Page MenuHome GnuPG
Create Task
Maniphest T7531

`--assert-pubkey-algo` does not behave as documented
Open, LowPublic
Actions

Description

gpg(1) says about --assert-pubkey-algo:

With this option gpg (and also gpgv) is guaranteed to return with an exit code of 0 if and only if all valid signatures on data are made using a matching algorithm from the given list.

but this appears to be incompatible with the description of the return code logic for gpgv(1):

The program returns 0 if everything is fine, 1 if at least one signature was bad, and other error codes for fatal errors.

In particular, if an *invalid* signature on data is present, but all valid signatures satisfy --assert-pubkey-algo, then gpg(1) says it should return 0 but gpgv(1) says that it should return 1.

Realistically, the behavior most consumers will be looking for isn't either documented behavior. Most consumers want to know whether *at least one* valid signature meeting the cryptographic bar provided by --assert-pubkey-algo exists, regardless of what other garbage happens to sit alongside that valid, strong signature.

Details

Version
2.4.7

Event Timeline

dkg created this task.Wed, Feb 12, 10:53 PM
dkg added a comment.Wed, Feb 12, 11:02 PM

a demonstration:

0 $ gpgv --assert-pubkey-algo '>=rsa2048 =ed25519' --keyring ./apples.cert --keyring ./oranges.cert test.txt.2.asc test.txt
gpgv: Signature made Wed 12 Feb 2025 04:36:34 PM EST
gpgv:                using EDDSA key FCC8D2DEE3F540134376DD0098F6142A344D9701
gpgv: Good signature from "apples"
gpgv: asserted signer 'FCC8D2DEE3F540134376DD0098F6142A344D9701' with algo ed25519
gpgv: Signature made Wed 12 Feb 2025 04:36:34 PM EST
gpgv:                using RSA key 0F54EF7970BD985BEF8A4D49DF29966E82C3F83A
gpgv: BAD signature from "oranges"
1 $

Since all valid signatures satisfy --assert-pubkey-algo, according to gpg(1) this should be guaranteed to return 0. However, it returns 1.

apples.cert249 BDownload

oranges.cert660 BDownload

test.txt23 BDownload

test.txt.2.asc646 BDownload

werner triaged this task as Low priority.Thu, Feb 13, 8:50 AM