Maniphest T3311

Compliance: Verification of DSA signatures fails with invalid public key algorithm
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	aheinecke
	Jul 27 2017, 3:03 PM

Tags

Subscribers

Description

C:\Users\aheinecke>gpg --verify .gitconfig.sig
gpg: Signatur vom 07/27/17 14:54:04 MitteleuropΣische Sommerzeit
gpg:                mittels DSA-Schlüssel BD0E2862A2E6055732F2E36E70610F8E7263C1A5
gpg: key 70610F8E7263C1A5 not suitable for signature verification while in --compliance=de-vs mode
gpg: Signatur kann nicht geprüft werden: Ungültiges Public-Key-Verfahren

Funny enough verifying a signature made by a nistp signing key works

C:\Users\aheinecke>gpg --verify file_for_nistp.sig
gpg: Signatur vom 07/27/17 15:01:06 MitteleuropΣische Sommerzeit
gpg:                mittels ECDSA-Schlüssel 6AEC19EA353DF4808391E137DCF6C87DCEE4512F
gpg: Korrekte Signatur von "Nist Test <nist@foo.bar>" [ultimativ]

This is with beta-167 containing your latest fixes.

Revisions and Commits

rG GnuPG
	rG6502bb0d2af5 gpg: Tweak compliance checking for verification

Related Objects
Search...

		Status	Assigned	Task
		Resolved	• werner	T3307 de-vs compliance mode problems
		Resolved	• werner	T3311 Compliance: Verification of DSA signatures fails with invalid public key algorithm
		Resolved	aheinecke	T3312 Compliance: Invalid Public key Algorithm results in GPGME reporting System Error

Event Timeline

aheinecke created this task.Jul 27 2017, 3:03 PM

aheinecke mentioned this in T3312: Compliance: Invalid Public key Algorithm results in GPGME reporting System Error.

aheinecke created subtask T3312: Compliance: Invalid Public key Algorithm results in GPGME reporting System Error.

