same key or RFC misinterpretation?
Jason Harris
jharris at widomaker.com
Wed Mar 12 21:50:01 CET 2003
With JHpatch2 for pks, I'm comparing raw pubkey packets to disambiguate
keys (if other things are similar). One of the first of the following
two keys popped out as a new key when merging a GPG-imported (specifically,
with signature-matched subkeys - don't ask if you don't know...) version
of my own keydump. Notice the subkey is valid on the third key - I
just happened to search by name and saw the third key. On the unimported
dearmored keys, GPG reports:
pub 1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = 4CBA E07C 8BF6 950E 32A9 0BE6 52D4 805F CF10 B59A
sig- 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
sub 2048g/2DEC55D9 1998-04-16
Key fingerprint = FF0A 9E36 0C01 3886 1E58 4DB8 3F12 0122 2DEC 55D9
sig- 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
pub 1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = 4CBA E07C 8BF6 950E 32A9 0BE6 52D4 805F CF10 B59A
sig- 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
pub 1024D/3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = A55D 1EE9 BDA9 0D19 27FB D98A 0B0B 39C5 3D86 1FAB
sig! 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
sub 2048g/2DEC55D9 1998-04-16
Key fingerprint = FF0A 9E36 0C01 3886 1E58 4DB8 3F12 0122 2DEC 55D9
sig! 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
The pubkey packets (for the first two keys) differ by +1 (0x9f + 1 = 0xa0):
9c9
< 00000080 db a0 94 0d 65 26 4d fd 22 49 4b 00 a0 5f bd c0 |....e&M."IK.._..|
---
> 00000080 db a0 94 0d 65 26 4d fd 22 49 4b 00 9f 5f bd c0 |....e&M."IK.._..|
which pgpdump says is due to the size of q (must be 0, and in the leading
bit):
6c6
< DSA q(160 bits) - 5f bd c0 de a2 b7 2a a3 5a 92 b4 91 7d 53 50 7e 5f a1 d7 9f
---
> DSA q(159 bits) - 5f bd c0 de a2 b7 2a a3 5a 92 b4 91 7d 53 50 7e 5f a1 d7 9f
pks normally agrees with GPG on fingerprints, but searching for Marco Herten
on keyserver.kjsl.com reports:
pub 1024D/2C85A7B0 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = 8E23 606A 6D88 31DB 832A A469 7CA0 D9D1 2C85 A7B0
New! attempt to lookup keyholder on biglumber.com.
sig 0x10 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
sub 2048g/2DEC55D9 1998-04-16
Key fingerprint = FF0A 9E36 0C01 3886 1E58 4DB8 3F12 0122 2DEC 55D9
sig 0x18 3D861FAB 1998-04-16 [invalid signer? corrupted signature?]
__________________________________________________________________________
pub 1024D/CF10B59A 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = 4CBA E07C 8BF6 950E 32A9 0BE6 52D4 805F CF10 B59A
New! attempt to lookup keyholder on biglumber.com.
sig 0x10 3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
__________________________________________________________________________
pub 1024D/3D861FAB 1998-04-16 Marco Herten <marco duesseldorf.de>
Key fingerprint = A55D 1EE9 BDA9 0D19 27FB D98A 0B0B 39C5 3D86 1FAB
New! attempt to lookup keyholder on biglumber.com.
sig 0x10 3D861FAB 1998-04-16 [selfsig]
sub 2048g/2DEC55D9 1998-04-16
Key fingerprint = FF0A 9E36 0C01 3886 1E58 4DB8 3F12 0122 2DEC 55D9
sig 0x18 3D861FAB 1998-04-16 [keybind]
but the first two keys are still considered the same by GPG even after
an import:
pub 1024D/CF10B59A 1998-04-16 Marco Herten <marco at duesseldorf.de>
Key fingerprint = 4CBA E07C 8BF6 950E 32A9 0BE6 52D4 805F CF10 B59A
sig- 3D861FAB 1998-04-16 Marco Herten <marco at duesseldorf.de>
pub 1024D/3D861FAB 1998-04-16 Marco Herten <marco at duesseldorf.de>
Key fingerprint = A55D 1EE9 BDA9 0D19 27FB D98A 0B0B 39C5 3D86 1FAB
sig! 3D861FAB 1998-04-16 Marco Herten <marco at duesseldorf.de>
sub 2048g/2DEC55D9 1998-04-16
Key fingerprint = FF0A 9E36 0C01 3886 1E58 4DB8 3F12 0122 2DEC 55D9
sig! 3D861FAB 1998-04-16 Marco Herten <marco at duesseldorf.de>
FWIW, pgpring (-f displays fingerprints), calculates them the same as pks:
pub:q:1023:17:7CA0D9D12C85A7B0:1998-04-16::::Marco Herten <marco duesseldorf.de>:
fpr:::::::::8E23606A6D8831DB832AA4697CA0D9D12C85A7B0:
sub:q:2047:16:3F1201222DEC55D9:1998-04-16::::Marco Herten <marco duesseldorf.de>:
fpr:::::::::FF0A9E360C0138861E584DB83F1201222DEC55D9:
pub:q:1023:17:52D4805FCF10B59A:1998-04-16::::Marco Herten <marco duesseldorf.de>:
fpr:::::::::4CBAE07C8BF6950E32A90BE652D4805FCF10B59A:
pub:q:1023:17:0B0B39C53D861FAB:1998-04-16::::Marco Herten <marco duesseldorf.de>:
fpr:::::::::A55D1EE9BDA90D1927FBD98A0B0B39C53D861FAB:
sub:q:2047:16:3F1201222DEC55D9:1998-04-16::::Marco Herten <marco duesseldorf.de>:
fpr:::::::::FF0A9E360C0138861E584DB83F1201222DEC55D9:
RFC 2440 (bis-06) says:
A V4 fingerprint is the 160-bit SHA-1 hash of the one-octet Packet
Tag, followed by the two-octet packet length, followed by the entire
Public Key packet starting with the version field. The key ID is
Which is the correct method?
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com | web: http://jharris.cjb.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : /pipermail/attachments/20030312/863cb736/attachment.bin
More information about the Gnupg-devel
mailing list