Page MenuHome GnuPG

batch signature fails with imported ed25519 signing key as of 2.2.34
Closed, ResolvedPublic


The script

highlights a failure that was introduced in rG14de7b1e5904e78fcbe413a82d0f19b750bd8830.

The failure appears to happen when:

  • batch importing an Ed25519 secret key which is not cryptographically protected
  • the secret key's first bit is set -- that is, the secret key is an MPI with size 256 bits.
  • the signature is made in batch mode

It looks to me like the problem has to do with something about secret key storage being in "native" form, and a bad interaction with pinentry, but I don't fully understand why. Without --batch, the import wants to ask for a new passphrase on import as well, in ways that it didn't before.

Here's a run of the script.

0 $ ./signing-failure
++ mktemp -d
+ workdir=/home/dkg/tmp/tmp.KXfHhms78v
+ mkdir -p -m 0700 /home/dkg/tmp/tmp.KXfHhms78v/g
+ echo test
+ cat
+ gpg --homedir /home/dkg/tmp/tmp.KXfHhms78v/g --batch --allow-secret-key-import --import /home/dkg/tmp/tmp.KXfHhms78v/test.key
gpg: keybox '/home/dkg/tmp/tmp.KXfHhms78v/g/pubring.kbx' created
gpg: /home/dkg/tmp/tmp.KXfHhms78v/g/trustdb.gpg: trustdb created
gpg: key A7D5EC0AD6ADB051: public key "test key" imported
gpg: key A7D5EC0AD6ADB051: secret key imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
+ gpg --homedir /home/dkg/tmp/tmp.KXfHhms78v/g --batch --local-user 'test key' --armor --detach-sign /home/dkg/tmp/tmp.KXfHhms78v/test.txt
gpg: signing failed: Invalid argument
gpg: signing failed: Invalid argument
2 $

The attached patch

solves the problem, but only at the cost of effectively reverting rG14de7b1e5904e78fcbe413a82d0f19b750bd8830.

This change caused breakage in debian's sbuild package's autopkgtest script in two places:

  • it caused an --import to fail (because --batch was not provided)
  • when --batch was provided on --import, gpg failed to make a signature with the key in question, with an error message `


External Link

Event Timeline

gniibe triaged this task as High priority.
gniibe added a subscriber: gniibe.

Thank you for the report.

I was careless about the internal of GnuPG 2.2 where 00 is added to be interpreted as unsigned.

Reverting the commit is the right thing here, I suppose. The issue T5120 should be fixed in more conservative way (as we won't touch handling of MPI in gpg-agent).

gniibe removed a project: Restricted Project.Jul 7 2022, 6:51 AM

Fixed in 2.2.36.