|
Home > Archive > Anonymous Servers > September 2004 > GnuPG keys for use by PGP?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
GnuPG keys for use by PGP?
|
|
| Nomen Nescio 2004-09-20, 5:46 pm |
| I'm looking for the definitive way to create a keypair using
GnuPG (using GPGkeys), export it to a PGP keyring, and have the
public key successfully used by persons who use PGP 6.5.x
instead of GnuPG.
The purpose of this exercise is to enable the use of the public
key to create a nym.
I have seen various ways that are supposed to enable creating a
PGP compatible public key, but none of them apparently worked
when I tried them.
It's very frustrating, and I wonder if someone can enlighten me
about this issue.
| |
| Thomas J. Boschloo 2004-09-20, 5:46 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Nomen Nescio wrote:
| I'm looking for the definitive way to create a keypair using
| GnuPG (using GPGkeys), export it to a PGP keyring, and have the
| public key successfully used by persons who use PGP 6.5.x
| instead of GnuPG.
|
| The purpose of this exercise is to enable the use of the public
| key to create a nym.
|
| I have seen various ways that are supposed to enable creating a
| PGP compatible public key, but none of them apparently worked
| when I tried them.
|
| It's very frustrating, and I wonder if someone can enlighten me
| about this issue.
GnuPG cannot and probably will not create RSA version 3 keys until the
IDEA patent expires in 2007. So that leaves you with DH version 4 or RSA
version 4 keys. I am not sure PGP 6.5.x will support RSA version 4 keys
(should be easy to find out though). Have you tried generating keys with
GnuPG ('gpg --pgp6 --gen-key') and importing them into PGP 6.5.x
yourself? That would rule out a lot of things that might go wrong when
creating a nym..
Also, don't set they keysize too high (4096 DH probably works with 6.5x,
but why take the risk? At least the DSS part should be no larger than
1024 bits!).
Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQU8DDAEP2l8iXKAJAQGKkQMcDiHmahmU
nTgeqtxRe0UNPvyyDZ+lMgnZ
wRf0nqsWWhTHt/ +biOW0wnvRsumDND5NegAXefTADQ4RD0AyFo1G2v
2e08r4pfVw
a6CmSFgb5Icka6/TH37VPeuST2XoB8lFjaPYMg==
=X1/0
-----END PGP SIGNATURE-----
| |
| Johan Wevers 2004-09-20, 5:46 pm |
| Thomas J. Boschloo <nospam@hccnet.nl.invalid> wrote:
>GnuPG cannot and probably will not create RSA version 3 keys until the
>IDEA patent expires in 2007.
But that is easily solved by the following patch. I didn't check if
it still works on 1.2.6. It allows one to create a v3 key in expert mode.
--- gnupg-1.0.7/g10/keygen.c Wed Jan 30 18:24:58 2002
+++ gnupg-1.0.7/g10/keygen.c Thu Mar 28 13:46:19 2002
@@ -673,7 +673,8 @@
sk = m_alloc_clear( sizeof *sk );
pk = m_alloc_clear( sizeof *pk );
sk->timestamp = pk->timestamp = make_timestamp();
- sk->version = pk->version = 4;
+ sk->version = pk->version = (opt.expert && opt.pgp2) ? 3 : 4;
+ if (opt.expert && opt.pgp2) pk->hdrbytes = 3;
if( expireval ) {
sk->expiredate = pk->expiredate = sk->timestamp + expireval;
}
@@ -768,9 +769,15 @@
if( addmode )
tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 );
tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 );
+ if (opt.expert && opt.pgp2) {
+ tty_printf( _(" (%d) RSAv3 (sign and encrypt, PGP 2.6 compatible, not recommended)\n"), 5 );
+ } else {
tty_printf( _(" (%d) RSA (sign only)\n"), 5 );
if (addmode)
tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 );
+ if (opt.expert)
+ tty_printf( _(" (%d) RSA (sign and encrypt, not recommended)\n"), 7 );
+ }
for(;;) {
answer = cpr_get("keygen.algo",_("Your selection? "));
@@ -779,6 +786,11 @@
m_free(answer);
if( algo == 1 && !addmode ) {
algo = 0; /* create both keys */
+ break;
+ }
+ else if( opt.expert && algo == 7 ) {
+ algo = PUBKEY_ALGO_RSA;
+ *r_usage = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC;
break;
}
else if( algo == 6 && addmode ) {
--
ir. J.C.A. Wevers // Physics and science fiction site:
johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
| |
| Thomas J. Boschloo 2004-09-27, 5:45 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Johan Wevers wrote:
| Thomas J. Boschloo <nospam@hccnet.nl.invalid> wrote:
|
|
|>GnuPG cannot and probably will not create RSA version 3 keys until the
|>IDEA patent expires in 2007.
|
|
| But that is easily solved by the following patch. I didn't check if
| it still works on 1.2.6. It allows one to create a v3 key in expert mode.
Doesn't look easy ;-)
But there don't seem to be as much changes to the code as I would have
expected. Guess it is already dormant in there!
Regards,
Thomas
| --- gnupg-1.0.7/g10/keygen.c Wed Jan 30 18:24:58 2002
| +++ gnupg-1.0.7/g10/keygen.c Thu Mar 28 13:46:19 2002
| @@ -673,7 +673,8 @@
| sk = m_alloc_clear( sizeof *sk );
| pk = m_alloc_clear( sizeof *pk );
| sk->timestamp = pk->timestamp = make_timestamp();
| - sk->version = pk->version = 4;
| + sk->version = pk->version = (opt.expert && opt.pgp2) ? 3 : 4;
| + if (opt.expert && opt.pgp2) pk->hdrbytes = 3;
| if( expireval ) {
| sk->expiredate = pk->expiredate = sk->timestamp + expireval;
| }
| @@ -768,9 +769,15 @@
| if( addmode )
| tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 );
| tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 );
| + if (opt.expert && opt.pgp2) {
| + tty_printf( _(" (%d) RSAv3 (sign and encrypt, PGP 2.6
compatible, not recommended)\n"), 5 );
| + } else {
| tty_printf( _(" (%d) RSA (sign only)\n"), 5 );
| if (addmode)
| tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 );
| + if (opt.expert)
| + tty_printf( _(" (%d) RSA (sign and encrypt, not
recommended)\n"), 7 );
| + }
|
| for(;;) {
| answer = cpr_get("keygen.algo",_("Your selection? "));
| @@ -779,6 +786,11 @@
| m_free(answer);
| if( algo == 1 && !addmode ) {
| algo = 0; /* create both keys */
| + break;
| + }
| + else if( opt.expert && algo == 7 ) {
| + algo = PUBKEY_ALGO_RSA;
| + *r_usage = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC;
| break;
| }
| else if( algo == 6 && addmode ) {
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQVhGCQEP2l8iXKAJAQFC4gMfbKfNOF77
yGWicopPkhSs3+4JpkRSL2ad
YjgFthkEx+phXLb1h5L8IChZAk6OYYTdxZtnocSr
pgZk2atQz8vWQ+/60LUY+vGe
Au5+dGo645alzy10NlJz+crOtUA+XIuNURvyuA==
=1+65
-----END PGP SIGNATURE-----
|
|
|
|
|