Cannot revoke signature
David Shaw
dshaw@jabberwocky.com
Wed Oct 2 02:13:02 2002
--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Wed, Oct 02, 2002 at 01:59:11AM +0200, Christophe Labouisse wrote:
> I'm trying to revoke a signature with GnuPG 1.2.0 but I didn't
> succed.
>
> First I create a revokation certificat using :
>
> $ gpg --output revokation.asc --gen-rev KEYID
>
> A revokation certificat is created but when I tried to import it I
> always get the following error :
>
> $ gpg --import revokation.asc
> gpg: key KEYID: invalid revocation certificate: general error - rejected
> gpg: error reading `revokation.asc': general error
> gpg: import from `revokation.asc' failed: general error
> gpg: Total number processed: 0
>
> What I'm I doing wrong ?
Nothing. This is a bug in 1.2.0. There will be a proper fix soon,
but in the meantime you can apply this patch.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="revoke.patch"
Index: sig-check.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/sig-check.c,v
retrieving revision 1.73.2.2
retrieving revision 1.73.2.3
diff -u -r1.73.2.2 -r1.73.2.3
--- sig-check.c 15 Sep 2002 03:15:56 -0000 1.73.2.2
+++ sig-check.c 28 Sep 2002 17:34:43 -0000 1.73.2.3
@@ -521,8 +521,11 @@
return rc;
if( sig->sig_class == 0x20 ) { /* key revocation */
- /* designated revoker? */
- if(pk->keyid[0]!=sig->keyid[0] || pk->keyid[1]!=sig->keyid[1])
+ u32 keyid[2];
+ keyid_from_pk( pk, keyid );
+
+ /* is it a designated revoker? */
+ if(keyid[0]!=sig->keyid[0] || keyid[1]!=sig->keyid[1])
rc=check_revocation_keys(pk,sig);
else
{
--W/nzBZO5zC0uMSeA--