Secret key export difference in 1.4 and 2.1

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Oct 26 15:23:17 CEST 2016


On Wed 2016-10-26 08:31:28 -0400, Neal H. Walfield wrote:
>> In this case we compare the original private key block with the result
>> of the --export-secret-keys command.
>
> Please don't do this.

In particular, the reason to not do this is because there is no
guarantee that gpg will create the same exact keyblock each time.  Some
things which would be allowed to change, just from the spec:

 * ASCII-armoring could have arbitrary headers (Comment:, Version:, etc)
 * ASCII-armoring could have arbitrary line lengths (the spec suggests a
   limit of 76 chars per line, but any tool could legitimately choose
   fewer characters in a line)
 * secret key material could be re-encrypted with a different session key
   and/or a different algorithm
 * Some components of an OpenPGP certificate can be re-ordered without
   affecting the semantics of the certificate

And there are probably other variations that i'm not thinking of.

The point is that expecting byte-for-byte identical output is not the
right level to test the API; this isn't something that the GnuPG devs
have said would be stable, and it's not something that we *want* to be
stable.  If newer versions of GnuPG have better ideas about how to
format this output, we want to be able to make those changes.  So test
suites that are over-precise are brittle and make it difficult to evolve
GnuPG.  Please help us keep the ecosystem friendly and flexible by only
depending on the interfaces that upstream intends to keep stable.

Regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: </pipermail/attachments/20161026/b2d99638/attachment-0001.sig>


More information about the Gnupg-devel mailing list