I thought I'd have a go at testing out the shared private key approach
to implementing an interity check/MDC (MDC=Modification Detection
Code).
pgp263i won't generate keys below 384 bits. So I compiled one without
that restriction, and it seems that the the smallest key that (normal)
pgp263i will create signatures for and verify signatures for,
empirically is 289 bits.
(This is due to the padding that must fit inside the signature:
PGP versions 2.3 and later encode the MD into the MPI as follows:
MSB . . . LSB
0 1 FF(n bytes) 0 ASN(18 bytes) MD(16 bytes)
See RFC1423 for an explanation of the meaning of the ASN string.
It is the following 18 byte long hex value:
3020300c06082a864886f70d020505000410
which it would seem from the above is 2+0+1+18+16=37 bytes, which is
296. It seems that the implementation lets you get away with 289,
perhaps because the leading 0 is presumed on odd sized integers.)
So here is a 289 bit private and public key:
Type Bits/KeyID Date User ID
sec 289/AADC77C5 1999/04/21 Integrity Verification Key
-----BEGIN PGP SECRET KEY BLOCK-----
Version: 2.6.3i
lQCYAzcd278AAAEBIQGJDbfjBrve0Ips+daIHWQjgKyn5AUR8fxH6ODUATO0f6rc
d8UABREAAR9Q7DxygWLqG+BDnNlYQklSmn1cSDIiDELfP2k2A/ftZzMnITsAkOK8
EHA9EkYOnR//AD2uMfL2vwCRAbvJSkV5XA6mRK2lyGNugHSWewCPRIcJHBV0F/vY
OdbY0L5AgJ3RKqO0GkludGVncml0eSBWZXJpZmljYXRpb24gS2V5
=ZDof
-----END PGP SECRET KEY BLOCK-----
Type Bits/KeyID Date User ID
pub 289/AADC77C5 1999/04/21 Integrity Verification Key
Type Bits/KeyID Date User ID
pub 289/AADC77C5 1999/04/21 Integrity Verification Key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQAyAzcd278AAAEBIQGJDbfjBrve0Ips+daIHWQjgKyn5AUR8fxH6ODUATO0f6rc
d8UABRG0GkludGVncml0eSBWZXJpZmljYXRpb24gS2V5
=52/E
-----END PGP PUBLIC KEY BLOCK-----
And here is a conventionally encrypted, uncompressed message which has
been signed with the above key. the conventional encrypt password is
"fred" (no quotes).
% echo hello world > test
% pgp -csa -zfred test -u 0xAADC77C5
% cat test.asc
-----BEGIN PGP MESSAGE-----
Version: 2.6.3i
pgAAAGNphXbrTqYwlo9KM6gIo4182vQxkm8+cNoFVcLCxgA0x9Ibj+sbims/nFKJ
VuXUQGn/MeBwvjULg4OROnz0si5jkCv8/GMOzeoeonOFi9t1twH4en/+lbe9ddV2
vxiVyGJ+Jwc=
=hOMd
-----END PGP MESSAGE-----
and here is what is displayed by pgp263i when you decrypt that:
% pgp -zfred test.asc
File is conventionally encrypted. Just a moment....Pass phrase appears good. .
File has signature. Public key is required to check signature.
.
Good signature from user "Integrity Verification Key".
Signature made 1999/04/21 14:35 GMT using 289-bit key, key ID AADC77C5
%
and by pgp50i when you decrypt it:
% pgpv -zfred test.asc
Message is encrypted.
Opening file "test" type binary.
Good signature made 1999-04-21 14:34 GMT by key:
289 bits, Key ID AADC77C5, Created 1999-04-21
"Integrity Verification Key"
WARNING: The signing key is not trusted to belong to:
Integrity Verification Key
%
I removed the self signature from the key because it seems pointless
to self sign a key which has a published private key.
Interestingly pgp263i seems to consider this key trusted due to the
presence of the private key on the private key ring, whereas pgp50i
considers it to have "undefined trust".
Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`