gpg --verify hangs on malformed signature

Steffen Ullrich ccrlphr at
Tue Jul 21 21:35:34 CEST 1998

Sorry, but the patch doesn't help. Looking at the debug messages I think here is the one 
who shows the problem first:

	gpg: DBG: armor-filter: control: 3
	gpg: CRC error; d8b879 - 826da9
	gpg: DBG: parse_packet(iob=6): type=4 length=604044300
	gpg: onepass_sig with unknown version 20
	gpg: DBG: iobuf-6.1: error
	gpg: DBG: iobuf-6.1: error

I know for sure that the text isn't that big at all.

BTW, why it reports 

	gpg: WARNING: This key is not certified with a trusted signature!
	gpg: There is no indication that the signature belongs to the owner.

when I vaildate the valid signature of a mail. I imported the foreign key, signed it and now I would think
if I signed the key it should be trusted - or whom should I trust if not me?

BTW, did you know that the german division of Network Associates (which know owns PGP) charges 3049,-
DM for a 10 user License? They still give you only the NT and Mac version, but starting with 10
users you are allowed to use the code which is available commercially under UNIX.

On Tue, Jul 21, 1998 at 03:15:26PM +0200, Werner Koch wrote:
> Steffen Ullrich <ccrlphr at> writes:

> > gpg: CRC error; d8b879 - 826da9
> > gpg: onepass_sig with unknown version 20

> Here is a patch for this; apply this to g10/parse-packet.c:

> diff -u -r1.40 parse-packet.c
> --- parse-packet.c 1998/07/09 13:37:10 1.40
> +++ parse-packet.c 1998/07/21 13:08:59
> @@ -434,7 +434,8 @@
>      }
>      else {
>	  for( ; pktlen; pktlen-- )
> - iobuf_get(inp);
> + if( iobuf_get(inp) == -1 )
> + break;
>      }
>  }

> Thanks,

>     Werner

More information about the Gnupg-devel mailing list