Bad signatures issued on macOS

NIIBE Yutaka gniibe at fsij.org
Fri Mar 13 07:32:32 CET 2026 

Hello,

Thank you very much for your test case.  I managed to replicate it on my
machine.

Jordan Martinez <jordan.martinez at arista.com> wrote:
> I've tested the new keys with both 2.4.9 (homebrew) and 2.5.17 (locally
> compiled), and they still produce the bad signature error. I've also
> noticed that I sometimes have to run the `./debug.sh` script a few times
> before I can produce the error.

Great.

I dug into libgcrypt and found the problem (I mean, located the possible
bug).  Attached is the log of gpg-agent when it generated a wrong
signature.

Please have a look at the values of "res", "p", and "q".

Here, "res" value is NEGATIVE.  You can see the minus sign in the log.
This is wrong.  This is the cause of the trouble afterwards, because the
value is assumed unsigned in SEXP handling.

The reason why it becames occasionally negative is that your keys has a
property of: p > q.  From viewpoint of GnuPG, this is wrong.

GnuPG assumes p < q.  In libgcrypt, when it generates RSA key, it
ensures that p < q.  And libgcrypt/cipher/rsa.c:secret_core_crt function
may compute wrongly (to have negative result) when p > q.

So, it's the keys which have interoperability issue wrt P and Q of RSA.

I don't know how we can fix (which side?), as of now.  (If I were you,
my workaround for GnuPG is modifying the private key files in question.)

After the import, I can modify the private key files under
.gnupg/private-keys-v1.d/ (swapping p and d expressions.  Note that the
order matters, simply p->q and q->p doesn't work.).  I confirmed that
the problem gone when I did.
-- 
-------------- next part --------------
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign   data:+01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ffffffffffffffffffffff003031300d06096086480165030402010500042038 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  25783b4efe9a0576892f4ee4fe53853b629b23cbc0521c8ce904c7bd23ad46
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      n:+d0ccc5f8310c1b920fb0cfa7c4d4a9478a3710fc1412b25845687ad88402b417 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  08a93f42cf4b6b17e1249d738af5d0bc1336e35134bf5fd46eb8480b7fea2473 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  38069b38feca71fb2f8f5713028aee1ed565a073db767cb7688571e6eb02fbc5 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  21f211797e99b6bda93b3eba0afd2f02a7d062112485ef30ff2c19fe98331176 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  570222fd9af25978de2e23beeda534dc6c0c6db47e409967e3f0ef0baeb13988 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  67980d97c438cb9d3fcc8699a1807f9317663d530b4dac2449518c3025eccaff \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ee6fd1494e16e0cf3f46aa145735b953c003c73bbcc56a2ebd86de0f3f2be766 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  e04e0da33db16b45e45738854c134ec3b206e4cd2fd860c13ffa85802df91add
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      e:+010001
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      d:+b0b1d98662db4029a6a595d4ffb88758471aba80d7ebca88f093ae01b4152599 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  a876b156345e3a4e86f49959c1eaabadbd04e1f1429600dea0a3ca3411176fa9 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  216c55c731b6d8261ce54c6685ec53fe3bd038ac52b83e6a67452652a7e66a71 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  347cc954eb51e15736f32fedf886b155a9f5aa479f84c819ca96e39893ec0385 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  7d3a048ed52929a4661fb3c86bf98696905ed1b64346232bc3620b7fb2245919 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  f3101712228725251a48e94ac2a726e57ba92dfcb5c5aaf71ce08bfab9bc936e \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  bfc994b1a80d5b78601e7dfaa878210cce186051eb3bc9d310691c23331b503a \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  235a5dffe3a0b54258c5b46f04b2196b1915a59523e5140d2d4b82c8cc0baa71
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      p:+f9cc692674be8a88092add770579e250871510b95057fa753db79090cd72d3a6 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  ce95be6b8a632eb3f1d535c593f1804133441ad20d158848b5c2683b653c95f2 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  844e5e168922bc2ff26d3f83f2ca76d29908c7e7bea46f55c591978824c06999 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  f362203b1ebff457ff4232ba9acb7af4aa13dc5323e8df5783c3f9dd0784f483
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      q:+d5fbcc013d18f2f98c4d52e8d69074803ae89e98abae93f8bb063f821c2e0ae6 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  52db15180e5d659c7abff69dad6d6c4efb041fa21e3e3159e340131ed7962afe \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  260da2db570b21f49aca3f722327bb1644ff4058cb9aa6b1ed06d9b82a369887 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  80f175d33401f2d80af831f42829de914b8f68a8f98457950b8300e63290551f
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      u:+66e7cb1540eb1357d5593170105abf30eb8102bc8398ddc205ec69bcbb4bec10 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  aa7177bc6832596b2fe0d687b6c22b801d3ba59645a18cc90ccdd881ddfc7981 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  499f2a2736f7fa878f040184343d92c4a6ce1da880ec5496fb4253ad606aa43f \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  75a2181443cfe319d0cb144d6c79327896efe4b965f1c0b0cafdbc17dcebd939
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign    res:-b34c4b8aee09d770397b916a902cfa3064b3e3b187a8b1e1a8ddba105cb51ed9 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  c297c8d5376e20bd894f43fefae76d9a5229035c38a1ea6dadc1b51e71013d6f \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  9d64f8d7955f5188a8bb6d31f92fdb1576315d4208409bed143ac386aacc8fe4 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  e5401deb3e15c78f9fa47623f17d9810583a2878d3dd901c78cf31d1479687e1 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  b1a10af356a174aa918270bdeb0df651b5533a431e1d150d4dbd877d08a6b245 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  906790267a5eca2dffe4e3e4ba436dd9fb4b2f60402bf40b00e72de13ce49f95 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  5edad033615f31f53111abd1d00a10463cac98fd1e1f06b8a99c34aab5d46bc1 \
2026-03-13 11:35:40 gpg-agent[24369] DBG:                  6d987b72142acc446813da4996158c04918ab45ec91263e842a916ac78063346
2026-03-13 11:35:40 gpg-agent[24369] DBG: rsa_sign      => Success

More information about the Gnupg-users mailing list