same key or RFC misinterpretation?

Jason Harris jharris@widomaker.com
Wed Mar 12 21:50:01 2003 

--svExV93C05KqedWb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


With JHpatch2 for pks, I'm comparing raw pubkey packets to disambiguate
keys (if other things are similar).  One of the first of the following
two keys popped out as a new key when merging a GPG-imported (specifically,
with signature-matched subkeys - don't ask if you don't know...) version
of my own keydump.  Notice the subkey is valid on the third key - I
just happened to search by name and saw the third key.  On the unimported
dearmored keys, GPG reports:

pub  1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D 4CBA E07C 8BF6 950E 32A9  0BE6 52D4 805F CF10 B59A
sig-        3D861FAB 1998-04-16   Marco Herten <marco duesseldorf.de>
sub  2048g/2DEC55D9 1998-04-16
     Key fingerprint =3D FF0A 9E36 0C01 3886 1E58  4DB8 3F12 0122 2DEC 55D9
sig-        3D861FAB 1998-04-16   Marco Herten <marco duesseldorf.de>

pub  1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D 4CBA E07C 8BF6 950E 32A9  0BE6 52D4 805F CF10 B59A
sig-        3D861FAB 1998-04-16   Marco Herten <marco duesseldorf.de>

pub  1024D/3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D A55D 1EE9 BDA9 0D19 27FB  D98A 0B0B 39C5 3D86 1FAB
sig!        3D861FAB 1998-04-16   Marco Herten <marco duesseldorf.de>
sub  2048g/2DEC55D9 1998-04-16
     Key fingerprint =3D FF0A 9E36 0C01 3886 1E58  4DB8 3F12 0122 2DEC 55D9
sig!        3D861FAB 1998-04-16   Marco Herten <marco duesseldorf.de>


The pubkey packets (for the first two keys) differ by +1 (0x9f + 1 =3D 0xa0=
):

9c9
< 00000080  db a0 94 0d 65 26 4d fd  22 49 4b 00 a0 5f bd c0  |....e&M."IK.=
._..|
---
> 00000080  db a0 94 0d 65 26 4d fd  22 49 4b 00 9f 5f bd c0  |....e&M."IK.=
._..|

which pgpdump says is due to the size of q (must be 0, and in the leading
bit):

6c6
<       DSA q(160 bits) - 5f bd c0 de a2 b7 2a a3 5a 92 b4 91 7d 53 50 7e 5=
f a1 d7 9f=20
---
>       DSA q(159 bits) - 5f bd c0 de a2 b7 2a a3 5a 92 b4 91 7d 53 50 7e 5=
f a1 d7 9f=20

pks normally agrees with GPG on fingerprints, but searching for Marco Herten
on keyserver.kjsl.com reports:

pub  1024D/2C85A7B0 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D 8E23 606A 6D88 31DB 832A  A469 7CA0 D9D1 2C85 A7B0
New!  attempt to lookup keyholder on biglumber.com.
sig  0x10  3D861FAB 1998-04-16  Marco Herten <marco duesseldorf.de>
sub  2048g/2DEC55D9 1998-04-16
     Key fingerprint =3D FF0A 9E36 0C01 3886 1E58  4DB8 3F12 0122 2DEC 55D9
sig  0x18  3D861FAB 1998-04-16 [invalid signer? corrupted signature?]
  __________________________________________________________________________

pub  1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D 4CBA E07C 8BF6 950E 32A9  0BE6 52D4 805F CF10 B59A
New!  attempt to lookup keyholder on biglumber.com.
sig  0x10  3D861FAB 1998-04-16  Marco Herten <marco duesseldorf.de>
  __________________________________________________________________________

pub  1024D/3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
     Key fingerprint =3D A55D 1EE9 BDA9 0D19 27FB  D98A 0B0B 39C5 3D86 1FAB
New!  attempt to lookup keyholder on biglumber.com.
sig  0x10  3D861FAB 1998-04-16  [selfsig]
sub  2048g/2DEC55D9 1998-04-16
     Key fingerprint =3D FF0A 9E36 0C01 3886 1E58  4DB8 3F12 0122 2DEC 55D9
sig  0x18  3D861FAB 1998-04-16 [keybind]


but the first two keys are still considered the same by GPG even after
an import:

pub  1024D/CF10B59A 1998-04-16 Marco Herten <marco@duesseldorf.de>
     Key fingerprint =3D 4CBA E07C 8BF6 950E 32A9  0BE6 52D4 805F CF10 B59A
sig-        3D861FAB 1998-04-16   Marco Herten <marco@duesseldorf.de>

pub  1024D/3D861FAB 1998-04-16 Marco Herten <marco@duesseldorf.de>
     Key fingerprint =3D A55D 1EE9 BDA9 0D19 27FB  D98A 0B0B 39C5 3D86 1FAB
sig!        3D861FAB 1998-04-16   Marco Herten <marco@duesseldorf.de>
sub  2048g/2DEC55D9 1998-04-16
     Key fingerprint =3D FF0A 9E36 0C01 3886 1E58  4DB8 3F12 0122 2DEC 55D9
sig!        3D861FAB 1998-04-16   Marco Herten <marco@duesseldorf.de>


FWIW, pgpring (-f displays fingerprints), calculates them the same as pks:

pub:q:1023:17:7CA0D9D12C85A7B0:1998-04-16::::Marco Herten <marco duesseldor=
f.de>:
fpr:::::::::8E23606A6D8831DB832AA4697CA0D9D12C85A7B0:
sub:q:2047:16:3F1201222DEC55D9:1998-04-16::::Marco Herten <marco duesseldor=
f.de>:
fpr:::::::::FF0A9E360C0138861E584DB83F1201222DEC55D9:
pub:q:1023:17:52D4805FCF10B59A:1998-04-16::::Marco Herten <marco duesseldor=
f.de>:
fpr:::::::::4CBAE07C8BF6950E32A90BE652D4805FCF10B59A:
pub:q:1023:17:0B0B39C53D861FAB:1998-04-16::::Marco Herten <marco duesseldor=
f.de>:
fpr:::::::::A55D1EE9BDA90D1927FBD98A0B0B39C53D861FAB:
sub:q:2047:16:3F1201222DEC55D9:1998-04-16::::Marco Herten <marco duesseldor=
f.de>:
fpr:::::::::FF0A9E360C0138861E584DB83F1201222DEC55D9:


RFC 2440 (bis-06) says:

  A V4 fingerprint is the 160-bit SHA-1 hash of the one-octet Packet
  Tag, followed by the two-octet packet length, followed by the entire
  Public Key packet starting with the version field.  The key ID is


Which is the correct method?

--=20
Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web:  http://jharris.cjb.net/

--svExV93C05KqedWb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+b52nSypIl9OdoOMRAr/dAKCHxB0SrvHnX/5qPX73s4RGCity6ACgrKfI
BiCzsSXEngbVQnLCcNVAItM=
=D6wK
-----END PGP SIGNATURE-----

--svExV93C05KqedWb--