka
>"v3 RSA"), then it must use IDEA as the cipher. GnuPG doesn't have
>IDEA by default (see http://www.gnupg.org/why-not-idea.html), so this
>doesn't work.
>
>The answer is not to use legacy RSA keys. Use regular modern RSA
>keys.
Ok!
> > And now, my big problem!
> > - I generate a pair of keys (the type isn't important) with GnuPG
> > - I export the secret key from GnuPG and I import it in PGPTools.
> > - Next I encrypt a message with its public key with GnuPG.
> > - And finally I try to decrypt the message with PGPTools
> > The PGPTools not recognize the passphrase of the secret key. Actually,
> > PGPTools has correctly imported the secret key, but it doesn't catch the
> > passphrase, because if I try to sign with the same secret key with
> > PGPTools, it say that the secret key hasn't passphrase.
> > I don't understand why! ;P
>
>GnuPG uses a more secure way to store secret keys, but PGP 7 can't
>handle it (PGP 8 can). Do this:
>
>gpg --simple-sk-checksum --edit (thekey)
>passwd
>(Change the password. You can change it back to the same thing if you
>like.)
>save
>
>Now you have a secret key that PGP 7 can handle.
>
>David
I have done this steps and the PGPTools recognize the secret key passphrase
(now, I can change the passphrase imported from GnuPG to PGTools without
problems).
But another problem appears! :)
- I create the key pair with GnuPG
- I edit the key, with --simple-sk-checksum, and I change the password
- I export the secret and the public keys from GnuPG
- I import the pair with the PGPTools
- I encrypt with the public key with GnuPG
- I try to decrypt the file with PGPTools and the following error
appears:
An error has occurred: bad packet
But I can decrypt the same file with GnuPG, it's not a corrupted file.
Do you have any idea referent to this problem. I don't find documentation
about this.
Thank you very much!
Marc
>Yes. PGP assumes that if you are encrypting to a legacy RSA key (aka
>"v3 RSA"), then it must use IDEA as the cipher. GnuPG doesn't have
>IDEA by default (see http://www.gnupg.org/why-not-idea.html), so this
>doesn't work.
>
>The answer is not to use legacy RSA keys. Use regular modern RSA
>keys.
> > And now, my big problem!
> > - I generate a pair of keys (the type isn't important) with GnuPG
> > - I export the secret key from GnuPG and I import it in PGPTools.
> > - Next I encrypt a message with its public key with GnuPG.
> > - And finally I try to decrypt the message with PGPTools
> > The PGPTools not recognize the passphrase of the secret key. Actually,
> > PGPTools has correctly imported the secret key, but it doesn't catch the
> > passphrase, because if I try to sign with the same secret key with
> > PGPTools, it say that the secret key hasn't passphrase.
> > I don't understand why! ;P
>
>GnuPG uses a more secure way to store secret keys, but PGP 7 can't
>handle it (PGP 8 can). Do this:
>
>gpg --simple-sk-checksum --edit (thekey)
>passwd
>(Change the password. You can change it back to the same thing if you
>like.)
>save
>
>Now you have a secret key that PGP 7 can handle.
>
>David
>
>_______________________________________________
>Gnupg-devel mailing list
>Gnupg-devel at gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/attachments/20030908/3a9e0940/attachment.htm
More information about the Gnupg-devel
mailing list