An imported public key can be used to encrypt documents to a PGP 2.x private key holder and check signatures made using a PGP 2.x private key. It is important to realize that it is impossible to use a new OpenPGP key to communicate with an PGP 2.x user, so you must import an old style key if you want to communicate with a PGP 2.x user.
Encrypting a document uses several command-line options, and the document to be encrypted must be specified as a file.
alice% gpg --rfc1991 --cipher-algo idea --compress-algo 1 --encrypt --recipient alice secret
gpg:
RSA keys are deprecated; please consider creating a new key and use this key in the future
gpg: this cipher algorithm is depreciated; please use a more standard one! |
Each of the command-line options are necessary.
The option rfc1991 is used to force GnuPG to be more compliant with RFC 1991, which is the old PGP specification implemented by PGP 2.x. If it is omitted, the output from GnuPG will be malformed and unusable by PGP 2.x.
The option cipher-algo specifies the symmetric cipher with which the document is to be encrypted. In the special case of encrypting to a PGP 2.x public key, the cipher specified must be IDEA. If it is omitted, the document will usually be encrypted using 3DES, an algorithm unsupported by PGP 2.x.
PGP 2.x's compression algorithm motivates how the rest of the command is formed. The option compress-algo specifies that GnuPG must use the old zlib compression algorithm used by PGP 2.x. Despite this, GnuPG uses partial length headers when encrypting a stream of unknown size, and this is unsupported by PGP 2.x. The document to be encrypted must therefore be in a file so that GnuPG knows the total size of the document to be encrypted before starting. So unfortunately, you cannot use pipes when using PGP 2.x keys.
Signing a document is no different than when any other key is used.
alice% gpg --local-user 0x24E2C409 --sign document
You need a passphrase to unlock the secret key for
user: "Alice <alice@cyb.com>"
1024-bit RSA key, ID 24E2C409, created 1999-09-18
gpg: RSA keys are deprecated; please consider creating a new key and use this
key in the future |
In this example, the option local-user is used to specify which private key to use for signing. Also, the output file is document.gpg. If the signature is to be verified using PGP 2.x, it must be renamed to a filename with a .pgp extension.
GnuPG does not have native support for both signing a document with an RSA key and encrypting it to an RSA key. GnuPG can be used in a workaround, however, that requires a few steps to implement. The process involves creating a detached signature and then using it to build an encrypted file that can be decrypted and verified using PGP 2.x.
There are four steps. The first creates a detached signature
alice% gpg --detach-signature --recipient alice --local-user 0x24E2C409 document You need a passphrase to unlock the secret key for user: "Alice <alice@cyb.com>" 1024-bit RSA key, ID 24E2C409, created 1999-09-18 gpg: RSA keys are deprecated; please consider creating a new key and use this key in the future |
The second step converts the document to an internal, literal format that is unencrupted.
alice% gpg --store -z 0 --output document.lit document |
The third step combines the detached signature with the literal document. This is what PGP 2.x uses to verify the signature after decryption.
alice% cat Notes.sig Notes.lit | gpg --no-options --no-literal --store --compress-algo 1 --output document.z gpg: NOTE: --no-literal is not for normal use! |
The fourth and final step is to use GnuPG to encrypt the combined signature and plaintext to yield an signed and encrypted document that can be decrypted and verified using PGP 2.x.
alice% gpg --rfc1991 --cipher-algo idea --no-literal --encrypt --recipient alice --output document.pgp document.z gpg: NOTE: --no-literal is not for normal use! gpg: RSA keys are deprecated; please consider creating a new key and use this key in the future gpg: this cipher algorithm is depreciated; please use a more standard one! |
The signed and encrypted document can also be ASCII-armored using the usual options.
alice% gpg --rfc1991 --cipher-algo idea --no-literal --encrypt --recipient alice --output document.asc --armor document.z gpg: NOTE: --no-literal is not for normal use! gpg: RSA keys are deprecated; please consider creating a new key and use this key in the future gpg: this cipher algorithm is depreciated; please use a more standard one! |
An imported private key may be used to decrypt documents encrypted to the key as well as make signatures using the key. Decrypting a message is no more difficult than when any other key is used.
alice% gpg secret.pgp
You need a passphrase to unlock the secret key for
user: "Alice <alice@cyb.org>"
1024-bit RSA key, ID 24E2C409, created 1999-09-18
gpg: NOTE: cipher algorithm 1 not found in preferences
gpg: secret.pgp: unknown suffix
Enter new filename [secret]: |
Again, the file renaming dialog can be avoided by renaming the input file with a .gpg extension. The note emitted by GnuPG regarding cipher algorithm 1 not found in the preferences may be safely ignored if seen.
Verifying a signature made using a PGP 2.x key is straightforward.
alice% gpg document.pgp
gpg: document.pgp: unknown suffix
Enter new filename [document]:
File `document' exists. Overwrite (y/N)? y
gpg: old style (PGP 2.x) signature
gpg: Signature made Sat Sep 18 17:55:30 1999 EST using RSA key ID 24E2C409
gpg: Good signature from "Alice <alice@cyb.org>" |
The file renaming dialog can be avoided if the document being verified is renamed with a .gpg extension before invoking gpg.