GPGME: Invalid value when trying to encrypt with certain keys

Peter Lebbing peter at digitalbrains.com
Tue Aug 29 21:51:28 CEST 2017 

On 29/08/17 17:50, Jan Girlich wrote:
> One specific key (available on the key servers as 0xDC3E9C95) causes an
> "Invalid value" error, but this key is in use since 1996 and works fine
> when used directly with gpg or enigmail.

It's an ancient key that should not be used anymore for anything more
than curiosity value, and recent versions of OpenPGP software might well
deny to use it. For instance, my GnuPG 2.1.18 (Debian stretch) refuses
it with "skipped PGP-2 keys":

$ gpg -vv --recv-keys 0xDC3E9C95
gpg: data source: http://keys.jhcloos.com:11371
gpg: armor: BEGIN PGP PUBLIC KEY BLOCK
gpg: armor header: Version: SKS 1.1.6
gpg: armor header: Comment: Hostname: keys.jhcloos.com
# off=0 ctb=99 tag=6 hlen=3 plen=269
gpg: packet(6) with obsolete version 3
:key packet: [obsolete version 3]
# off=272 ctb=b4 tag=13 hlen=2 plen=8
:user ID packet: "birkmair"
# off=282 ctb=89 tag=2 hlen=3 plen=277
:signature packet: algo 1, keyid 0780F54BDC3E9C95
        version 3, created 849795725, md5len 5, sigclass 0x10
        digest algo 1, begin of digest c6 53
        data: [2042 bits]
# off=562 ctb=b4 tag=13 hlen=2 plen=14
:user ID packet: "birkmair frank"
# off=578 ctb=89 tag=2 hlen=3 plen=277
:signature packet: algo 1, keyid 0780F54BDC3E9C95
        version 3, created 888724556, md5len 5, sigclass 0x10
        digest algo 1, begin of digest 40 9d
        data: [2048 bits]
# off=858 ctb=88 tag=2 hlen=2 plen=149
:signature packet: algo 1, keyid 44B8DDD6BB1D9F6D
        version 3, created 922794522, md5len 5, sigclass 0x10
        digest algo 1, begin of digest 55 17
        data: [1024 bits]
# off=1009 ctb=88 tag=2 hlen=2 plen=70
:signature packet: algo 17, keyid 61A6C208B75F3105
        version 4, created 1002273638, md5len 0, sigclass 0x10
        digest algo 2, begin of digest 5b 45
        hashed subpkt 2 len 4 (sig created 2001-10-05)
        subpkt 16 len 8 (issuer key ID 61A6C208B75F3105)
        data: [160 bits]
        data: [159 bits]
gpg: Total number processed: 1
gpg:     skipped PGP-2 keys: 1

These keys are not safe anymore, and haven't been for a while. If the
key was a car, you'd not be allowed on the public road anymore, but hey,
drive in your backyard all you want :-).

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170829/41bf5f00/attachment.sig>

More information about the Gnupg-devel mailing list