I recently had my old PGP 5.0 key brought back from the dead when a colleague of mine wanted to send me some private info and all he had available was PGP 5.5. Luckily I had created a DSS key under 5.0 and so I figured I may be able to make use of my old keys. I regret not setting an expiration date on my old key as it would have been very useful in this case. I now have four keys that I must deal with. Two RSA (PGP 2.6), one DSS/Diffie-Hellman (PGP 5.0) and one DSA/ElGamal (GnuPG 0.3.6).
Always set an expiration date on your keys.
That said, there are several issues at hand. First, I have a pair of DSS/Diffie-Hellman keys that my friend is using PGP 5.5 to communicate with me. Second, I have a DSS/Diffie-Hellman public key that my friend is using. Thirdly, I have a copy of gnupg 0.4.0.
This document has two parts. The first describes how to prepare to encrypt messages to a user of PGP5.x. The second details how to take a PGP5.x KEY and install it on your GnuPG keyring so you may decrypt messages from a PGP5.x user.
If these instructions do or do not work for you I would like to hear about it. Thanks to all the people on the GnuPG mailing list who have unwittingly provided most of the information I used in creating this.
In order to encrypt mail to my friend, I must be able to use GnuPG to encrypt against a DSS/Diffie-Hellman key. I used PGP to retrieve his public key from the keys.pgp.com public key server.
$ pgpk -a hkp://keys.pgp.com/friend@example.com
Looking up host keys.pgp.com Establishing connection Sending request Receiving data Cleaning up Complete. Adding keys: Key ring: 'hkp://keys.pgp.com/taylor@technocage.com' Type Bits KeyID Created Expires Algorithm Use pub 1024 0x01234567 1998-10-10 ---------- DSS Sign & Encrypt sub 2048 0x89ABCDEF 1998-10-10 ---------- Diffie-Hellman uid Friend <friend@example.com> 1 matching key found Add these keys to your keyring? [Y/n] y Keys added successfully.
First, I printed out the key ID and fingerprint of each of the keys so I can ask my friend if they match.
$ pgpk -ll friend@example.com
Type Bits KeyID Created Expires Algorithm Use
pub 1024 0x01234567 1998-10-10 ---------- DSS Sign & Encrypt
f20 Fingerprint20 = 0123 4567 89AB CDEF FEDC BA98 7654 3210 DEAD BEEF
sub 2048 0x89ABCDEF 1998-10-10 ---------- Diffie-Hellman
f20 Fingerprint20 = FFFF DDDD 8888 5555 3333 2222 1111 0000 BAEF FADE
uid Friend <friend@example.com>
sig 0x01234567 1998-10-10 Friend <friend@example.com>
I then phoned my friend and asked him to verify the key fingerprint and ID over the telephone. As luck would have it, the information matched up.
$ pgpk -xa friend > friend.key
I then used gnupg to import that key.
$ gpg --import < friend.keygpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg:[stdin]: key ABCDEFGH: public key imported
I could have used the following command as well.
$ pgpk -xa friend | gpg --importgpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg:[stdin]: key ABCDEFGH: public key imported
Now that I have loaded my friends key onto my GnuPG keyring, I can make a little test message for him to try decrypting.
