Key version games (was Re: problem with exporting subkeys)
disastry at saiknes.lv
disastry at saiknes.lv
Thu Feb 28 19:55:01 CET 2002
-----BEGIN PGP SIGNED MESSAGE-----
David Shaw dshaw at jabberwocky.com wrote:
> > David Shaw dshaw at jabberwocky.com wrote:
> > > > Second question: why GPG chokes on it?
> > >
> > > Judging from the listing you posted, it seems you did
> > > --export-secret-subkeys on a v3 key (mixed in with your v4 keys). V3
> > > keys do not work with --export-secret-subkeys, and in fact cause the
> > > resulting file to be unusable.
> > >
> > > I just committed a fix which makes --export-secret-subkeys ignore v3
> > > keys.
> > > David
> > note that v3 keys also can have subkeys. OpenPGP does not forbid it.
> > I have even seen v3 keys with subkeys.
> Are you sure?
yes. at lest I'm sure that such keys do exist.
> Section 10.1 ("Transferable Public Keys") says:
> However, any V4 key may have subkeys, and the subkeys may be
> encryption-only keys, signature-only keys, or general-purpose keys.
> That doesn't exactly forbid it, true, but also section 11.1 ("Key
> structures") does not show subkeys at all in the v3 allowable format
> which is a stronger statement.
> We should construct such a key and see if any programs break with it.
> Where did you see it?
I have one on my keyring, I put it on web page at
I don't remember from where I got this key, but I don't think
that I generated it myself, because it have passphrase "test"
(all may test keys have passphrase "a" or "12345678" :) )
but I also remember seen real (not test) key belonging to some person.
I can't find it... it was RSAv3 key with Elgamal subkey.
GPG allows (maybe it does not allow now, but at least
older versions allowed) to add subkeys to v3 keys.
> Speaking of key versions - I spent some time looking at what versions
> were permitted with what a while ago and one thing that does seem to
> be explicitly permitted is v4 keys with v3 subkeys. I did test this
> and PGP supports it (though this may be accidental support). GnuPG
> 1.0.6 only partially supports it, but I fixed that in 1.0.7.
> Florian, this can give you the unchangeable expiration date that you
> wanted, if you're willing to accept the restrictions (RSA only, etc.)
> on v3 keys :)
btw, v3 subkeys are (seems to be) allowed too,
section 5.5.2. Public Key Packet Formats
"A version 3 public key or public subkey packet contains:"
some time ago I did some experiments - added key to other key as subkey,
and converted subkey to key :) it worked.
test results here http://disastry.dhs.org/pgp/testkeys
tstDSADSA.asc 0xA496AC49 0xCD80EA04
tstRSADSA.asc 0x0FD8A43F 0xF3A46303
tstDSADSA-RSA2.asc 0xA496AC49 0x0FD8A43F
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
^----PGP 2.6.3ia-multi05 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1
-----END PGP SIGNATURE-----
More information about the Gnupg-devel