"gpg: signing failed: Invalid length" when use brainpool512r1 keys to sign things

Yanzhe Lee lee.yanzhe at yanzhe.org
Sun Sep 2 05:09:14 CEST 2018 

Hello,

Recently I come across this error "gpg: signing failed: Invalid length" when use brainpool512r1 keys to do sign operations, such as --sign-key, --lsign-key or even generate a brainpool512r1 key.

All keys except Brainpool P-384 and Brainpool P-512 work fine. I tried to generate Brainpool P-256, it's fine.
Strange thing is that I use brainpool512r1 before, and no error occurred. The error just shows recently, maybe it is a configuration error?



  
- Version

gpg (GnuPG) 2.2.4/2.2.9 both tried
libgcrypt 1.8.1
Ubuntu 18.04 LTS/MacOS 10.13.6 both tried

- steps to reproduce this error:

gpg --expert --full-gen-key

gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
   (9) ECC and ECC
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (13) Existing key
Your selection? 11
Possible actions for a ECDSA/EdDSA key: Sign Certify Authenticate
Current allowed actions: Sign Certify

   (S) Toggle the sign capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? a

Possible actions for a ECDSA/EdDSA key: Sign Certify Authenticate
Current allowed actions: Sign Certify Authenticate

   (S) Toggle the sign capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? q
Please select which elliptic curve you want:
   (1) Curve 25519
   (3) NIST P-256
   (4) NIST P-384
   (5) NIST P-521
   (6) Brainpool P-256
   (7) Brainpool P-384
   (8) Brainpool P-512
   (9) secp256k1
Your selection? 8
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 1d
Key expires at Mon 03 Sep 2018 10:39:53 AM CST
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: test2
Email address: test2
Comment:
You selected this USER-ID:
    "test2 <test2>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: signing failed: Invalid length
gpg: make_keysig_packet failed: Invalid length
Key generation failed: Invalid length


Best regards,
Yanzhe Lee

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x3EA647C79FDA9CD1.asc
Type: application/pgp-keys
Size: 10394 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180902/c556d14d/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 313 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180902/c556d14d/attachment.sig>

More information about the Gnupg-users mailing list