difference in key import counting between GnuPG 1.4 and 2.1

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jan 26 17:30:09 CET 2016


Hi folks--

GnuPG 2.1 seems to count files differently when doing imports than 1.4.

Consider the comparison below (using the attached files, taken from
pygpgme/tests/keys).  In particular, note stats starting at "total
number processed:" and ending at "secret keys imported:"

I believe that gpg 2.1 is counting some of the keys multiple times (once
per subkey?) , but (for example), i'm not sure why it would claim 3
secret keys read and 2 secret keys imported, while 1.4 just say 1 in
each category.

This is one of the causes of test suite failure for pygpgme, because
pygpgme expects the values produced by 1.4.x (and presumably by 2.0.x,
though i haven't tested it).

Any pointers on how this should be resolved?  If they're "both right"
due to architectural differences, then i might just try to tune the
pygpgme test suite to ignore the differences.

       --dkg


0 dkg at alice:~/tmp$ for x in gpg gpg2; do \
>  GNUPGHOME=$(pwd)/$x $x --version; \
>  for f in key1.sec collected.gpg; do \
>   printf '=== %s ===\n' "$f" ; \
>   rm -rf $x; \
>   mkdir -m 0700 $x; \
>   GNUPGHOME=$(pwd)/$x $x --import < "$f"; \
>  done; \
> done
gpg (GnuPG) 1.4.20
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/dkg/tmp/gpg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
=== key1.sec ===
gpg: keyring `/home/dkg/tmp/gpg/secring.gpg' created
gpg: keyring `/home/dkg/tmp/gpg/pubring.gpg' created
gpg: key 885C65A4: secret key imported
gpg: /home/dkg/tmp/gpg/trustdb.gpg: trustdb created
gpg: key 885C65A4: public key "Key 1 <key1 at example.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
=== collected.gpg ===
gpg: keyring `/home/dkg/tmp/gpg/secring.gpg' created
gpg: keyring `/home/dkg/tmp/gpg/pubring.gpg' created
gpg: /home/dkg/tmp/gpg/trustdb.gpg: trustdb created
gpg: key 885C65A4: public key "Key 1 <key1 at example.org>" imported
gpg: key 885C65A4: secret key imported
gpg: key 885C65A4: "Key 1 <key1 at example.org>" 1 new signature
gpg: key C97E6B0F: public key "Key 2 <key2 at example.org>" imported
gpg: Total number processed: 3
gpg:               imported: 2  (RSA: 1)
gpg:         new signatures: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
gpg: no ultimately trusted keys found
gpg (GnuPG) 2.1.10
libgcrypt 1.6.4
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/dkg/tmp/gpg2
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
=== key1.sec ===
gpg: keybox '/home/dkg/tmp/gpg2/pubring.kbx' created
gpg: /home/dkg/tmp/gpg2/trustdb.gpg: trustdb created
gpg: key 885C65A4: public key "Key 1 <key1 at example.org>" imported
gpg: key 885C65A4: secret key imported
gpg: Total number processed: 3
gpg:               imported: 1
gpg:       secret keys read: 3
gpg:   secret keys imported: 2
=== collected.gpg ===
gpg: keybox '/home/dkg/tmp/gpg2/pubring.kbx' created
gpg: /home/dkg/tmp/gpg2/trustdb.gpg: trustdb created
gpg: key 885C65A4: public key "Key 1 <key1 at example.org>" imported
gpg: key 885C65A4: "Key 1 <key1 at example.org>" 1 new signature
gpg: key 885C65A4: secret key imported
gpg: key C97E6B0F: public key "Key 2 <key2 at example.org>" imported
gpg: Total number processed: 5
gpg:               imported: 2
gpg:         new signatures: 1
gpg:       secret keys read: 3
gpg:   secret keys imported: 2
gpg: no ultimately trusted keys found
0 dkg at alice:~/tmp$



-------------- next part --------------
A non-text attachment was scrubbed...
Name: key1.sec
Type: application/pgp-keys
Size: 1769 bytes
Desc: not available
URL: </pipermail/attachments/20160126/e5a53967/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: collected.gpg
Type: application/pgp-keys
Size: 6615 bytes
Desc: not available
URL: </pipermail/attachments/20160126/e5a53967/attachment-0001.key>


More information about the Gnupg-devel mailing list