Comment 1 Alon Bar-Lev (RETIRED) 2007-01-03 12:22:40 UTC

Right.
IDEA is not supported by gcrypt.
I could not find any patch to add idea support into gcrypt.
I will continue looking.

Comment 2 Robin Johnson 2007-01-03 14:19:27 UTC

alonbl:
here is IDEA support for libgcrypt
http://www.kfwebs.net/articles/article/42/GnuPG-2.0---IDEA-support

It was discussed on the gnupg-devel mailing list.

Comment 3 Alon Bar-Lev (RETIRED) 2007-01-04 11:41:42 UTC

Thanks!
I had to do some modification to this patch, did not work as-is it couldn't have worked...

But it should be OK now, please add idea USE flag to libgcrypt and try it out.

I can't emerge world now, and I suspect that this somehow migt be responsible for that. (But I might be wrong also, I don't know enough about ebuilds)

When I do

  sudo emerge -DuavN --with-bdeps y world

I get 

These are the packages that would be merged, in order:

Calculating world dependencies... done!
Traceback (most recent call last):
  File "/usr/bin/emerge", line 5254, in ?
    retval = emerge_main()
  File "/usr/bin/emerge", line 5249, in emerge_main
    myopts, myaction, myfiles, spinner)
  File "/usr/bin/emerge", line 4605, in action_build
    mydepgraph.display(
  File "/usr/bin/emerge", line 2472, in display
    debug=self.edebug)
  File "/usr/lib/portage/pym/portage.py", line 5748, in getfetchsizes
    myuris, myfiles = self.getfetchlist(mypkg,useflags=useflags)
  File "/usr/lib/portage/pym/portage.py", line 5725, in getfetchlist
    myurilist = portage_dep.use_reduce(myurilist,uselist=useflags,matchall=all)
  File "/usr/lib/portage/pym/portage_dep.py", line 193, in use_reduce
    additions = use_reduce(target, uselist, masklist, matchall, excludeall)
  File "/usr/lib/portage/pym/portage_dep.py", line 200, in use_reduce
    raise portage_exception.InvalidDependString(
portage_exception.InvalidDependString: "Conditional without parenthesis: 'idea?'"

This is my 'emerge --info'

Portage 2.1.2_rc4-r5 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19-gentoo-r2 i686)
=================================================================
System uname: 2.6.19-gentoo-r2 i686 AMD Athlon(tm) MP 2000+
Gentoo Base System version 1.13.0_alpha10
Last Sync: Thu, 04 Jan 2007 20:50:01 +0000
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python:     2.4.4
dev-python/pycrypto: 2.0.1-r5
sys-apps/sandbox:    1.2.18.1
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.17
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.19
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O3 -march=athlon-mp"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-O3 -march=athlon-mp"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distlocks metadata-transfer parallel-fetch sandbox sfperms strict"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
LANG="sv_SE.utf8"
LINGUAS="sv"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X Xaw3d alsa ao apache2 audiofile berkdb bitmap-fonts bonobo bzip2 bzlib cairo caps cdda cddb cdio cdparanoia cdr cdrom chroot cli crypt curl dba dbus dlloader dri dvd dvdr dvdread eds emacs emboss encode esd fam firefox flac fluidsynth fortran ftp gcj gd gdbm gif glx gnome gphoto2 gstreamer gtk gtk2 gtkhtml hal iconv idea imagemagick imap innodb isdnlog ithreads jack java jikes jpeg kde libg++ mad mbox mikmod mime mmx mmxext mng motif mozilla mp3 mpeg musicbrainz ncurses net network nls noamazon nptl nptlonly nsplugin offensive ogg oggvorbis opengl pcre pda pdf perl plotutils png postgres ppds pppd python qt4 quicktime radeon readline real reflection sdl session sndfile sox spell spl sse ssl svg tcltk tcpd threads tiff timidity truetype truetype-fonts type1-fonts udev unicode usb userlocales utf8 visualization vorbis win32codecs x86 xfs xine xinerama xml xml2 xorg xosd xpm xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LINGUAS="sv" USERLAND="GNU" VIDEO_CARDS="fbdev radeon fglrx"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Just one more little bit of info

I just removed the file /usr/portage/dev-libs/libgcrypt/libgcrypt-1.2.3-r1.ebuild

And now I can emerge world again.

