summaryrefslogtreecommitdiffstats
path: root/doc/OpenPGP
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:14:06 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:14:06 +0000
commiteee068778cb28ecf3c14e1bf843a95547d72c42d (patch)
tree0e07b30ddc5ea579d682d5dbe57998200d1c9ab7 /doc/OpenPGP
parentInitial commit. (diff)
downloadgnupg2-upstream.tar.xz
gnupg2-upstream.zip
Adding upstream version 2.2.40.upstream/2.2.40upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--doc/OpenPGP116
1 files changed, 116 insertions, 0 deletions
diff --git a/doc/OpenPGP b/doc/OpenPGP
new file mode 100644
index 0000000..794f669
--- /dev/null
+++ b/doc/OpenPGP
@@ -0,0 +1,116 @@
+ GnuPG and OpenPGP
+ =================
+
+ See RFC-4880 for a description of OpenPGP. These notes are older
+ than RFC-4880 and refer to the predecessor of the specs (RFC-2440).
+
+
+ Compatibility Notes
+ ===================
+ GnuPG (>=1.0.3) is in compliance with RFC2440 despite these exceptions:
+
+ * With GnuPG >= 2.1.0 all support for version 3 keys has been
+ removed. Thus there is no more compatibility with PGP-2. Users
+ who need to be able to decrypt old PGP 2 messages should use
+ GnuPG 1.4.x along with the option --allow-weak-digest-algos.
+
+ * With GnuPG >= 2.1.0 all signatures (on messages and keys) are
+ created using version 4 signatures. Support for verifying
+ version 3 signature is still available.
+
+ * (9.2) states that IDEA SHOULD be implemented. This is not done
+ due to patent problems.
+ UPDATE: Since version 1.4.13 (or GnuPG 2.x with Libgcrypt 1.6)
+ IDEA support has been added to allow decryption of old
+ PGP-2 encrypted material.
+
+ All MAY features are implemented with this exception:
+
+ * multi-part armored messages are not supported.
+ MIME (rfc2015) should be used instead.
+
+ Most of the OPTIONAL stuff is implemented.
+
+ There are a couple of options which can be used to override some
+ RFC requirements. This is always mentioned with the description
+ of that options.
+
+ A special format of partial packet length exists for v3 packets
+ which can be considered to be in compliance with RFC1991; this
+ format is only created if a special option is active.
+ UPDATE: This support has been removed with version 1.3.6.
+
+ GnuPG uses a S2K mode of 101 for GNU extensions to the secret key
+ protection algorithms. This number is not defined in OpenPGP, but
+ given that this number is in a range which is used at many other
+ places in OpenPGP for private/experimental algorithm identifiers,
+ this should be not a too bad choice. The 3 bytes "GNU" are used to
+ identify this as a GNU extension - see the file DETAILS for a
+ definition of the used data formats.
+
+
+ Some Notes on OpenPGP / PGP Compatibility:
+ ==========================================
+
+ * PGP 5.x does not accept V4 signatures for anything other than
+ key material. The GnuPG option --force-v3-sigs mimics this
+ behavior.
+
+ * PGP 5.x does not recognize the "five-octet" lengths in
+ new-format headers or in signature subpacket lengths.
+
+ * PGP 5.0 rejects an encrypted session key if the keylength
+ differs from the S2K symmetric algorithm. This is a bug in its
+ validation function.
+
+ * PGP 5.0 does not handle multiple one-pass signature headers and
+ trailers. Signing one will compress the one-pass signed literal
+ and prefix a V3 signature instead of doing a nested one-pass
+ signature.
+
+ * When exporting a private key, PGP 2.x generates the header
+ "BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY
+ BLOCK". All previous versions ignore the implied data type, and
+ look directly at the packet data type.
+
+ * In a clear-signed signature, PGP 5.0 will figure out the correct
+ hash algorithm if there is no "Hash:" header, but it will reject
+ a mismatch between the header and the actual algorithm used. The
+ "standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x
+ rejects the "Hash:" header and assumes MD5. There are a number
+ of enhanced variants of PGP 2.6.x that have been modified for
+ SHA-1 signatures.
+
+ * PGP 5.0 can read an RSA key in V4 format, but can only recognize
+ it with a V3 keyid, and can properly use only a V3 format RSA
+ key.
+
+ * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign
+ keys. They only handle ElGamal Encrypt-only keys.
+
+
+ Parts of this document are taken from:
+ ======================================
+
+ OpenPGP Message Format
+ draft-ietf-openpgp-formats-07.txt
+
+
+ Copyright 1998 by The Internet Society. All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph
+ are included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.