(GPG1) Download of false key? Key not included?
Steffen Nurpmeso
steffen at sdaoden.eu
Thu Jan 23 17:46:16 CET 2020
Hello.
Can anyone tell me what is actually going on here.
If it is as easy as "use GPG2" do not waste that much time,
however, doesn't the below use RSA plus SHA-512, what v1 supports?
( Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
And you will not go for zstd i have seen fly by, right, even
though it decompresses very, very fast, and is a small and self-
sufficient implementation. Do you.)
#?0|kent:gmake.tar_bomb_git-no_reduce$ gpg --verify make-4.3.tar.lz.sig
Reading passphrase from file descriptor 4
gpg: assuming signed data in `make-4.3.tar.lz'
gpg: Signature made Sun 19 Jan 2020 11:24:51 PM CET using RSA key ID DB78137A
gpg: Can't check signature: public key not found
#?2|kent:gmake.tar_bomb_git-no_reduce$ gpg --search-key DB78137A
Reading passphrase from file descriptor 4
gpg: searching for "DB78137A" from hkps server hkps.pool.sks-keyservers.net
(1) Paul D. Smith <psmith at gnu.org>
Paul D. Smith <paul at mad-scientist.net>
4096 bit RSA key 20C79BB2, created: 2016-10-22
Keys 1-1 of 1 for "DB78137A". Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key 20C79BB2 from hkps server hkps.pool.sks-keyservers.net
gpg: Total number processed: 1
gpg: skipped new keys: 1
Why is it skipped? GPG1 does support RSA and SHA-512 digests (see
below)?
$ gpg --list-keys|grep -B1 -A1 Smith
pub 1024D/6338B6D4 2004-01-04
uid Paul Smith (Mad Scientist) <psmith at gnu.org>
sub 2048g/E0EB03CE 2004-01-04
#?0|kent:gmake.tar_bomb_git-no_reduce$ gpg --delete-keys 6338B6D4
pub 1024D/6338B6D4 2004-01-04 Paul Smith (Mad Scientist) <psmith at gnu.org>
Delete this key from the keyring? (y/N) y
#?0|kent:gmake.tar_bomb_git-no_reduce$ gpg -vvvvv --search-key DB78137A
gpg: using character set `utf-8'
Reading passphrase from file descriptor 4
gpg: searching for "DB78137A" from hkps server hkps.pool.sks-keyservers.net
(1) Paul D. Smith <psmith at gnu.org>
Paul D. Smith <paul at mad-scientist.net>
4096 bit RSA key 20C79BB2, created: 2016-10-22
Keys 1-1 of 1 for "DB78137A". Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key 20C79BB2 from hkps server hkps.pool.sks-keyservers.net
gpg: armor: BEGIN PGP PUBLIC KEY BLOCK
gpg: armor header: Version: SKS 1.1.6
gpg: armor header: Comment: Hostname: sks.pod02.fleetstreetops.com
:public key packet:
version 4, algo 1, created 1477170443, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 80CB727A20C79BB2
:user ID packet: "Paul D. Smith <psmith at gnu.org>"
:signature packet: algo 1, keyid 80CB727A20C79BB2
version 4, created 1477172043, md5len 0, sigclass 0x13
digest algo 10, begin of digest 3a bd
hashed subpkt 2 len 4 (sig created 2016-10-22)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 3)
hashed subpkt 21 len 4 (pref-hash-algos: 10 9 8 11)
hashed subpkt 22 len 4 (pref-zip-algos: 2 3 1 0)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
subpkt 16 len 8 (issuer key ID 80CB727A20C79BB2)
data: [4095 bits]
:signature packet: algo 17, keyid 96B047156338B6D4
version 4, created 1477178301, md5len 0, sigclass 0x13
digest algo 10, begin of digest 93 10
hashed subpkt 2 len 4 (sig created 2016-10-22)
subpkt 16 len 8 (issuer key ID 96B047156338B6D4)
data: [158 bits]
data: [157 bits]
:user ID packet: "Paul D. Smith <paul at mad-scientist.net>"
:signature packet: algo 1, keyid 80CB727A20C79BB2
version 4, created 1477172069, md5len 0, sigclass 0x13
digest algo 10, begin of digest e3 f0
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 3)
hashed subpkt 21 len 4 (pref-hash-algos: 10 9 8 11)
hashed subpkt 22 len 4 (pref-zip-algos: 2 3 1 0)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
hashed subpkt 2 len 4 (sig created 2016-10-22)
hashed subpkt 25 len 1 (primary user ID)
subpkt 16 len 8 (issuer key ID 80CB727A20C79BB2)
data: [4095 bits]
:signature packet: algo 17, keyid 96B047156338B6D4
version 4, created 1477178301, md5len 0, sigclass 0x13
digest algo 10, begin of digest 89 10
hashed subpkt 2 len 4 (sig created 2016-10-22)
subpkt 16 len 8 (issuer key ID 96B047156338B6D4)
data: [160 bits]
data: [159 bits]
:public sub key packet:
version 4, algo 1, created 1477170443, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 609DAAD35F61D607
:signature packet: algo 1, keyid 80CB727A20C79BB2
version 4, created 1477170443, md5len 0, sigclass 0x18
digest algo 10, begin of digest e7 70
hashed subpkt 2 len 4 (sig created 2016-10-22)
hashed subpkt 27 len 1 (key flags: 0C)
subpkt 16 len 8 (issuer key ID 80CB727A20C79BB2)
data: [4092 bits]
:public sub key packet:
version 4, algo 1, created 1477172175, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: DEACCAAEDB78137A
:signature packet: algo 1, keyid 80CB727A20C79BB2
version 4, created 1477172175, md5len 0, sigclass 0x18
digest algo 10, begin of digest 74 4e
hashed subpkt 2 len 4 (sig created 2016-10-22)
hashed subpkt 27 len 1 (key flags: 02)
hashed subpkt 9 len 4 (key expires after 10y0d0h0m)
subpkt 16 len 8 (issuer key ID 80CB727A20C79BB2)
subpkt 32 len 540 (signature: v4, class 0x19, algo 1, digest algo 10)
data: [4095 bits]
gpg: pub 4096R/20C79BB2 2016-10-22 Paul D. Smith <psmith at gnu.org>
gpg: key 20C79BB2: new key - skipped
gpg: Total number processed: 1
gpg: skipped new keys: 1
#?0|kent:gmake.tar_bomb_git-no_reduce$
Thanks.
And ciao from (and to) Germany,
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the Gnupg-users
mailing list