$ echo 'Hello Friend!' | gpg -ear friend-----BEGIN PGP MESSAGE----- Version: GNUPG v0.4.0 (GNU/Linux) Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/ ibxH/34oeT+0yFF0qQYqSp1AXTOfKV1Khw6GXgyxrnAbUozYFHuNaSU1uI2VlezTosb+ZFpu 03+PUoiyGbq/YPgcsoZOv65TSd8q3b2JbbMDsp9SAMq3WyIRffw2YBHwCu3Jxw/lQjGEkw8r Q5Nea1Ph2cFby6f7abIauEKWcdBxb7Nk5VOBN7yVPcp4dNBPIOijB8v/EeMz8a16YXQVYxk5 FmXuh4PzLJ09woaJRbYAJPVtLXiAHANYrqonfJ8tvM3ziP6mC20CRQebV9YWguMXJTYEC6An hQIOAx1s/MTwZKdhEAf/WZnNy7RILDVxKJperR3k2xOPy5rNxRXxSVFvboXEQf/B01zvE8Fn udEgGwqE808X6sbxVZ7JWiOG7k0uk+M1Dxsi7ujzZdL6rWYq830DnC/LmtWs/XM2V9HwnoRo CUlEsXi7zPykSxhAm5TAMhn2Al5iFrF/y3ROLf2DK+xUflZxs+uvnLLl2vRRKYmy0DXdE0z1 EKB2KNMPFVruuphzspH1wrNGxKs3WU0THEp/GvVj6WR0fCjQ9n5qBaKuT8kknbXbgm5zJCTC J+KNOw2VwOCI7lKeKvzrr/p7tg8gasRnca3a9u3cTXXWk3cWYKcw/mdghwUUwmOUCvTeZI2k MwgA5520XYbuDi2HX0LeOKf7DEVXOPixRrrnydJcnjoAYLYO3/xpQqh0IzJ1P1HwZbVnJVNl z+yXNvfzAVedlkQ+98G/yraLtzASWNwbpaQZ =xYcK -----END PGP MESSAGE-----
I take the resulting cyphertext and paste it into an email addressed to my friend. Now we wait....
We wait some more (my friend is notoriously slow to respond to messages).
Finally after a long (long) time, my friend responds that he was able to read my message. Of course, he is kind enough to use my PGP key to send this. Thus we segue into the next section on using GnuPG to decrypt messages sent by users of PGP5.0 to DSS/DH keys generated by PGP5.0.
One important note is that my friend was using PGP5.5, not 5.0. In
later tests with pgp 5.0i I discovered that you must add two more parameters
to the encryption command. Specifically --no-armor --no-comment
$ echo 'Hello Friend!' | gpg -ear --no-armor --no-comment friend > mesg
Remember that gpg --no-armor will produce 'binary' output and so you
are wise to stick it in a file and then attach that file to an email.
Now the problem is, how do I make it so that my friend can use my GPG key to send me messages? Is this even possible?
I must now import my old DSS/Diffie-Hellman key onto
my GnuPG key ring. This is not as easy as one may think. It is complicated
by the fact that the PGP key utility pgpk does not have a
parameter for exporting a private key. As luck would have it, superior
software packages such as GnuPG are capable of solving this problem for us.
It is important to note that this procedure puts your private key at risk for a short period of time and therefore should not be done on a multi-user or public system
This is the easy part. We use pgpk to extract your public key from your keyring and import it into GnuPG.
$ pgpk -x 7BBD08DC | gpg --import
gpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg:[stdin]: key 7BBD08DC: not changed gpg:[stdin]: key 00000000: no valid user ids gpg: this may be caused by a missing self-signature gpg:[stdin]: key 0809AD24: no valid user ids gpg: this may be caused by a missing self-signature
A quick check of the gnupg keyring shows that my key has, in fact been imported properly. I don't entirely understand the output of the import however nothing in it seems troublesome. Perhaps someone who knows more than I do can explain it to me.
$ gpg --list-keys
gpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
pub 1024D/7BBD08DC 1997-07-23 Caskey L. Dickson
uid Caskey L. Dickson
uid Caskey L. Dickson
sub 4096g/2B65D18B 1997-07-23
That certainly does look like my key.
This is the dangerous part. Depending upon your paranoia
level you can do everything from a simple w in order to
see who else is on your machine to unplugging your network card and
modem from the wall. It all depends upon the environment you operate
in and how much you trust the sytem you are using.
As of around version 1.0 of GPG the need to remove the passphrase before importing was removed. You do not need to do this anymore. I'm leaving this information in for those people who have very old versions of the software and are in the process of upgrading. Hopefully nobody is still using a version of GnuPG 3 years old, but you can never be too sure.
