User Details
- User Since
- Mar 27 2017, 4:47 PM (403 w, 2 d)
- Availability
- Available
Nov 23 2015
Thank you for quick response)
I couldn't build and test 2.1.9 right now, but bug is still here in 1.4.16 and
2.0.22.
I've created test script for this case:
https://gist.github.com/anton-ryzhov/a0dcfcaabe18fc6ad35e
Run ./gen.sh in some working folder and then try ./runtest.sh several times,
expire different subkeys, compare the result.
May 30 2012
Do you need more information, or you can confirm and reproduce bug with given
description?
Apr 5 2012
I'm using Linux Mint 12 Lisa, and I've tested on built-in 1.4.11 and on custom
built latest revision in repository - d64aa7.
- I've created key with Primary key (P0), and 3 subkeys (S1, S2, S3). Export
this key for further tests.
- Change expiration date of first subkey (S1). Everything seems OK.
- Export whole key, remove it from gpg, import again - Everything is OK.
- Back to step 2 - remove key, import original one.
- Change expiration date of second or third subkey (S2, S3). Everything seems
OK again.
- Export whole key, remove it from gpg, import again - we've missed S1 subkey,
and expiration date of changed subkey left as in step 1.
I've analyzed changes on each step via gpgsplit. My conclusion: GPG always edit
S1 subkey signature. Editing non-first subkey (S2, S3, S4…) edits (breaks) S1
signature. S2¸ S3… signatures leaved unchanged. GPG checks subkey signature
only at import. User doesn't know about subkeys breakage until he reexport it.