To make it easier to reproduce

a dsa key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQMuBFl5sj4RCADKL2w71dlZ/EofCZcZ0JB05GmUSL/QXWcrzl5q3PJIWcFcHRb/
oBum6ycwQgJii3d2OyBWiPqCnVdqYYifxnWLRUOF+AIxOKqPa1Lm4KvnykOirNoB
kcpS3rqPzYjLI5ZolahTfIrLQPWoA4Q4iuHbj5XUxaHgfWl8M7du6v1ZWdvhATJj
fmskQPgJYRZws2FwZPcy+hBV17HBwHwi0YHmMssWhL5Ze0GrbyP+Nv7mVgrczc3r
DpbNfuNJ4/XLEY/c75bXGDt/3orxR9Yao+m1uuIIc22y+Vo/teZ5Gy69iQMb/tPt
Y2qr1B8WbtZeIVExK5BnmUxlAd0hL+s8M+87AQCETlM6kA+CktVh+5ni9ef86LDg
mo5z3XJQ7Jl3ILObuwgAxgO55BrmnJ9tIGOrR5HqqcXSS5Rw2X1+0hK+Zrtlgegi
+dIWq+neMp7jfkpCzQf7h8Zl4sNRpHBGXQ8hJl+huKYjMSRl4v+mGrbUmS8jRJ+L
fiW8Eio1Jib3x+RlDumQ233GxtIj4unvb7jF5cxXEkpK27RVmYhkR4mI61tr+y/b
TV6XkHGMn+XYSg7ZJtllFTJSJkjT4mHi5RJCVt+8lgtb6uoYf85T/Hn8oGwv5Q/H
nWRawMezAPF4nHRG+8qQDCNFdqqt8y50QX9ROe3D7wmNMp7A6/IosfPpu1KVzxIJ
HEkoFeQArqbIo+YPC7QYXxavAUuL4fPt1Z/grs/ShQf9Fu6c5yyvGQcqyWjqpnPD
xjW+YyNgJwtX1vpNXBlRGy7d3Nr6TIlYmf7LCAjmSut+bu7q38+NLQyap62IIt4G
5NAr7jYf7MI2ec2thiPg3TTFI7GbRdrQrvBjeS1SXOb7O17gbCgvV7zhzvamccyg
06ApKEs0ZYpW1FwOd6Zvwj/awtmFHjeWdHv5b8iTQqie3Bsv+TrxnQ7gA3e31lt5
XRNRRqmXRI6YQL4oSW5oQUV2UBqg/v7O41qKgP/n+FoPvCPV4VsE48+XeUHwH/pR
u4DJwROUvQ09YY0Zd2za7laamcmbBkvOmTz2Fr+VYTmkHLZTXG/cQc/MuQ/0GQJw
2bQgRFNBIFdpdGggU2VjcmV0IDxkc2FzZWNAZm9vLmJhcj6IkAQTEQgAOBYhBL0O
KGKi5gVXMvLjbnBhD45yY8GlBQJZebI+AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4B
AheAAAoJEHBhD45yY8GlG2IBAINrlh5bEfAzan1I/UDFlEU9PWJV+RjgSjht5qXF
4Q5tAP9sPWVmpnxVv3wQR4MUHRxV40/m743AUAfv41+Gj1lGebkCDQRZebI+EAgA
sD5MhtkYyWvizlKhd3hQ0WrfaRCC9CYftUwGtZCnhgHRBOw15m/GywZrsqccBSTW
Ddq3btOdV7ZGInfIMadqfx3Ui4ZTNb23SYOwE4vaZmrd3IVlK4LQ37b7a6BH6LTE
009fQ7LqlGlcknRpLZV3a+WEt86nMoLM78qyqIVIO9RL0F89fMQR+EqwPjXhFR6o
u0u1zwboEsy7IG9OqJtrR901xeYPN7jmRUnLz6+WRr2lee+X02/Xo5mIkDZjY0Rg
SywOPxKmCdsYKal/b55hPZes1wdSk7oQaKDOv33Znj7idAOuEe5AjQDmmQ+mfx+v
9kDy2UOCi9XV3yBd3BAIkwADBgf9H2Sey4Ed3TG4uQ2T+GG88dp/bQcBLiiT+a9q
J+RNE21iOFUFYoONXDvxFK7by3tplAP21VNu9nn3TqadDcdibv2rMsiIW4ZYF1jo
JPCZsGdvRH953tOsFfPsT0VTEa2M96Gzl+WDd/zDfmPzdHhU/7CjbaqNPvWA3sPs
A1d1e5gq9UDbcwdRr02jcM3ApPc3fiit70q8lZFvFmxxXGAECyv7RTm2ORKm+bQm
4rnd7rrY8nyVdYtttJOxp0oNZOACjMpD52lV6DWLhj8xGbyf8/URTKC19aT16x2y
80T/i67439UyPDEg9oNHwh3WIpgBi7BSi6cNYz0QJZ3TeEEi6Ih4BBgRCAAgFiEE
vQ4oYqLmBVcy8uNucGEPjnJjwaUFAll5sj4CGwwACgkQcGEPjnJjwaWenQD+NZbM
wKwzbQLp8x9BOjmg0ow673sQEl4iO/aEGLoBh7wA/i5fruQMpe8zcUviTMxxZxti
6Kw7kBKp04nLf9cL4vjk
=wuTK
-----END PGP PUBLIC KEY BLOCK-----

And a signed message from it:

-----BEGIN PGP MESSAGE-----
                                                                                                                                                                                                                                             
owGbwMvMwCFYkMjfV5R8cCnjacUkhsjK565+pUUKaYf3FCmkpOYpuKQmlaanpyYV                                                                                                                                                                             
JZYmZ3B1lLIwCHIwyIopsuzl00ha9Iw13OjT4zyYEaxMQP05DFycAjARYxOG/4nX                                                                                                                                                                             
1z0rcrSU+mZmf0L0gbBqxyc5032X65Kml89t64tdIsfw3+OETCyj6OET8VrHKx1+                                                                                                                                                                             
/uvsUeZuUgpkXr8s5/E2xS9FZQA=                                                                                                                                                                                                                 
=WKQv                                                                                                                                                                                                                                        
-----END PGP MESSAGE-----

aheinecke closed subtask T3312: Compliance: Invalid Public key Algorithm results in GPGME reporting System Error as Resolved.Jul 27 2017, 3:48 PM

• werner added a commit: rG6502bb0d2af5: gpg: Tweak compliance checking for verification.Jul 27 2017, 4:27 PM

• werner closed this task as Resolved.Jul 27 2017, 4:28 PM