Key version games (was Re: problem with exporting subkeys)
disastry@saiknes.lv
disastry@saiknes.lv
Thu Feb 28 19:55:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
David Shaw dshaw@jabberwocky.com wrote:
> > David Shaw dshaw@jabberwocky.com wrote:
> > > > Second question: why GPG chokes on it?
> > >
> > > Judging from the listing you posted, it seems you did
> > > --export-secret-subkeys on a v3 key (mixed in with your v4 keys). V3
> > > keys do not work with --export-secret-subkeys, and in fact cause the
> > > resulting file to be unusable.
> > >
> > > I just committed a fix which makes --export-secret-subkeys ignore v3
> > > keys.
> > > David
> >
> > note that v3 keys also can have subkeys. OpenPGP does not forbid it.
> > I have even seen v3 keys with subkeys.
>
> Are you sure?
yes. at lest I'm sure that such keys do exist.
> Section 10.1 ("Transferable Public Keys") says:
>
> However, any V4 key may have subkeys, and the subkeys may be
> encryption-only keys, signature-only keys, or general-purpose keys.
>
> That doesn't exactly forbid it, true, but also section 11.1 ("Key
> structures") does not show subkeys at all in the v3 allowable format
> which is a stronger statement.
>
> We should construct such a key and see if any programs break with it.
> Where did you see it?
I have one on my keyring, I put it on web page at
http://disastry.dhs.org/pgp/testkeys/testv3withsubkey.asc
I don't remember from where I got this key, but I don't think
that I generated it myself, because it have passphrase "test"
(all may test keys have passphrase "a" or "12345678" :) )
but I also remember seen real (not test) key belonging to some person.
I can't find it... it was RSAv3 key with Elgamal subkey.
GPG allows (maybe it does not allow now, but at least
older versions allowed) to add subkeys to v3 keys.
> Speaking of key versions - I spent some time looking at what versions
> were permitted with what a while ago and one thing that does seem to
> be explicitly permitted is v4 keys with v3 subkeys. I did test this
> and PGP supports it (though this may be accidental support). GnuPG
> 1.0.6 only partially supports it, but I fixed that in 1.0.7.
>
> Florian, this can give you the unchangeable expiration date that you
> wanted, if you're willing to accept the restrictions (RSA only, etc.)
> on v3 keys :)
> David
btw, v3 subkeys are (seems to be) allowed too,
section 5.5.2. Public Key Packet Formats
"A version 3 public key or public subkey packet contains:"
some time ago I did some experiments - added key to other key as subkey,
and converted subkey to key :) it worked.
test results here http://disastry.dhs.org/pgp/testkeys
key subkey
tstDSADSA.asc 0xA496AC49 0xCD80EA04
tstDSADSA-sub.asc 0xCD80EA04
tstRSADSA.asc 0x0FD8A43F 0xF3A46303
tstDSADSA-RSA2.asc 0xA496AC49 0x0FD8A43F
__
Disastry http://disastry.dhs.org/
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
^----PGP 2.6.3ia-multi05 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1
iQA/AwUBPH5gFzBaTVEuJQxkEQM2xgCg8DJDWVFeW4uZS80GFWspQ83IEHAAn1/j
gBeCC+4Jp6G5C0JbG4V3PkhP
=TgR6
-----END PGP SIGNATURE-----