Cannot revoke signature

David Shaw dshaw@jabberwocky.com
Wed Oct 2 02:13:02 2002


--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, Oct 02, 2002 at 01:59:11AM +0200, Christophe Labouisse wrote:
> I'm trying to revoke a signature with GnuPG 1.2.0 but I didn't
> succed.
> 
> First I create a revokation certificat using :
> 
> $ gpg --output revokation.asc --gen-rev KEYID
> 
> A revokation certificat is created but when I tried to import it I
> always get the following error :
> 
> $ gpg --import revokation.asc 
> gpg: key KEYID: invalid revocation certificate: general error - rejected
> gpg: error reading `revokation.asc': general error
> gpg: import from `revokation.asc' failed: general error
> gpg: Total number processed: 0
> 
> What I'm I doing wrong ?

Nothing.  This is a bug in 1.2.0.  There will be a proper fix soon,
but in the meantime you can apply this patch.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="revoke.patch"

Index: sig-check.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/sig-check.c,v
retrieving revision 1.73.2.2
retrieving revision 1.73.2.3
diff -u -r1.73.2.2 -r1.73.2.3
--- sig-check.c	15 Sep 2002 03:15:56 -0000	1.73.2.2
+++ sig-check.c	28 Sep 2002 17:34:43 -0000	1.73.2.3
@@ -521,8 +521,11 @@
 	return rc;
 
     if( sig->sig_class == 0x20 ) { /* key revocation */
-        /* designated revoker? */
-        if(pk->keyid[0]!=sig->keyid[0] || pk->keyid[1]!=sig->keyid[1])
+        u32 keyid[2];	
+	keyid_from_pk( pk, keyid );
+
+	/* is it a designated revoker? */
+        if(keyid[0]!=sig->keyid[0] || keyid[1]!=sig->keyid[1])
 	  rc=check_revocation_keys(pk,sig);
 	else
 	  {

--W/nzBZO5zC0uMSeA--