GnuPG 1.4.5 - Problem with trustdb.gpg

Ritesh Patel patelritesh at gmail.com
Fri Dec 11 19:12:39 CET 2009


Hello,
I was using GnuPG 1.4.5.

$ gpg --list-sigs
/home/test1/.gnupg/pubring.gpg
---------------------------------
pub   1024D/E913B4F9 2009-12-11
uid                  Test1 (Testing) <test1 at test.com>
sig 3        E913B4F9 2009-12-11  Test1 (Testing) <test1 at test.com>
sub   1024g/25D2E967 2009-12-11
sig          E913B4F9 2009-12-11  Test1 (Testing) <test1 at test.com>

I imported two different key (test2 at test.com and test3 at test.com) in two
different keyring (test2 and test3).

$ gpg --keyring test2 --no-default-keyring --import /tmp/test2_pub_key
gpg: keyring `/home/test1/.gnupg/test2' created
gpg: key 2BD18395: public key "Test2 (Testing 2) <test2 at test.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg --keyring test2 --list-keys
/home/test1/.gnupg/pubring.gpg
---------------------------------
pub   1024D/E913B4F9 2009-12-11
uid                  Test1 (Testing) <test1 at test.com>
sub   1024g/25D2E967 2009-12-11

/home/test1/.gnupg/test2
---------------------------
pub   1024D/2BD18395 2009-12-11
uid                  Test2 (Testing 2) <test2 at test.com>
sub   1024g/474B7E93 2009-12-11


$ gpg --keyring test3 --no-default-keyring --import
/tmp/test3_pub_key
gpg: keyring `/home/test1/.gnupg/test3' created
gpg: key 7D6F8608: public key "Test3 (Testing 3) <test3 at test.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg --keyring test3 --list-keys
/home/test1/.gnupg/pubring.gpg
---------------------------------
pub   1024D/E913B4F9 2009-12-11
uid                  Test1 (Testing) <test1 at test.com>
sub   1024g/25D2E967 2009-12-11

/home/test1/.gnupg/test3
---------------------------
pub   1024D/7D6F8608 2009-12-11
uid                  Test3 (Testing 3) <test3 at test.com>
sub   1024g/636851B8 2009-12-11


Now I signed first test2 at test.com key with my key (test1 at test.com, which is
untimely trusted key) and able encrypt message using keyring test2,
test2 at test.com key.

$ gpg --keyring test2 --sign-key -u test1 at test.com test2 at test.com
-- works fine
$ gpg -se -a --keyring test2 --batch -u test1 at test.com -r
test2 at test.com</tmp/abc -- works fine also

The problem happen when I sign test3 at test.com key in test3 keyring with my
key(test1 at test.com). The signing went fine. Also I able to encrypt message
using keyring test3, test3 at test.com key. But at this point it broke trust on
keyring test2, test2 at test.com key. That key becomes unusable.

$ gpg --keyring test3 --sign-key -u test1 at test.com test3 at test.com
-- works fine
$ gpg -se -a --keyring test3 --batch -u test1 at test.com -r
test3 at test.com</tmp/abc --
works fine

Broken
$ gpg -se -a --keyring test2 --batch -u test1 at test.com -r
test2 at test.com</tmp/abc
gpg: 474B7E93: There is no assurance this key belongs to the named user
gpg: [stdin]: sign+encrypt failed: unusable public key

The same command sequence works fine with GnuPG 1.2.1. Both key (
test2 at test.com and test3 at test.com) keeps working.
Any help appreciated.

Thanks,
-Ritesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20091211/1653a40a/attachment-0001.htm>


More information about the Gnupg-users mailing list