Page MenuHome GnuPG
Create Task
Maniphest T1396

Subkey expiring breaks other subkeys
Closed, WontfixPublic
Actions

Description

If key contains more than one subkey, and I edit non-first subkey, GPG breaks
first subkey signature. At first look everything seems OK, all keys are valid
and works. But if you try to export-import, GPG will filter broken first
subkey. Expiration date of edited key stays unchanged.

I've made key with 3 subkeys and exported it to original.asc. Then I've
imported this file 3 times, expire one subkey and export whole key. Now if you
try to import it - you will get expected behavior with first file and erroneous
in others.

I suppose that GPG always edit first subkey signature, not corresponding one.

I've attached my test files, password "test".

Details

Version
1.4.16, 2.0.22

Event Timeline

NoN added a subscriber: NoN.Mar 29 2012, 12:23 PM

343_test.zip21 KBDownload

NoN added projects: gnupg, Bug Report.Mar 29 2012, 12:23 PM
NoN set Version to 1.4.11 (d64aa7).
werner added a subscriber: werner.Apr 5 2012, 8:57 PM

Please explain in detail (step by step), what you did. What OS are you using?
Thanks.

NoN added a comment.Apr 5 2012, 9:26 PM

I'm using Linux Mint 12 Lisa, and I've tested on built-in 1.4.11 and on custom
built latest revision in repository - d64aa7.

  1. I've created key with Primary key (P0), and 3 subkeys (S1, S2, S3). Export

this key for further tests.

  1. Change expiration date of first subkey (S1). Everything seems OK.
  2. Export whole key, remove it from gpg, import again - Everything is OK.
  3. Back to step 2 - remove key, import original one.
  4. Change expiration date of second or third subkey (S2, S3). Everything seems

OK again.

  1. Export whole key, remove it from gpg, import again - we've missed S1 subkey,

and expiration date of changed subkey left as in step 1.

I've analyzed changes on each step via gpgsplit. My conclusion: GPG always edit
S1 subkey signature. Editing non-first subkey (S2, S3, S4…) edits (breaks) S1
signature. S2¸ S3… signatures leaved unchanged. GPG checks subkey signature
only at import. User doesn't know about subkeys breakage until he reexport it.

NoN added a comment.May 30 2012, 7:43 PM

Do you need more information, or you can confirm and reproduce bug with given
description?

werner set Due Date to Nov 30 2012, 1:00 AM.Nov 8 2012, 5:26 PM
neal added a subscriber: neal.Nov 17 2015, 3:28 PM

I just tried following the steps using gpg2 (2.1.9) and I can't reproduce the
problem. It would be good if we had an exact sequence of commands that
reproduced the problem.

NoN added a comment.Nov 23 2015, 12:26 AM

Thank you for quick response)

I couldn't build and test 2.1.9 right now, but bug is still here in 1.4.16 and
2.0.22.

I've created test script for this case:
https://gist.github.com/anton-ryzhov/a0dcfcaabe18fc6ad35e

Run ./gen.sh in some working folder and then try ./runtest.sh several times,
expire different subkeys, compare the result.

NoN changed Version from 1.4.11 (d64aa7) to 1.4.16, 2.0.22.Nov 23 2015, 12:26 AM
werner removed Due Date.Jan 11 2016, 3:17 PM
marcus closed this task as Wontfix.Jun 30 2017, 10:55 PM
marcus claimed this task.
marcus added a project: Too Old.
marcus added a subscriber: marcus.

I have verified that it works fine in 2.1.21. I did not test 2.0.30, but that's very old, just use the latest 2.1.x version. gpg 1.4 also only receives critical fixes.

marcus added a comment.Jun 30 2017, 10:56 PM

Btw, if you want to use the test script, you have to use "gpg2 --keyid-format short".

werner added a comment.Jul 1 2017, 12:19 PM

That's fine. The 2.0 branch will reach EOL in 6 months and we will
probably only do a last maintenance release. No need to backport this
fix, though.