gpg 1.4.x and 2.0.x differ in output with --with-colons --check-sigs

Daniel Leidert daniel.leidert.spam at gmx.net
Sun Jul 21 11:59:02 CEST 2013


Am Freitag, den 12.07.2013, 11:49 -0400 schrieb Daniel Kahn Gillmor:

> It looks to me like gpg and gpg2 differ in output when using
> --with-colons --check-sigs:
> 
> 0 dkg at alice:~$ diff -u <(gpg --check-sigs --with-colons ssh://che.mayfirst.org) <(gpg2 --check-sigs --with-colons ssh://che.mayfirst.org)
> --- /dev/fd/63	2013-07-12 11:38:20.492341784 -0400
> +++ /dev/fd/62	2013-07-12 11:38:20.492341784 -0400
> @@ -1,5 +1,5 @@
>  tru::1:1373556281:1373770620:3:1:5
>  pub:f:2048:1:6D55BC121C106C76:1267149023:::-:::caCA:
>  uid:f::::1267149023::FA9BB45DEC38693028E39E41D8BDD5A9D6234406::ssh\x3a//che.mayfirst.org:
> -sig:!::1:6D55BC121C106C76:1267149023::::ssh\x3a//che.mayfirst.org:13x:
> -sig:!::1:CCD2ED94D21739E9:1267149081::::Daniel Kahn Gillmor <dkg at fifthhorseman.net>:10x:
> +sig:!::1:6D55BC121C106C76:1267149023::::ssh\x3a//che.mayfirst.org:13x:::::8:
> +sig:!::1:CCD2ED94D21739E9:1267149081::::Daniel Kahn Gillmor <dkg at fifthhorseman.net>:10x:::::10:
> 1 dkg at alice:~$ 
> 
> 
> in particular, gpg 2.0.20 supplies field 16 for the sig lines, which
> (according to DETAILS) is the hash algorithm of the signature, but gpg
> 1.4.12 does not.  (8 is SHA-256, 10 is SHA-512).  Is this an intentional
> difference?
>
> Is there any reason to avoid having 1.4.x produce this field as well?

See http://bugs.debian.org/672658. However, I wasn't sure, if we should
apply it to Debian. I decided to do not for Wheezy. Would be nice, if
this patch would make it officially into the 1.4 series.

Regards, Daniel




More information about the Gnupg-devel mailing list