gpg 1.4.x and 2.0.x differ in output with --with-colons --check-sigs
Daniel Leidert
daniel.leidert.spam at gmx.net
Sun Jul 21 11:59:02 CEST 2013
Am Freitag, den 12.07.2013, 11:49 -0400 schrieb Daniel Kahn Gillmor:
> It looks to me like gpg and gpg2 differ in output when using
> --with-colons --check-sigs:
>
> 0 dkg at alice:~$ diff -u <(gpg --check-sigs --with-colons ssh://che.mayfirst.org) <(gpg2 --check-sigs --with-colons ssh://che.mayfirst.org)
> --- /dev/fd/63 2013-07-12 11:38:20.492341784 -0400
> +++ /dev/fd/62 2013-07-12 11:38:20.492341784 -0400
> @@ -1,5 +1,5 @@
> tru::1:1373556281:1373770620:3:1:5
> pub:f:2048:1:6D55BC121C106C76:1267149023:::-:::caCA:
> uid:f::::1267149023::FA9BB45DEC38693028E39E41D8BDD5A9D6234406::ssh\x3a//che.mayfirst.org:
> -sig:!::1:6D55BC121C106C76:1267149023::::ssh\x3a//che.mayfirst.org:13x:
> -sig:!::1:CCD2ED94D21739E9:1267149081::::Daniel Kahn Gillmor <dkg at fifthhorseman.net>:10x:
> +sig:!::1:6D55BC121C106C76:1267149023::::ssh\x3a//che.mayfirst.org:13x:::::8:
> +sig:!::1:CCD2ED94D21739E9:1267149081::::Daniel Kahn Gillmor <dkg at fifthhorseman.net>:10x:::::10:
> 1 dkg at alice:~$
>
>
> in particular, gpg 2.0.20 supplies field 16 for the sig lines, which
> (according to DETAILS) is the hash algorithm of the signature, but gpg
> 1.4.12 does not. (8 is SHA-256, 10 is SHA-512). Is this an intentional
> difference?
>
> Is there any reason to avoid having 1.4.x produce this field as well?
See http://bugs.debian.org/672658. However, I wasn't sure, if we should
apply it to Debian. I decided to do not for Wheezy. Would be nice, if
this patch would make it officially into the 1.4 series.
Regards, Daniel
More information about the Gnupg-devel
mailing list