Page MenuHome GnuPG

Problems with cv25519 pub subkeys and elder GnuPG 2 versions
Closed, InvalidPublic

Description

Some GnuPG 2 versions have problems dealing with pubkeys that have cv25519 subkeys.

This issue is to track the problem and document possible solutions,
potentially a patch for old stable revisions like Ubuntu LTS 14.04.

Defect

Encryption to the pubkey fails.
Reproducable with Werner Koch's pubkey

Observation, the following command fails:
gpg2 --encrypt -r F2AD85AC1E42B367 anyfile.txt

Error messages are:

2.0.11: gpg: error computing keygrip

2.0.22: can't encode a 256 bit key in a 0 bits frame

Workaround

Delete the problematic subkey, e.g. (for Werner's key)

if you have a modern gpg2:

  gpg2 --edit F2AD85AC1E42B367
    key 7F3B7ED4319BCCA8
    delkey

otherwise (for example with gpg 2.0.22)
you need to look at the order and select the right number with key
to select the subkey.

Reproduction

(Session on Ubuntu GNU/Linux with http://packages.ubuntu.com/trusty/gnupg2
Version:2.0.22-3ubuntu1.3)

bash
export GNUPGHOME=~/tmp/dot.gnupg
mkdir $GNUPGHOME
chmod -R go-rwx ~/tmp/dot.gnupg/
export LANG=C

gpg2 --keyserver=keys.gnupg.net --recv-keys F2AD85AC1E42B367

echo hi >hi.txt
gpg2 -v --encrypt -r F2AD85AC1E42B367 hi.txt

gpg: can't handle public key algorithm 22
gpg: can't handle public key algorithm 18
gpg: using subkey 319BCCA8 instead of primary key 1E42B367
gpg: using PGP trust model
gpg: 319BCCA8: There is no assurance this key belongs to the named user

pub 0e/319BCCA8 2017-01-01 Werner Koch <wk@gnupg.org>
Primary key fingerprint: 8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367

      Subkey fingerprint: AEFA FFC5 F2D6 38C6 4946  F67C 7F3B 7ED4 319B CCA8

It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
gpg: reading from `hi.txt'
gpg: writing to `hi.txt.gpg'
gpg: Ohhhh jeeee: can't encode a 256 bit key in a 0 bits frame
Aborted (core dumped)

gpg2 --edit F2AD85AC1E42B367
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

pub 2048D/1E42B367 created: 2007-12-31 expires: 2018-12-31 usage: SC

trust: unknown       validity: unknown

sub 0?/1DEC358D created: 2017-01-01 expires: never usage: S
sub 0e/319BCCA8 created: 2017-01-01 expires: 2018-12-30 usage: E
sub 2048R/FA8FE1F9 created: 2008-03-21 expired: 2011-12-30 usage: E
sub 2048R/C193565B created: 2011-11-07 expired: 2013-12-31 usage: E
sub 2048R/664D7444 created: 2014-01-02 expired: 2016-12-31 usage: E
sub 2048R/560A3555 created: 2017-01-01 expires: 2018-12-30 usage: E
sub 1024D/77F95F95 created: 2011-11-02 expires: never usage: S
[ unknown] (1). Werner Koch <wk@gnupg.org>
[ unknown] (2) Werner Koch <wk@g10code.com>
[ unknown] (3) Werner Koch <werner@eifzilla.de>

gpg> key 2

pub 2048D/1E42B367 created: 2007-12-31 expires: 2018-12-31 usage: SC

trust: unknown       validity: unknown

sub 0?/1DEC358D created: 2017-01-01 expires: never usage: S
sub* 0e/319BCCA8 created: 2017-01-01 expires: 2018-12-30 usage: E
sub 2048R/FA8FE1F9 created: 2008-03-21 expired: 2011-12-30 usage: E
sub 2048R/C193565B created: 2011-11-07 expired: 2013-12-31 usage: E
sub 2048R/664D7444 created: 2014-01-02 expired: 2016-12-31 usage: E
sub 2048R/560A3555 created: 2017-01-01 expires: 2018-12-30 usage: E
sub 1024D/77F95F95 created: 2011-11-02 expires: never usage: S
[ unknown] (1). Werner Koch <wk@gnupg.org>
[ unknown] (2) Werner Koch <wk@g10code.com>
[ unknown] (3) Werner Koch <werner@eifzilla.de>

gpg> delkey
Do you really want to delete this key? (y/N) y

pub 2048D/1E42B367 created: 2007-12-31 expires: 2018-12-31 usage: SC

trust: unknown       validity: unknown

sub 0?/1DEC358D created: 2017-01-01 expires: never usage: S
sub 2048R/FA8FE1F9 created: 2008-03-21 expired: 2011-12-30 usage: E
sub 2048R/C193565B created: 2011-11-07 expired: 2013-12-31 usage: E
sub 2048R/664D7444 created: 2014-01-02 expired: 2016-12-31 usage: E
sub 2048R/560A3555 created: 2017-01-01 expires: 2018-12-30 usage: E
sub 1024D/77F95F95 created: 2011-11-02 expires: never usage: S
[ unknown] (1). Werner Koch <wk@gnupg.org>
[ unknown] (2) Werner Koch <wk@g10code.com>
[ unknown] (3) Werner Koch <werner@eifzilla.de>

gpg> save

gpg2 -v --encrypt -r F2AD85AC1E42B367 hi.txt
gpg: can't handle public key algorithm 22
gpg: using subkey 560A3555 instead of primary key 1E42B367
gpg: using PGP trust model
gpg: 560A3555: There is no assurance this key belongs to the named user

pub 2048R/560A3555 2017-01-01 Werner Koch <wk@gnupg.org>
Primary key fingerprint: 8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367

      Subkey fingerprint: 49B7 D6B1 F47C EC05 42A4  3174 29D7 46E5 560A 3555

It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
gpg: reading from `hi.txt'
File `hi.txt.gpg' exists. Overwrite? (y/N) y
gpg: writing to `hi.txt.gpg'
gpg: RSA/AES256 encrypted for: "560A3555 Werner Koch <wk@gnupg.org>"

Details

Version
2.0.22, 2.1.11, 2.1.13

Event Timeline

bernhard set Version to 2.0.22, 2.1.11, 2.1.13.Feb 23 2017, 2:22 PM
bernhard added projects: gnupg, Bug Report.
bernhard added a subscriber: bernhard.
werner removed a project: Bug Report.
werner added a subscriber: werner.

Ubuntu uses a bad combination of an older gpg version and a more current
libgcrypt version. We can't do anything about it. Someone may want to escalate
this to Ubuntu; they should definitely get an update out.