"gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

David Shaw dshaw at jabberwocky.com
Wed May 14 05:30:21 CEST 2014

On May 13, 2014, at 7:15 PM, Aaron Toponce <aaron.toponce at gmail.com> wrote:

> I don't know if this is a bug, or if I am doing something wrong, so I might as
> well ask here. I ran the following command from my terminal, and cannot
> retrieve the fingerprint from the file:
>    $ gpg --output 0xBB065B251FF4945B.gpg --export 0xBB065B251FF4945B
>    $ gpg --with-colons --with-fingerprint 0xBB065B251FF4945B.gpg 
>    pub:-:2048:1:BB065B251FF4945B:2008-07-27:::f:
>    uid:::::::::Daniel T. Hagan <daniel at kickidle.com>:
>    sub:-:2048:1:6BA86443C0C6CDA2:2008-07-27::::
>    sub:-:2048:1:16C018D9B89B420A:2008-07-27::::
> There should exist an "^fpr" line in the output. Compare to:
>    $ gpg --output 0x4713D527ECE16009.gpg --export 0x4713D527ECE16009
>    $ gpg --with-colons --with-fingerprint 0x4713D527ECE16009.gpg 
>    pub:-:1024:17:4713D527ECE16009:2005-06-06:::f:George Hacker (GLS) <ghacker at redhat.com>:
>    fpr:::::::::8BFD3F436366D9820E9EAB2F4713D527ECE16009:
>    uid:::::::::George Hacker <georgeh at axian.com>:
>    uid:::::::::George Hacker <ghacker at axian.com>:
>    uat:::::::::1 2493:
>    sub:-:1024:16:0D94CF6C0C8C2F1B:2005-06-06::::
> Of the 453 keys in my public keyring, this happens on 8 of them (about 2%):
>    0x072DC7442B89BD45
>    0x14774C7B9958256C
>    0x4B2A4897D39DA0E3
>    0x63E42BD8C58C753A
>    0x677A7DE8CC9A6F67
>    0x6FA1B04BB6724E04
>    0x9710B89BCA57AD7C
>    0xBB065B251FF4945B
> Any ideas what is going on?

Looks like a bug.  Note that on each of the keys that didn't work there is a direct signature on the key.  This is not very common, and is usually used for a designated revoker (i.e. "I permit so-and-so to revoke my key for me").   I suspect there is a bug printing the fingerprints on a key from a key file (rather than from a keyring) for keys with a direct signature.


More information about the Gnupg-users mailing list