zero-length MPIs (was: Re: mpi error with check-trustdb in 1.4.2 - resolved)

Jason Harris jharris at widomaker.com
Thu Aug 11 20:21:44 CEST 2005


On Thu, Aug 11, 2005 at 12:02:17PM -0400, Jason Harris wrote:
> On Wed, Aug 10, 2005 at 10:30:09PM -0500, John Clizbe wrote:
 
> > Tracked down the two offending keys and deleted them with 1.4.1. They both
> > failed to import from a keyserver with 1.4.2 with the same mpi error, so I'm
> > marking it off to key cruft.

Here are some more offending keys:

  0xA0B3E88B
  0xFC05DA69
  0x0FCF6738
  0xCC78C893
  0x98FDE37C
  0x74C9DE33
  0x57023F00 - corrupt subkey

Fetching them from keyserver.kjsl.com is now possible with gnupg-1.4.2.
To patch pks, add this to the middle of decode_mpi() (in pgputil.c):

  /* skip packets with 0-length MPIs for GPG's benefit (gnupg-1.4.2) */
  if (mpi->nbits == 0) {
    return (0);
  }

-- 
Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web:  http://keyserver.kjsl.com/~jharris/
          Got photons?   (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 313 bytes
Desc: not available
Url : /pipermail/attachments/20050811/5039bd58/attachment.pgp


More information about the Gnupg-devel mailing list