GPGME: Invalid value when trying to encrypt with certain keys
Peter Lebbing
peter at digitalbrains.com
Tue Aug 29 21:51:28 CEST 2017
On 29/08/17 17:50, Jan Girlich wrote:
> One specific key (available on the key servers as 0xDC3E9C95) causes an
> "Invalid value" error, but this key is in use since 1996 and works fine
> when used directly with gpg or enigmail.
It's an ancient key that should not be used anymore for anything more
than curiosity value, and recent versions of OpenPGP software might well
deny to use it. For instance, my GnuPG 2.1.18 (Debian stretch) refuses
it with "skipped PGP-2 keys":
$ gpg -vv --recv-keys 0xDC3E9C95
gpg: data source: http://keys.jhcloos.com:11371
gpg: armor: BEGIN PGP PUBLIC KEY BLOCK
gpg: armor header: Version: SKS 1.1.6
gpg: armor header: Comment: Hostname: keys.jhcloos.com
# off=0 ctb=99 tag=6 hlen=3 plen=269
gpg: packet(6) with obsolete version 3
:key packet: [obsolete version 3]
# off=272 ctb=b4 tag=13 hlen=2 plen=8
:user ID packet: "birkmair"
# off=282 ctb=89 tag=2 hlen=3 plen=277
:signature packet: algo 1, keyid 0780F54BDC3E9C95
version 3, created 849795725, md5len 5, sigclass 0x10
digest algo 1, begin of digest c6 53
data: [2042 bits]
# off=562 ctb=b4 tag=13 hlen=2 plen=14
:user ID packet: "birkmair frank"
# off=578 ctb=89 tag=2 hlen=3 plen=277
:signature packet: algo 1, keyid 0780F54BDC3E9C95
version 3, created 888724556, md5len 5, sigclass 0x10
digest algo 1, begin of digest 40 9d
data: [2048 bits]
# off=858 ctb=88 tag=2 hlen=2 plen=149
:signature packet: algo 1, keyid 44B8DDD6BB1D9F6D
version 3, created 922794522, md5len 5, sigclass 0x10
digest algo 1, begin of digest 55 17
data: [1024 bits]
# off=1009 ctb=88 tag=2 hlen=2 plen=70
:signature packet: algo 17, keyid 61A6C208B75F3105
version 4, created 1002273638, md5len 0, sigclass 0x10
digest algo 2, begin of digest 5b 45
hashed subpkt 2 len 4 (sig created 2001-10-05)
subpkt 16 len 8 (issuer key ID 61A6C208B75F3105)
data: [160 bits]
data: [159 bits]
gpg: Total number processed: 1
gpg: skipped PGP-2 keys: 1
These keys are not safe anymore, and haven't been for a while. If the
key was a car, you'd not be allowed on the public road anymore, but hey,
drive in your backyard all you want :-).
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170829/41bf5f00/attachment.sig>
More information about the Gnupg-devel
mailing list