Hoi,
On zondag 12 september 2021 19:57:17 CEST Sandro Knauß wrote:
> I'm quite sure, that this is not the issue of Kmail, as Kmail is using the
> GPGME to talk to gpg. So it will be an issue of libqgpgme7.
Ok. I noticed the issue in KMail, so I reported it against that package.
Feel free to reassign to an (more) appropriate package.
> But first make sure, that you are really have an valid bug. Please verify the
> signature in a konsole via gpg --verify. I expect, that it will fail with
> the same error.
How can I do that?
I've saved the msg as an mbox file and ran 'gpg --verify' on it:
gpg --verify Joostvb-orig-signed-msg.mbox
gpg: no signed data
gpg: can't hash datafile: No data
That looks weird as it's certainly a signed msg.
Let's try mutt (me = mutt newbie):
mutt -f Joostvb-orig-signed-msg.mbox
I see "1 Ns <date> <Joost ....> ...." ; <Enter> to view it and I see:
[-- Begin signature information --]
Good signature from: Joost E. van Baal (Nederland, 1970)
aka: <other identities from Joost>
....
created: <date-time-stamp>
[-- End signature information --]
After 'i' to Exit, the lowercase 's' turned into a capital 'S'.
Which IIUC indicates a valid signature.
So mutt seems happy. ~/.gnupg/gpg.conf had the debian-keyring enabled.
After disabling debian-keyring:
gpg --verify Joostvb-orig-signed-msg.mbox
gpg: no signed data
gpg: can't hash datafile: No data
mutt -f Joostvb-orig-signed-msg.mbox
I see "1 s <date> <Joost ....> ...." ; <Enter> to view it and I see:
[-- Begin signature information --]
Good signature from: Joost E. van Baal (Nederland, 1970)
aka: <other identities from Joost>
....
created: <date-time-stamp>
[-- End signature information --]
After Exit, the lowercase 's' turned into a capital 'S' again.
So with mutt everything _looks_ the same with the debian-keyring
enabled or disabled, while there is a difference in KMail.
> Keep in mind that Joot's using a subkey to sign ( 0x54F1A66317486713), this
> subkey needs to be available also to verify the signature.
>
> > When doing "gpg --list-keys 0x57930DAB0B86B067" (or long key ID)
> > (with "list-options show-keyring=yes" in my gpg.conf) I see the same key
> > present in my keyring (pubring.kbx) and in Debian's debian-keyring.gpg.
>
> As I was told you alsoways have to use --with-colons when using
> gpg --list-keys --with-colons to get ideas about the key status.
With debian-keyring disabled:
$ gpg --with-colons --list-keys 0x57930DAB0B86B067
tru::1:1631360998:1645731991:3:1:5
pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23:1630521551:1 http\x3a//keyring.debian.org\x3a11371:
fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067:
uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970):::::::::1630521551:1:
uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>:::::::::1630521551:1:
uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>:::::::::1630521551:1:
uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>:::::::::1630521551:1:
uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>:::::::::1630521551:1:
uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>:::::::::1630521551:1:
uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>:::::::::1630521551:1:
uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić:::::::::1630521551:1:
sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23:
fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E:
sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23:
fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980:
sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23:
fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8:
sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23:
fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713:
sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23:
fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B:
sub:e:2048:1:88FEF971404CA6BE:1318359224:1476039224:::::e::::::23:
fpr:::::::::2A3FED2354D9264FBF0184D688FEF971404CA6BE:
sub:e:4096:1:5B19798443FF7C14:1129128610:1223736610:::::e::::::23:
fpr:::::::::7C2AB7A44CD6F96538CD88F05B19798443FF7C14:
sub:e:4096:1:8A551DB0EC34F0AE:1223447782:1318055782:::::e::::::23:
fpr:::::::::9B60E5A6C3DBCAB264A56F4E8A551DB0EC34F0AE:
With debian-keyring enabled:
$ gpg --with-colons --list-keys 0x57930DAB0B86B067
tru::1:1631360998:1645731991:3:1:5
pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23:1630521551:1 http\x3a//keyring.debian.org\x3a11371:
fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067:
uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970):::::::::1630521551:1:
uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>:::::::::1630521551:1:
uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>:::::::::1630521551:1:
uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>:::::::::1630521551:1:
uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>:::::::::1630521551:1:
uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>:::::::::1630521551:1:
uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>:::::::::1630521551:1:
uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić:::::::::1630521551:1:
sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23:
fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E:
sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23:
fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980:
sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23:
fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8:
sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23:
fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713:
sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23:
fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B:
sub:e:2048:1:88FEF971404CA6BE:1318359224:1476039224:::::e::::::23:
fpr:::::::::2A3FED2354D9264FBF0184D688FEF971404CA6BE:
sub:e:4096:1:5B19798443FF7C14:1129128610:1223736610:::::e::::::23:
fpr:::::::::7C2AB7A44CD6F96538CD88F05B19798443FF7C14:
sub:e:4096:1:8A551DB0EC34F0AE:1223447782:1318055782:::::e::::::23:
fpr:::::::::9B60E5A6C3DBCAB264A56F4E8A551DB0EC34F0AE:
pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23::0:
fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067:
uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970)::::::::::0:
uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>::::::::::0:
uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>::::::::::0:
uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>::::::::::0:
uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>::::::::::0:
uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>::::::::::0:
uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>::::::::::0:
uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić::::::::::0:
sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23:
fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E:
sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23:
fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980:
sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23:
fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8:
sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23:
fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713:
sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23:
fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B:
So it looks Joost's key in my keyring is not identical to the one
from debian-keyring, but both do contain 0x54F1A66317486713
I'm not familiar with gpg at all, so I don't know what if any consequence
the small difference has, but I hope you do.
> So far I know gnupg does want to get rid of multiple keyrings statched
> together. So maybe you find one of the bugs with statching. But you may get
> more up-to-date news from gnupg mantainers in Debian.
In case it's relevant:
================================================================
$ gpg --version
gpg (GnuPG) 2.2.27
libgcrypt 1.9.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/diederik/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
================================================================
$ cat ~/.gnupg/gpg.conf
# Disable inclusion of the version string in ASCII armored output
no-emit-version
# Display long key IDs
keyid-format 0xlong
# List all keys (or the specified ones) along with their fingerprints
with-fingerprint
# Show which keyring the keyrings are coming from
list-options show-keyring=yes
keyring /usr/share/keyrings/debian-keyring.gpg
================================================================
The tests/experiments have been by placing/removing a '#' on that last line.
Cheers,
DiederikAttachment:
signature.asc
Description: This is a digitally signed message part.