Page MenuHome GnuPG

gpgv 2.1.x should be able to use a keybox for --keyring arguments
Closed, ResolvedPublic


using 2.1.5, i tried to use gpgv with a keybox as my --keyring, and it did not work:

0 dkg@monkey:~$ gpgv --version
gpgv (GnuPG) 2.1.5
libgcrypt 1.6.3
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
0 dkg@monkey:~$ file foo.kbx
foo.kbx: GPG keybox database version 1, created-at Wed Nov 30 16:43:01 2014,
last-maintained Sun May 24 09:54:50 2015
0 dkg@monkey:~$ gpgv --keyring foo.kbx test.txt.sig test.txtgpgv: keyblock gpgv:
Signature made Wed 01 Jul 2015 01:14:28 AM EDT using RSA key ID 1BFDFA5C
gpgv: [don't know]: invalid packet (ctb=00)
gpgv: keydb_search failed: Invalid packet
gpgv: Can't check signature: No public key
2 dkg@monkey:~$

gpg 2.1.x can use either simple keyrings or keyboxes with --keyring arguments.
Can we provide gpgv with the same functionality?


Due Date
Jul 31 2015, 2:00 AM

Event Timeline

dkg added projects: Feature Request, gnupg.
dkg added a subscriber: dkg.
werner set Due Date to Jul 31 2015, 2:00 AM.Jul 21 2015, 3:49 PM

With my tests it works with keyrings when specified using --keyring.

However, gpgv should also work with a keybox by default. This is now

trustedkeys.kbx is now the default. If that does not exists gpgv also tries to
use trustedkeys.gpg (keybox or keyring) for backward compatibility. Right there
is a minor backward compatibility problem if a file "trustedkeys.kbx" alread
exists and you migrate to 2.1 - but I do not think that this is a real world

werner added a project: Restricted Project.Aug 7 2015, 3:55 PM
werner claimed this task.
werner removed a project: Restricted Project.