followup v3 rsa key
vedaal@lok.com
vedaal@lok.com
Wed Sep 18 00:19:02 2002
> Message: 4 Date: Tue, 17 Sep 2002 09:05:34 +0200 From:
> disastry@saiknes.lv To: gnupg-users <gnupg-users@gnupg.org>
> Subject: Re: followup: signing with a v3 rsa key in 1.1.9.2
...
> vedaal wrote: > found the reason: > > rsa v3 keys generated in 6.5.8
> have the symmetric algo as 'cast-5' by default,
>
> not by default 6.5.8 uses CAST5 or 3DES for RSA v3 keys _only_ if .
> IDEA is disabled .
>
> > while in 2.6.x it is 'idea'
>
> with 2.6.3ia-multi06 you can use CAST5 and other ciphers too..
...
i 'thought' i understood, but now i am more confused :(
please bear with me:
[1] am running 1.1.92a windows binary with the idea plugin correctly installed, and everything works as expected
[2] disabled the option of 'load-extension c:\gnupg\lib\idea'
[3] as expected, i cannot sign with my default v3 rsa key generated in 2.6.3
*but*
[4] i 'can' sign with another v3 rsa key that was generated in 6.5.8 ckt
[5] both pgpdump and pgpckt identify the symmetric algorithm for this other v3 rsa key, as idea
here is the v3 rsa key that 'can' be signed with, *without* the idea plug-in:
-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: passphrase: test@key.test
lQOgAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2
V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM
TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4
nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4
ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb
N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABREB7Y6HhGg6ktEH//f0m1Ut
UCqRbRNAqSG5bw8ueN69mgxuUxkr/bSznqix6PiNkQCpsgoAT6uAzR/5jUMNelzf
JBe9tpsYYnzCbTGoOHK4syKu67xsZB23J2RODtyp5ufa6zrs65lpTI/AD8rgg4CP
F6oX+PzpEHqi71VNorr2mOrS5pS+42G+SiL8jWpDF+w6CWJbE2p2y+3qxFCPsoft
PjdpaSFkhQ3bvS1xxH6XuFTTtwRPxCBCnxvkJOiBDwzkjTigkaXW6c+eKWGg2cmy
N0zfGD+VKYlsyJgJME06jmDgZaI2GY/uXTNpPeQ8W4bgBNPdGY2JVjtScrD6rBBh
pc7D67io2M7dOoQEABY3L4+H9D2J3gJN+31CR+/uBW97Nqx8fopd5Ktvgdw9+S1R
KpffVytC/Emf+Lo89XJOTWGhPhMpyDpNaBWeg9eBQlQJoXfgGRa0lM7kV8rW9ZjK
jW0pTd01e5KwxkvXGOSzV//QvJ4QOOWal1Z3l0u3QgSFjbAENhux1twVDgLhBADx
t1nQwZhji+m9o5AQMVdjPvDGUK0MBL44pF8Px5z+XFJ97ub0JykQYWeTreUJJO5d
9RwFUmP/vEOWaWF95Kc4aojhwkOgArsVIEi/f+D3KMNWfOGVyzh6pf/GPh89JYF8
r8CuRUfXj4RwwUwCwQYDSbUk56TQO+4ITxlX4eH9SgP/S2lRBOhPVM0oIvBKSFld
BT4B5ssQjF75AfFVVIl1kpG/eBhDUSx7I2q49iTdb23mN21Clp50gglwpWbbVa4Z
6yOaorgrO0Fh7CfW9rY8cPPhuPP082NS1X6udUv2ZQdNd3+mmHrTDpYtMuU9GFzn
yk5Tb9me0OsXe9uXJmHm+jNFYbQUdGVzdCA8dGVzdEBrZXkudGVzdD4=
=0mID
-----END PGP PRIVATE KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
mQENAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2
V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM
TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4
nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4
ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb
N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABRG0FHRlc3QgPHRlc3RAa2V5
LnRlc3Q+iQEVAwUQOug8+PFWZIj3ev97AQH7NQgAo3sH+KcsPtAbyp5U02J9h3Ro
aiKpAYxg3rfUVo/RH6hmCWT/AlPHLPZZC/tKiPkuIm2V3Xqyum530N0sBYxNzgNp
us8mK9QurYj2omKzf1ltN+uNHR8vjB8s7jEd/CDCARu81PqNoVq2b9JRFGpGbAde
7kQ/a0r2/IsJ8fz0iSpCH0geoHt3sBk9MyEem4uG0e2NzlH2wBz4H8l8BNHRHBq0
6tGH4h11ZhH3FiNzJWibT2AvzLCqar2qK+6pohKSvIp8zEP7Y/iQzCvkuOfHsUOH
4Utgg85k09hRDZ3pRRL/4R+Z+/1uXb+n6yKbOmpmi7U7wc9IwZxtTlGXsNIf+Q==
=7h3m
-----END PGP PUBLIC KEY BLOCK-----
[6] here is the pgpdump result for the key:
PGPdump Results
Old: Secret Key Packet(tag 5)(928 bytes) Ver 3 - old Public key creation time - Thu Apr 26 15:21:28 UTC 2001 Valid days - 0[0 is forever] Pub alg - RSA Encrypt or Sign(pub 1)
RSA n(2048 bits) - (deleted, post is already too big)
RSA e(5 bits) - 11
Sym alg - IDEA(sym 1) IV - ed 8e 87 84 68 3a 92 d1
Encrypted RSA d(2047 bits) - (deleted}
Encrypted RSA p(1024 bits) - "
Encrypted RSA q(1024 bits) - "
Encrypted RSA u(1023 bits) - "
Checksum - 45 61 Old: User ID Packet(tag 13)(20 bytes) User ID - test
this key was generated in 6.5.8ckt(build 5) with 'default' settings, without disabling idea
if it has idea as the symmetric algo protecting the key, why doesn't it need the idea plug-in to sign with,
and if idea is 'not' the symmetric algo ptrotecting the secret key, why does pgpdump (and ckt) identify it that way?
tia,
vedaal