$ pgpk -e 0x7BBD08DC
sec+ 1024 0x7BBD08DC 1997-07-23 ---------- DSS Sign & Encrypt sub 4096 0x2B65D18B 1997-07-23 ---------- Diffie-Hellman uid Caskey L. Dickson <caskey@one.example.com> uid Caskey L. Dickson <caskey@two.example.com> uid Caskey L. Dickson <caskey@three.example.com> 1024 bits, Key ID 0x7BBD08DC, created 1997-07-23 "Caskey L. Dickson <caskey@one.example.com>" "Caskey L. Dickson <caskey@two.example.com>" "Caskey L. Dickson <caskey@three.example.com>" Do you want to unset this key as axiomatic [y/N]? N Do you want to unset this key as axiomatic [y/N]? N Do you want to add a new user ID [y/N]? N Do you want to change your pass phrase (y/N)? Y Need old passphrase. Enter pass phrase: passphrase Need new passphrase. Enter pass phrase: *nothing* Enter it a second time. Enter pass phrase: *nothing* Changing master key passphrase... Changing subkey passphrase... Do want to set this as your default key [y/N]? N Keyrings updated.
$ mkdir ~/private
$ chmod 700 ~/private
$ chdir ~/private
$ gpg --armor --export-secret-keys --secret-keyring ~/.pgp/secring.skr 0x7BBD08DC > mykey.sec
gpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg: key 456260DC: secret key without public key gpg: failed to initialize the TrustDB: Public key not found
The messages about not having a TrustDB entry and a missing public key are more or less normal as we did not specify the matching public key ring on the GnuPG command line.
You might get slightly different output depending upopn your keyring's contents.
We have a file named mykey.sec which contains an ascii armored private key sans passphrase. Now we must quickly load it into our keyring.
$ gpg --import --allow-secret-key-import < mykey.sec
gpg: Warning: using insecure memory!
gpg: key 78BBD08DC: secret key imported
gpg: Total number processed: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
(Output thanks to Hugo van der Kooij using GnuPG 1.0.4)
We must quickly put the passphrases back onto *both* keyrings now.
Some of you have asked 'what the heck does the third instruction do?' It's actually
a rather simple trick. The mykey.sec file contains an un-protected
secret key. Obviously we want to get rid of it ASAP. If we were to just rm
the file, yes that would eliminate the file, however the
now unused blocks would be floating around
on the disk somewhere with your secret key bytes still in it.
Not a terrible thing, but if you're going to jump off the building
from the 10th floor, why not make it the 100th and enjoy the
view on the way down.
Seriously though, what we've done is take the GnuPG
binary and overwritten the secret
key file. This (mostly) ensures that the data is gone.
It isn't as strong as the
techniques used by the military (xor, 3 writes) but I'm
assuming that you aren't worried
about someone disassembling your hard drive to find that file.
$ pgpk -e 0x7BBD08DC
$ gpg --edit-key 0x7BBD08DC
$ dd if=`which gpg` of=mykey.sec conv=notrunc
$ rm mykey.sec
Now we have our public and private DSS/Diffie-Hellman key on our GnuPG key ring. We shall employ pgp to create a test message for us to decrypt.
$ echo 'hello world' | pgpe -r 0x7BBD08DC | gpg --decrypt
No files specified. Using stdin. 1024 bits, Key ID gpg (GNUPG) 0.4.0; Copyright (C) 1998 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. 7BBD08DC, Created 1997-07-23 "Caskey L. Dickson <caskey@one.example.com>" "Caskey L. Dickson <caskey@two.example.com>" "Caskey L. Dickson <caskey@three.example.com>" You need a passphrase to unlock the secret key for user: "Caskey L. Dickson" (4096-bit ELG-E key, ID 2B65D18B, created 1997-07-23) hello world
And thus, we have used gpg to decrypt a message encrypted with PGP5 and a PGP5 key.
Comments welcome.
