gpg: protection algorithm 254 is not supported

Pilkington, Christopher J. cpilkington@ghi.com
Wed Oct 2 18:34:04 2002 

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C26A31.9FFC9EB0
Content-Type: text/plain;
	charset="iso-8859-1"

No.  This listing is from 1.2.0!  I uninstalled the others. I also tried
this with 1.2.0 under Linux.

I attempted to use the key under PGP 6.5.8 (ugh!) and I didn't get an error,
but it pretended like I had the wrong passphrase.

I also attempted to use the key under Nullify gnupg 1.1.91-nr1, to no avail,
with the same errors and same --list-packets output.

I can't seem to find a single version of the software that can read this
key!  And I was dumb enough to send the public part out to the keyservers
already!

Christopher

-----Original Message-----
From: Werner Koch [mailto:wk@gnupg.org]
Sent: Wednesday, 02 October 2002 09:44
To: Pilkington, Christopher J.
Cc: 'gnupg-users@gnupg.org'; 'David Shaw'
Subject: Re: gpg: protection algorithm 254 is not supported


On Wed, 2 Oct 2002 08:55:26 -0400, Pilkington, Christopher J said:

> Here is the output.  If anything in this compromises my key, I'm guessing
> I'll need to revoke it...

No.

>         simple S2K, algo: 254, simple checksum, hash: 1

You have listed this using gpg < 1.0.7, right?

254 indicates the new SHA1 protection but old versions of GnuPG didn't
know about this and assumed this is the protection algorithm.  OpenPGP
recently changed the meaning of the protection algo 254 which could be
done because algorithm numbers > 127 were not defined.

If you want to export this key so that 1.0.6 can use it, do a 

  gpg --export-secret-key --simple-sk-checksum 0x12345678 >mykey.sec

with gnupg >= 1.0.7

Does it work now?


Shalom-Salam,

   Werner

------_=_NextPart_001_01C26A31.9FFC9EB0
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: gpg: protection algorithm 254 is not supported</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>No.&nbsp; This listing is from 1.2.0!&nbsp; I =
uninstalled the others. I also tried this with 1.2.0 under =
Linux.</FONT>
</P>

<P><FONT SIZE=3D2>I attempted to use the key under PGP 6.5.8 (ugh!) and =
I didn't get an error, but it pretended like I had the wrong =
passphrase.</FONT></P>

<P><FONT SIZE=3D2>I also attempted to use the key under Nullify gnupg =
1.1.91-nr1, to no avail, with the same errors and same --list-packets =
output.</FONT></P>

<P><FONT SIZE=3D2>I can't seem to find a single version of the software =
that can read this key!&nbsp; And I was dumb enough to send the public =
part out to the keyservers already!</FONT></P>

<P><FONT SIZE=3D2>Christopher</FONT>
</P>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Werner Koch [<A =
HREF=3D"mailto:wk@gnupg.org">mailto:wk@gnupg.org</A>]</FONT>
<BR><FONT SIZE=3D2>Sent: Wednesday, 02 October 2002 09:44</FONT>
<BR><FONT SIZE=3D2>To: Pilkington, Christopher J.</FONT>
<BR><FONT SIZE=3D2>Cc: 'gnupg-users@gnupg.org'; 'David Shaw'</FONT>
<BR><FONT SIZE=3D2>Subject: Re: gpg: protection algorithm 254 is not =
supported</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>On Wed, 2 Oct 2002 08:55:26 -0400, Pilkington, =
Christopher J said:</FONT>
</P>

<P><FONT SIZE=3D2>&gt; Here is the output.&nbsp; If anything in this =
compromises my key, I'm guessing</FONT>
<BR><FONT SIZE=3D2>&gt; I'll need to revoke it...</FONT>
</P>

<P><FONT SIZE=3D2>No.</FONT>
</P>

<P><FONT SIZE=3D2>&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
simple S2K, algo: 254, simple checksum, hash: 1</FONT>
</P>

<P><FONT SIZE=3D2>You have listed this using gpg &lt; 1.0.7, =
right?</FONT>
</P>

<P><FONT SIZE=3D2>254 indicates the new SHA1 protection but old =
versions of GnuPG didn't</FONT>
<BR><FONT SIZE=3D2>know about this and assumed this is the protection =
algorithm.&nbsp; OpenPGP</FONT>
<BR><FONT SIZE=3D2>recently changed the meaning of the protection algo =
254 which could be</FONT>
<BR><FONT SIZE=3D2>done because algorithm numbers &gt; 127 were not =
defined.</FONT>
</P>

<P><FONT SIZE=3D2>If you want to export this key so that 1.0.6 can use =
it, do a </FONT>
</P>

<P><FONT SIZE=3D2>&nbsp; gpg --export-secret-key --simple-sk-checksum =
0x12345678 &gt;mykey.sec</FONT>
</P>

<P><FONT SIZE=3D2>with gnupg &gt;=3D 1.0.7</FONT>
</P>

<P><FONT SIZE=3D2>Does it work now?</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>Shalom-Salam,</FONT>
</P>

<P><FONT SIZE=3D2>&nbsp;&nbsp; Werner</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C26A31.9FFC9EB0--