There is a missing set of parentheses around the idea srource:
 !bindist? ( idea? (mirror://gentoo/${P}-idea.diff.bz2 ))

Comment 7 Ulrich Müller 2007-01-04 15:38:50 UTC

(In reply to comment #3)
> But it should be OK now, please add idea USE flag to libgcrypt and try it out.

There is no more message about the unsupported IDEA algorithm. But the program now complains that the passphrase would be wrong. (I have _definitely_ used the correct passphrase and I have double checked this.)

$ gpg -vv test.gpg 
:pubkey enc packet: version 3, algo 1, keyid 0123456789ABCDEF
        data: [1024 bits]
gpg: public key is 98765432

You need a passphrase to unlock the secret key for
user: "Xxx Yyy <zzz@domain.invalid>"
1024-bit RSA key, ID 98765432, created 1995-05-02

gpg: no running gpg-agent - starting one
gpg: DBG: connection to agent established
gpg: Invalid passphrase; please try again ...

[repeated two times]

:encrypted data packet:
        length: 32
gpg: encrypted with 1024-bit RSA key, ID 98765432, created 1995-05-02
      "Xxx Yyy <zzz@domain.invalid>"
gpg: public key decryption failed: Bad passphrase
gpg: decryption failed: No secret key

Again, gnupg-1.4.6 has no problem with this file/key/passphrase.

hmm, I'll have to look into that. 

btw, the workaround is to remove the passphrase from the key, it works then, but obviously not when the key is protected itself. 

Ok. will have to much around in gnupg / libgcrypt to fix this at a later point. Let me just say that this is not related to the IDEA package, but errors out before that. Easiest way to debug that is to do a gpg --show-session-key --homedir . -vv file.pgp using gpg 1.4 and get the session key, like gpg: session key: `1:9E1805541D862FBAAABBF1BABBF4F589' that you can throw into the libgcrypt addon as gpg2 --override-session-key 1:9E1805541D862FBAAABBF1BABBF4F589 --homedir . -vv file.pgp

a gpg --verson will give Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA while gpg2 --version Pubkey: RSA, ELG, DSA, ELG . It is not a problem of password hashing differences, as it then would function if setting the password in gpg 2 in the first place (removing the password in pgp 2 or gnupg 1.4)

I tried to re-encrypt the key using gnupg 1.4 gpg --s2k-cipher-algo=Blowfish --s2k-digest-algo=sha1 --compress-algo=1 --homedir . --edit-key test , but it still bugs out. 

Historically key decryption has been handled by gnupg and the unencrypted key is  used by libgcrypt. the issue is probably either the un-encryption of the key in gnupg, although I would have presumed in this case that re-encrypting the secret key using gnupg1.4 would have fixed it. so I'm starting to wonder if the troublemaker is RSA, with reference to the differences in the --version .

Anyone that is more familiar to gnupg that have an insight?

Comment 11 Alon Bar-Lev (RETIRED) 2007-01-05 03:43:01 UTC

Hmmm....
Thanks for the description!

From libgcrypt

./src/gcrypt.h:
enum gcry_pk_algos
  {
    GCRY_PK_RSA = 1,
    GCRY_PK_RSA_E = 2,      /* deprecated */
    GCRY_PK_RSA_S = 3,      /* deprecated */
    GCRY_PK_ELG_E = 16,     /* use only for OpenPGP */
    GCRY_PK_DSA   = 17,
    GCRY_PK_ELG   = 20
  };
cipher/rsa.c:
gcry_pk_spec_t _gcry_pubkey_spec_rsa =
  {
    "RSA", rsa_names,
    "ne", "nedpqu", "a", "s", "n",
    GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR,
<snip>

So the RSA_E, RSA_S are not implemented, only previous "RSA" is implemented.
Can you please verify that the key that is not working is part of RSA_E or RSA_S algorithms?

