Page MenuHome GnuPG
Create Task
Maniphest T1685

gpgme keyserver import incompatible with SKS 1.1.5
Closed, ResolvedPublic
Actions

Description

With SKS 1.1.5 keyservers return the full fingerprint in response to a search of
a v4 key.

According to http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2
this is ok. But gpgme internally only reserves 16 byte for the keyid that it
parses from the keyserver response. If the response is longer it is ignored and
the key lookup fails.

As the 16 byte restriction is part of _gpgme_subkey changing it would break ABI
compatibility. As a workaround I would propose to just use the last 8 characters
of the fingerprint as Keyid in gpgme. (See attached patch)

Werner do you think this would be ok? (Maybe as a fix until a ABI breaking
version is released?)

Related Objects

Event Timeline

aheinecke added projects: Keyserver, Bug Report, gpgme.Aug 12 2014, 4:20 PM
aheinecke added subscribers: emanuel, aheinecke, werner.
aheinecke added a comment.Aug 12 2014, 4:31 PM

D209: 447_keylist-shortening.patch

werner added a comment.Aug 12 2014, 7:00 PM

There is no guarantee that you will see a keyid at all. The keyid and the
fingerprint are actually different objects and it is only for v4 key format that
you can compute the keyid from the fingerprint. We have to implement this
knowledge into gpgme.

Meanwhile I did this and master does now work as expected. It even returns the
fingerprint if available. You may this with the also enhanced gpgme-tool.

While working on it I also fixed the --search-key thing for gnupg master.

werner added a project: Restricted Project.Aug 12 2014, 7:00 PM
aheinecke added a comment.Aug 12 2014, 7:16 PM

Tested the patch with 1.4.4 on Windows against
vm-keyserver.spline.inf.fu-berlin.de which did not work previously.

Patch is also included in gpg4win now.

Thanks!

aheinecke closed this task as Resolved.Aug 12 2014, 7:16 PM
aheinecke removed a project: Restricted Project.
aheinecke mentioned this in T1670: GPGME does not parse key id from keyserver when longer than 8 digits.Mar 30 2017, 7:13 PM