Incompatibility between GnuPG 1.2 and 1.4?

Christian Stork cstork at ics.uci.edu
Fri Sep 30 16:39:13 CEST 2005 

On Fri, Sep 30, 2005 at 07:36:34PM +0930, Alphax wrote:
> Christian Stork wrote:
> > As requested:
> <snip>

> > So, what's algo 121 ?


> According to http://www.ietf.org/rfc/rfc2440.txt, it doesn't exist. The
> message is probably corrupt.

But it this happens to all the messages I get from him (by now 6 or so)
and why then does gpg 1.2 decrypt the same message without problems.  I
have gpg 1.2.4 installed on my Mac and it produces the following output
on the _identical_ message:

$ gpg-1.2.4 mal1.asc
gpg: armor: BEGIN PGP MESSAGE
gpg: armor header: Version: GnuPG v1.2.5 (GNU/Linux)
:pubkey enc packet: version 3, algo 16, keyid 4AA7E00CB0BE33B2
        data: [3070 bits]
        data: [3071 bits]
gpg: public key is B0BE33B2
gpg: using secondary key B0BE33B2 instead of primary key 50F9CA2F

You need a passphrase to unlock the secret key for
user: "Christian H. Stork (University) <cstork at ics.uci.edu>"
gpg: using secondary key B0BE33B2 instead of primary key 50F9CA2F
3072-bit ELG-E key, ID B0BE33B2, created 1999-10-02 (main key ID 50F9CA2F)

gpg: public key encrypted data: good DEK
:pubkey enc packet: version 3, algo 16, keyid 110C58544A12AF6D
        data: [2048 bits]
        data: [2046 bits]
gpg: public key is 4A12AF6D
:encrypted data packet:
        length: unknown
gpg: using secondary key 4A12AF6D instead of primary key 6A6DDB60
gpg: encrypted with 2048-bit ELG-E key, ID 4A12AF6D, created 2001-12-14
      "Marc-Andre Lemburg <mal at lemburg.com>"
gpg: encrypted with 3072-bit ELG-E key, ID B0BE33B2, created 1999-10-02
      "Christian H. Stork (University) <cstork at ics.uci.edu>"
gpg: CAST5 encrypted data
:compressed packet: algo=1
:literal data packet:
        mode b, created 1127158105, name="",
        raw data: 0 bytes
gpg: original file name=''
:signature packet: algo 17, keyid F37A79CD6A6DDB60
        version 3, created 1127158105, md5len 5, sigclass 00
        digest algo 2, begin of digest 4f 9d
        data: [158 bits]
        data: [160 bits]
gpg: old style (PGP 2.x) signature
gpg: Signature made Mon Sep 19 12:28:25 2005 PDT using DSA key ID 6A6DDB60
gpg: Good signature from "Marc-Andre Lemburg <mal at lemburg.com>"
gpg:                 aka "Marc-Andre Lemburg <mal at egenix.com>"
gpg: key 50F9CA2F: accepted as trusted key
gpg: key C3D4D9D4: accepted as trusted key
gpg: key DC8492FA: accepted as trusted key
gpg: key 61F2C6B1: accepted as trusted key
gpg: key EAB24878: accepted as trusted key
gpg: key C9A2607F: accepted as trusted key
gpg: key 6D2033CA: accepted as trusted key
gpg: key 65EB1001: accepted as trusted key
gpg: binary signature, digest algorithm SHA1
gpg: decryption okay
gpg: WARNING: message was not integrity protected


So in contrast to gpg 1.4 this gpg 1.2.4 identifies the compression algo
as 1 and decrypts just fine.  Could there still be an integrity problem
as the warning at the end suggests?

-- 
Chris Stork   <>  Support eff.org!  <>   http://www.ics.uci.edu/~cstork/
OpenPGP fingerprint:  B08B 602C C806 C492 D069  021E 41F3 8C8D 50F9 CA2F

More information about the Gnupg-users mailing list