Signature packets without (whatever)

Alphax alphasigmax at gmail.com
Tue Nov 1 01:23:38 CET 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Alphax wrote:
> David Shaw wrote:
> 
>>>On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote:
>>>
>>>
>>>>Recently, when checking my trustb I get the following appearing:
>>>>
>>>>gpg: buffer shorter than subpacket
>>>>gpg: signature packet without keyid
>>>>gpg: buffer shorter than subpacket
>>>>gpg: buffer shorter than subpacket
>>>>gpg: signature packet without timestamp
>>>>gpg: buffer shorter than subpacket
>>>>gpg: signature packet without keyid
>>>>gpg: buffer shorter than subpacket
>>>>
>>>>Now, I figured that cleaning the keys would probably fix this, but the
>>>>question is: how do I find the offending keys?
>>>
>>>
>>>Given that one of the errors is a signature packet without a
>>>keyid... it's hard to locate the signature :)
>>>
>>>You could do trickery with gpgsplit and such, but I'd wait until 1.4.3
>>>is out.  It doesn't error on such signatures any longer.
>>>
> 
> 
> Um... *bump* on 1.4.3, I just discovered that this (like all error
> messages) is killing Enigmail.
> 
> Any way of finding the offending keys and cleaning them manually?
> 

Ok, there *is*...

gpg --list-sigs

Search the output for the error messages

Edit the key

Delete the offending signatures

Sigh...

> Oh yeah, "clean total" would be good for fixing this too...

Very. Curiously GPG still thinks that it's a "good signature" despite
the lack of keyid and timestamp... and yet the signature *has* a keyid
and timestamp...

Hrm. I suspect that most of these have come from the same key.

Yep, on editing that particular key I immediately get the error...

- --
Alphax                      |   /"\
Encrypted Email Preferred   |   \ /     ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613  |    X   Against HTML email & vCards
http://tinyurl.com/cc9up    |   / \
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iQEVAwUBQ2a1ibMAAH8MeUlWAQjmWwgAn64O6fB+Q5BQ7La4yByM1mztm90IIJ9G
Z0PzQmbF7JdSh+sWzTBEAz8/DeYCseBF2PkhzsaJ9KVn6BZv/yUCQHwGZlq2aIhu
faUfY9U+uuHmCnyMMQTlP9BlNtG2Uhktep85ZhiX5az5xnFTyFfFmaGwtWS2IgzV
v+aYwQd36xGuICybPa8T10+diwrKy8WZ1RUH2lNMTDqm24ZlqKuFJs/fK6rcAlQQ
jxkn8PZxRQlS3nzDOBlGR628BhcUVFY4Cs0EHcboxyU9vcUJJrAP6sEpeE5LrF4c
RbcU7kTsFIwiW1b/1bYmgyWGk5U5IBEV1mMiGUtND5RGCQR6hF+cjA==
=VSw9
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list