Please keep in mind though, that if no password is set on the secret key, everything works. So at least something is implemented. So it has to be related to decryption of the secret key at one point or another. 

looking at the output from --debug-all across the two versions I notice that gpg2 comes to +gpg: DBG: parse_packet(iob=1): type=9 length=28 (parse.mainproc.c.1192)
 gpg: encrypted with 1024-bit RSA key, ID AAB61C01, created 2007-01-04
       "test"
+gpg: public key decryption failed: Bad passphrase

while gnupg 1.4.6 goes through -gpg: DBG: iobuf-1.1: push `decode_filter'
-gpg: DBG: iobuf chain: 1.1 `decode_filter' filter_eof=0 start=0 len=0
-gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=157 len=175
-gpg: DBG: iobuf-1.1: underflow: req=8192
 after -gpg: DBG: parse_packet(iob=1): type=9 length=28 (parse.mainproc.c.1203)

type=9 here represents conventionally encrypted data, id est the secret key.

gpg 1.4.6 does say gpg: DBG: pubkey_decrypt: algo=1 , so that indicate an ordinary RSA key, not RSA-E. 

Comment 14 Alon Bar-Lev (RETIRED) 2007-01-24 20:14:18 UTC

Hello All,
Tried to get some help from gnupg mailing list, but got no response...
Can you please try to do this individually? I mean try to get some reply from upstream/user community?
Thanks!

I tried to get some info from gnupg-devel ( http://lists.gnupg.org/pipermail/gnupg-devel/2007-January/023511.html ). I'm currently trying to debug it myself by altering the source systematically to try to find where it errors, but have so far been unsuccessful. 

Again, I would like to mention that everything works if the secret key is not password protected. Which makes it even more bizarre that it errors when a password is added to the private key.

Sadly I don't have too much available time, but I'll keep looking for a reason it fails, as it tickles my curiosity. 

Comment 16 Alon Bar-Lev (RETIRED) 2007-01-24 20:41:03 UTC

Thanks for your help!

I am curios... Upstream does not support IDEA... Any reason why you all use this algorithm?

Comment 17 Robin Johnson 2007-01-24 20:48:16 UTC

alonbl: upstream doesn't support it because it's patented, but there is a usage case for it because PGP2.0 uses it, and if you want to interoperate between GnuPG and PGP2.0, you need it :-(.

There are several existing / old systems using pgp back to version 2.x, not to mention old emails in my archive encrypted to an old key of mine. I keep the ~/.gnupg folder and the emails in an encrypted volume itself, so I'm not particulary worried of anyone grabbing the old PGP key (which is only used to get some archived messages anyways these days), so I can live with it not having a password I guess.

I still have difficulty believing the problem is with the IDEA part of it all, if that was the case it wouldn't have worked at all. I tried to eliminate that option by using another s2k cipher to encrypt the private asymmetric key using CAST5 instead of IDEA (although it resulted in annoyingly many replies on that specific element in gnupg-devel ) :p

At this point the motivation is really my annoyance of it not working as I want it to, though. 

Comment 19 Ulrich Müller 2007-03-26 06:31:06 UTC

Given that no immediate solution seems to be at hand, would it be possible to reconsider SLOTting for the gnupg package?

Comment 20 Alon Bar-Lev (RETIRED) 2007-06-17 19:38:19 UTC

Hello all,

Unfortunately, The original patch author will not fix this problem any soon.

As I have never used IDEA, can someone create a scenario of:
1. Creating IDEA encrypted keys or IDEA keys (gpg1)
2. Testing these keys working (gpg1).
3. Showing the same keys are not working (gpg2).
4. Remove IDEA encryption from key (gpg1), show that works (gpg2).

This will save much time for me.
I have some free time this week-end.

Thanks!

Comment 21 Ulrich Müller 2007-06-17 20:35:24 UTC

Created attachment 122353 [details]
Example PGP 2.6.3 public key

Comment 22 Ulrich Müller 2007-06-17 20:36:00 UTC

Created attachment 122355 [details]
Example PGP 2.6.3 secret key

Comment 23 Ulrich Müller 2007-06-17 20:44:35 UTC

(In reply to comment #20)
> As I have never used IDEA, can someone create a scenario of:
> 1. Creating IDEA encrypted keys or IDEA keys (gpg1)

I have attached a key pair, generated with PGP 2.6.3in. Passphrase is "abc" (without the quotes).

> 2. Testing these keys working (gpg1).
> 3. Showing the same keys are not working (gpg2).

Hm, it's the same messages as in comment #7.

> 4. Remove IDEA encryption from key (gpg1), show that works (gpg2).

