Optimization-dependent behavior with GnuPG 1.4.19 and GCC 5

NIIBE Yutaka gniibe at fsij.org
Thu Oct 1 09:19:19 CEST 2015

On 10/01/2015 02:41 PM, Kevin Locke wrote:
> Any idea if sig->unhashed being NULL is easily avoidable when creating
> signed documents as a workaround for users with affected versions
> already in the wild?

I don't think we have an easy way.

Fortunately, GnuPG itself doesn't produce such a signature.

Dumping the signature packet of the file (InRelease) by pgpgdump,
it is:

New: Signature Packet(tag 2)(284 bytes)
	Ver 4 - new
	Sig type - Signature of a canonical text document(0x01).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA256(hash 8)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Thu Oct  1 14:06:24 JST 2015
	Hashed Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x3746C208A7317B0F
	Hash left 2 bytes - d5 16
	RSA m^d mod n(2048 bits) - ...
		-> PKCS-1

Here, issuer key ID is hashed (and we don't have unhashed packet).
GnuPG puts issuer key ID to unhashed packet.

More information about the Gnupg-devel mailing list