gdb pgp

Pete Chown
Fri, 26 May 2000 10:12:10 +0100

Well, I've just managed to get pgp interworking with gnupg the way I
want after a painful day that ended up with me running gdb on pgp
(6.5.1).  As a few people here have had similar problems I thought I
would write it up -- it should provide another data point.

First of all, I created a secret key with gnupg.  I then exported the
secret key -- it will be shared by several people and some use pgp.

Now I tried to import the secret key into pgp.  It didn't work.  It
would import the secret half but not create an entry on the public
keyring.  Eventually I discovered that if I imported the secret key

pgp -ka filename.asc

and then the public key with:

pgp filename2.asc

it would create an entry on both keyrings.  Interestingly giving pgp
the -ka argument in the second command would result in a funny error

Unfortunately now pgp would ask for a passphrase and would not accept
anything that I typed in.  The original key had been created without a
passphrase.  This was the point where I built pgp from source and then
ran gdb on it.  It turned out that the secret key hadn't imported
correctly and this error condition is not handled right -- it looks
like a definite pgp bug.

I then messed around for a while trying different things.  Eventually
I discovered that if I export the key from gpg with the --rfc1991
option, pgp imports it correctly, creating entries on both keyrings.
Why, I don't know.  The whole thing makes pgp look like a thoroughly
unreliable piece of software.

Now I discovered that when signing with gpg I had to give the
--force-v3-sigs option; of course this is a FAQ but I still managed to
waste a lot of time on it.

Encryption still didn't work though.  I would encrypt with gnupg; pgp
would accept the message but would not write any output.  If I
encrypted a message using the same key under pgp, pgp (and gnupg)
would decrypt it quite happily.  It turned out that because the key
had started off on gnupg, it contained cipher and compression
preferences that don't work on pgp.  Again, pgp didn't display an
error when it encountered a cipher that it didn't understand; instead
it just ignored that packet.  I regard this as a bug as well.

Eventually, after dumping the packets of the pgp and gnupg produced
messages, I came up with the following command:

gpg -es --armor --compress-algo 1 --cipher-algo cast5 --force-v3-sigs filename

At last I could decrypt and verify with pgp!  It would be nice to be
able to modify the preferences on the key, though -- does anyone know
if that is possible?

Anyway, I hope this helps someone...

(As an aside, some list members will have read about the security hole
recently discovered in pgp 5's random number generator.  The version
of pgp I was using is now at nearly half a million lines of code, and
is about five times the size of gnupg.  Now, I found a good handful of
bugs, although none with security implications.  But I do wonder how
anyone is going to do a meaningful security audit of a program that