I've never done that before, but will try and attach the unencrypted key if I succeed.

Comment 24 Ulrich Müller 2007-06-17 20:51:26 UTC

Created attachment 122357 [details]
Secret key with passphrase removed

This works for decrypting with gpg-2.

Comment 25 Ulrich Müller 2007-06-19 07:23:22 UTC

Maybe I should summarize the behaviour for gpg 1 and 2, w.r.t. the attached keys:

- gnupg-1.4.7-r1 works well with all three attached keys.
- gnupg-2.0.4 works with the public key from attachment #122353 [details].
- gnupg-2.0.4 also works with the secret key from attachment #122357 [details] where the
  passphrase was removed.
- However, gnupg-2.0.4 does _not_ work with the secret key from
  attachment #122355 [details]. For this one, it does not accept the passphrase
  (message "invalid passphrase").

Comment 26 Alon Bar-Lev (RETIRED) 2007-06-22 15:19:18 UTC

Created attachment 122810 [details]
gnupg-2.0.4-idea.patch

OK... There are two bytes that are part of the checksum but not part of the key.
So remove them before the key decode seems like a solution.
Can you please check it out with your configuration?

Comment 27 Ulrich Müller 2007-06-22 15:59:57 UTC

(In reply to comment #26)
> Created an attachment (id=122810) [edit]
> gnupg-2.0.4-idea.patch

Good work!

> OK... There are two bytes that are part of the checksum but not part of the
> key.
> So remove them before the key decode seems like a solution.
> Can you please check it out with your configuration?

Yes, it is functioning nicely with all test cases that I have here.

Comment 28 Alon Bar-Lev (RETIRED) 2007-06-22 16:47:31 UTC

Great!
Thank you.

Comment 29 Alon Bar-Lev (RETIRED) 2008-03-27 06:01:35 UTC

Created attachment 147425 [details]
test.msg

$ GNUPGHOME=. gpg --decrypt < test.msg

Comment 30 Ulrich Müller 2011-05-16 16:16:41 UTC

Unfortunately, the IDEA patches have been removed again from recent versions.

I take today's expiry of the IDEA patent (see <http://www.pgp.net/pgpnet/pgp-faq/#PATENT-IDEA>) as an occasion for reopening this bug.

Comment 31 Arfrever Frehtes Taifersar Arahesis (RETIRED) 2011-05-16 16:59:08 UTC

Could you discuss support for IDEA on gcrypt-devel@gnupg.org mailing list?

Comment 32 Ulrich Müller 2011-05-16 20:19:15 UTC

(In reply to comment #31)
> Could you discuss support for IDEA on gcrypt-devel@gnupg.org mailing list?

See <http://marc.info/?l=gcrypt-devel&m=130556964612440&w=3>

What was the reason for dropping IDEA support from Gentoo releases? It breaks backwards compatibility with PGP.

Comment 33 Ulrich Müller 2012-01-09 21:55:46 UTC

*** Bug 264313 has been marked as a duplicate of this bug. ***

Comment 34 Ulrich Müller 2012-01-09 22:06:02 UTC

Created attachment 298427 [details, diff]
Re-add IDEA support to libgcrypt-1.5.0

Also the U.S. patent on IDEA has expired now (no later than 2012-01-07).
Upstream will consider re-adding IDEA support for version 2.1.

In the meantime, could attached patch be applied please? It adds IDEA support to libgcrypt-1.5.0.

Comment 35 Robin Johnson 2012-01-11 00:23:47 UTC

Has the patch been submitted/approved with upstream?

Comment 36 Ulrich Müller 2012-01-11 09:21:20 UTC

(In reply to comment #35)
> Has the patch been submitted/approved with upstream?

Yes, it's been submitted upstream. I've been asked for some minor polishing and for an FSF copyright assignment.

Comment 37 Ulrich Müller 2012-02-16 21:44:56 UTC

Created attachment 302205 [details, diff]
Re-add IDEA support to libgcrypt-1.5.0

Updated patch.

This has been accepted upstream: <http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=318fd85f377c060908d371f792d41e599b3b7483>

Comment 38 Ulrich Müller 2012-02-18 20:56:46 UTC

Committed as libgcrypt-1.5.0-r2 with permission from Flameeyes.