Question about specifics of --locate-key option

Wiktor Kwapisiewicz wiktor at metacode.biz
Mon Oct 15 20:33:34 CEST 2018


Thank you Werner, "--debug lookup" output is a lot more verbose.

The output is a lot different in both cases, in this case it detects MAIL:

$ gpg --debug lookup --locate-key "<test-wkd at metacode.biz>"
gpg: enabled debug flags: lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: MAIL: '<test-wkd at metacode.biz>'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: secmem usage: 0/32768 bytes in 0 blocks

Direct e-mail prints SUBSTR:

$ gpg --debug lookup --locate-key "test-wkd at metacode.biz"
gpg: enabled debug flags: lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: SUBSTR: 'test-wkd at metacode.biz'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR: '74EC 8D3D A82A 79DA A25D  F10C 6BA5
5ED8 3ABA E1BB'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR20: '74EC 8D3D A82A 79DA A25D  F10C 6BA5
5ED8 3ABA E1BB'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => Success
gpg: DBG: finish_lookup: checking key 3ABAE1BB (one)(req_usage=0)
gpg: DBG: 	using key 3ABAE1BB
gpg: key 6BA55ED83ABAE1BB: public key "Test WKD Key
<test-wkd at metacode.biz>" imported
...

Using a broken input (in this case a space after e-mail) also triggers
SUBSTR:

$ gpg --debug lookup --locate-key "test-wkd at metacode.biz "
gpg: enabled debug flags: lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: SUBSTR: ''
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: secmem usage: 0/32768 bytes in 0 blocks

(if the key was previously in keyring it would display it, it won't use
WKD in that case - correctly).

I've tested this on both GnuPG 2.2.8 and 2.2.10, on a clean keyring
(inside a docker Alpine container).

Is it possible that only SUBSTR lookups that look like an e-mail trigger
WKD unlike MAIL matches?

Thank you for your time!

Kind regards,
Wiktor

On 15.10.2018 19:38, Werner Koch wrote:
> On Mon, 15 Oct 2018 15:21, gnupg-users at gnupg.org said:
>> This, as it turns out, does not trigger WKD. Removing "<" and ">" sure
>> enough does the trick and the key is found.
> 
> The gnupg internal function to extract the addrspec is
> mailbox_from_userid and its test program t-mbox-utils.c has these
> vectors:
>         /* input */                   /* Output, NULL = invalid */
>       { "Werner Koch <wk at gnupg.org>", "wk at gnupg.org" },
>       { "<wk at gnupg.org>", "wk at gnupg.org" },
>       { "wk at gnupg.org", "wk at gnupg.org" },
>       { "wk at gnupg.org ", NULL },
>       ...
> 
> Whis indicates that it should work.  By adding a "--debug lookup" to the
> gpg invocation you might be abale to see more.
> 
> 
> Salam-Shalom,
> 
>    Werner
> 


-- 
https://metacode.biz/@wiktor



More information about the Gnupg-users mailing list