Bad signatures issued on macOS
Jordan Martinez
jordan.martinez at arista.com
Thu Mar 12 16:44:29 CET 2026
Ah! Sorry about the key bit length issue. I've pushed new keys to the repo
that have the correct key bit length and still reproduce this issue.
I've tested the new keys with both 2.4.9 (homebrew) and 2.5.17 (locally
compiled), and they still produce the bad signature error. I've also
noticed that I sometimes have to run the `./debug.sh` script a few times
before I can produce the error.
On Thu, Mar 12, 2026 at 12:00 AM NIIBE Yutaka <gniibe at fsij.org> wrote:
> Hello,
>
> Jordan Martinez <jordan.martinez at arista.com> wrote:
> > Please see https://github.com/jam-awake/gpg-verify-bug
>
> Thank you for providing the data point.
>
> For all of those keys, I cannot replicate the issue on my machine
> (Debian x86-64). Those keys just work. (It looks like four RSA keys
> are all 2048-bit, though.)
>
> If possible, please test with gnupg at 2.4 of Homebrew to see if you can
> replicate the issue.
>
>
> I wonder if doing "make check" when building GnuPG works well or not on
> your build environment.
> --
>
--
Blessings,
Jordan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260312/9b2ed18c/attachment.html>
More information about the Gnupg-users
mailing list