Page MenuHome GnuPG
Create Task
Maniphest T3804

--export-options export-minimal,export-clean includes multiple subkey binding signatures when only one is necessary
Closed, ResolvedPublic
Actions

Description

Consider trying to export a public key with a subkey, where that subkey's expiration date or other configuration settings have been updated:

$ gpg --export-options export-minimal,export-clean --export AB9942E6D4A4CFC3412620A749FC7012A5DE03AE | gpg --list-packets | grep ^:
:public key packet:
:user ID packet: "REDACTED <REDACTED>"
:signature packet: algo 1, keyid 49FC7012A5DE03AE
:public sub key packet:
:signature packet: algo 1, keyid 49FC7012A5DE03AE
:signature packet: algo 1, keyid 49FC7012A5DE03AE
:signature packet: algo 1, keyid 49FC7012A5DE03AE
$

both export-clean and export-minimal should drop two of the three subkey binding signatures, and only export the most relevant one.

The most relevant binding signature for a given subkey should be (first match wins):

  • the most recent cryptographically-valid revocation signature, or
  • if signing-capable, the most recent cryptographically-valid signature with a cryptographically-valid cross-sig, or
  • if not signing-capable, the most recent cryptographically-valid signature

Of course, if there is no match at all, the subkey should not be emitted at all anyway in these modes.

Details

Version
2.2.5

Revisions and Commits

rG GnuPG
rG61562fe00027 gpg: Remove multiple subkey bindings during export-clean.
rG76989d5bd89e gpg: Remove multiple subkey bindings during export-clean.

Related Objects

Event Timeline

dkg created this task.Feb 23 2018, 12:28 AM
dkg created this object in space S1 Public.

This is similar to T3622, but it's not the same thing.

werner triaged this task as Normal priority.Apr 6 2018, 4:39 PM
werner raised the priority of this task from Normal to High.May 28 2018, 7:11 PM
werner added a commit: rG76989d5bd89e: gpg: Remove multiple subkey bindings during export-clean..Jul 9 2018, 12:15 PM
werner closed this task as Resolved.Jul 9 2018, 12:17 PM
werner claimed this task.
werner added a subscriber: werner.

Fixed for 2.2.9.

It is not that easy to create such a case because import meanwhile removes such dups. I created a test case by commenting out

else
  n->flag |= NODE_DELETION_MARK; /* older */

in import.c:check_self_sigs. The deletion works the same way as done in import by looking at a flag set during merge_keys.

werner added a commit: rG61562fe00027: gpg: Remove multiple subkey bindings during export-clean..Jul 9 2018, 12:17 PM