followup v3 rsa key

disastry@saiknes.lv disastry@saiknes.lv
Thu Sep 19 11:19:01 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

vedaal wrote:
> i 'thought' i understood, but now i am more confused  :(
> 
> please bear with me:
> [1] am running 1.1.92a windows binary with the idea plugin correctly installed, and everything works as expected
> [2] disabled the option of 'load-extension c:\gnupg\lib\idea'
> [3] as expected, i cannot sign with my default v3 rsa key generated in 2.6.3
> *but*
> [4] i 'can' sign with another v3 rsa key that was generated in 6.5.8 ckt

I don't think you can (at least I can not, see below)

> [5] both pgpdump and pgpckt identify the symmetric algorithm for this other v3 rsa key, as idea
> 
> here is the v3 rsa key that 'can' be signed with, *without* the idea plug-in:
> 
> -----BEGIN PGP PRIVATE KEY BLOCK-----
> Version: 6.5.8ckt http://www.ipgpp.com/
> Comment: passphrase: test@key.test
> 
> lQOgAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2
> V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM
[...]
> this key was generated in 6.5.8ckt(build 5) with 'default' settings, without disabling idea

tried with this key, couldn't sign without IDEA:

f:\TEMP>gpg --homedir . --clearsign aaa
gpg: protection algorithm 1 (IDEA) is not supported
gpg: the IDEA cipher plugin is not present
gpg: please see http://www.gnupg.org/why-not-idea.html for more information
gpg: no default secret key: unknown cipher algorithm
gpg: aaa: clearsign failed: unknown cipher algorithm

f:\TEMP>gpg --homedir . --version
gpg (GnuPG) 1.0.7
Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: .
Supported algorithms:
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Hash: MD5, SHA1, RIPEMD160

> if it has idea as the symmetric algo protecting the key, why doesn't it need the idea plug-in to sign with,
> and if idea is 'not' the symmetric algo ptrotecting the secret key, why does pgpdump (and ckt) identify it that way?

__
Disastry  http://disastry.dhs.org/
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1

iQA/AwUBPYle0TBaTVEuJQxkEQPlwwCeOKqGw4bulEfj74ESsGfbxA8/fHEAoOgf
x/YBwtxPaxSIGLqCtDpXsjAQ
=XdFS
-----END PGP SIGNATURE-----