how to signencrypt with gpg for pgp2 (was: broken: #secure method=pgp mode=signencrypt)

[Matthias Andree <ma@dt.e-technik.uni-dortmund.de>]

Simon Josefsson <jas@extundo.com> writes:

> Florian explained that the compatibility problem wasn't at the sender,
> but rather at the receiver, so I changed my opinion and now think that
> we shouldn't use combined mode by default since it isn't
> interoperable.

Maybe I can make you change your mind yet again.

> We should make the "separate" mode work correctly though.  This is
> somewhat unfortunate though.  An alternative would be to state that we
> cannot talk to PGP 2.x properly.

"Replacing PGP 2.x with GnuPG" by Kyle Hasselbacher et al,
<URL:http://www.gnupg.org/gph/en/pgp2x.html>, comes to our rescue:
it documents a workaround (with minor errors in the first of the four
stages). It's not trivial, but works.

I've cast this workaround into a sh script, and I've successfully
"signencrypt"ed a mail with GnuPG 1.2.2 that I can decode with pgp
2.6.3in without difficulties. Script and screenshots below.

Here's the unpolished script, you may test it but please don't include
it with Gnus or distribute otherwise. If we want to use such a wrapper
script in Gnus (rather than have someone - not me, I don't speak Elisp -
reimplement it in pgg.el), I can polish and document it, add getopt
parsing for the keys and put it under the GPL.

When testing, adjust the localkey (signing key) and remotekey
(recipient's key), and send yourself an email. :-)

--cut-here------------------------------------------------------------------
#! /bin/sh
# (C) Copyright 2003, Matthias Andree. All rights reserved.
localkey=0x26bf5ca9
remotekey=0x26bf5ca9
input=${1:=test}
tmppfx=gs2p2.$$.
armor=--armor

trap "rm -f \"${tmppfx}\"* ; exit 1" 0 1 2 3 15
set -e
gpg --detach-sign --local-user "$localkey" --output "${tmppfx}sig" "$input"
gpg --store -z 0 --output "${tmppfx}lit" "$input"
cat "${tmppfx}sig" "${tmppfx}lit" \
| gpg --no-options --no-literal --store --compress-algo 1 --output "${tmppfx}z"
gpg --rfc1991 --cipher-algo idea --no-literal --encrypt \
    --recipient "$remotekey" --output `basename "$input"`.asc "${tmppfx}z"
rm -f "${tmppfx}"*
trap 0 1 2 3 15
exit 0
--cut-here------------------------------------------------------------------

Here are the screenshots:

signencrypt stage, GnuPG 1.2.2 + above script at work:

|$ gpg-signencrypt-to-pgp2.sh test
|
|You need a passphrase to unlock the secret key for
|user: "Matthias Andree <matthias.andree@gmx.de>"
|1024-bit RSA key, ID 26BF5CA9, created 1996-01-18
|
|gpg: NOTE: --no-literal is not for normal use!
|gpg: NOTE: --no-literal is not for normal use!
|gpg: 0x26bf5ca9: skipped: public key already present
|File `test.asc' exists. Overwrite (y/N)? y
|gpg: forcing symmetric cipher IDEA (1) violates recipient preferences
|gpg: this cipher algorithm is deprecated; please use a more standard one!

decrypt/verify stage, PGP 2.6.3in:

|$ pgp test.asc
|Pretty Good Privacy(tm) 2.6.3in - Public-key encryption for the masses.
|(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 2000-10-07
|International version - not for use in the USA. Does not use RSAREF.
|Current time: 2003/07/10 13:01 GMT
|
|File is encrypted.  Secret key is required to read it. 
|Key for user ID: Matthias Andree <matthias.andree@gmx.de>
|1024-bit key, key ID 26BF5CA9, created 1996/01/18
[...]
|
|You need a pass phrase to unlock your RSA secret key. 
|Enter pass phrase: Pass phrase is good.  Just a moment......
|File has signature.  Public key is required to check signature.
|.
|Good signature from user "Matthias Andree <matthias.andree@gmx.de>".
|Signature made 2003/07/10 13:01 GMT using 1024-bit key, key ID 26BF5CA9
|
|Plaintext filename: test
|Output file 'test' already exists.  Overwrite (y/N)? y

Bonus:

|$ cat test
|testäöüß

-- 
Matthias Andree