Hoi, On zondag 12 september 2021 19:57:17 CEST Sandro Knauß wrote: > I'm quite sure, that this is not the issue of Kmail, as Kmail is using the > GPGME to talk to gpg. So it will be an issue of libqgpgme7. Ok. I noticed the issue in KMail, so I reported it against that package. Feel free to reassign to an (more) appropriate package. > But first make sure, that you are really have an valid bug. Please verify the > signature in a konsole via gpg --verify. I expect, that it will fail with > the same error. How can I do that? I've saved the msg as an mbox file and ran 'gpg --verify' on it: gpg --verify Joostvb-orig-signed-msg.mbox gpg: no signed data gpg: can't hash datafile: No data That looks weird as it's certainly a signed msg. Let's try mutt (me = mutt newbie): mutt -f Joostvb-orig-signed-msg.mbox I see "1 Ns <date> <Joost ....> ...." ; <Enter> to view it and I see: [-- Begin signature information --] Good signature from: Joost E. van Baal (Nederland, 1970) aka: <other identities from Joost> .... created: <date-time-stamp> [-- End signature information --] After 'i' to Exit, the lowercase 's' turned into a capital 'S'. Which IIUC indicates a valid signature. So mutt seems happy. ~/.gnupg/gpg.conf had the debian-keyring enabled. After disabling debian-keyring: gpg --verify Joostvb-orig-signed-msg.mbox gpg: no signed data gpg: can't hash datafile: No data mutt -f Joostvb-orig-signed-msg.mbox I see "1 s <date> <Joost ....> ...." ; <Enter> to view it and I see: [-- Begin signature information --] Good signature from: Joost E. van Baal (Nederland, 1970) aka: <other identities from Joost> .... created: <date-time-stamp> [-- End signature information --] After Exit, the lowercase 's' turned into a capital 'S' again. So with mutt everything _looks_ the same with the debian-keyring enabled or disabled, while there is a difference in KMail. > Keep in mind that Joot's using a subkey to sign ( 0x54F1A66317486713), this > subkey needs to be available also to verify the signature. > > > When doing "gpg --list-keys 0x57930DAB0B86B067" (or long key ID) > > (with "list-options show-keyring=yes" in my gpg.conf) I see the same key > > present in my keyring (pubring.kbx) and in Debian's debian-keyring.gpg. > > As I was told you alsoways have to use --with-colons when using > gpg --list-keys --with-colons to get ideas about the key status. With debian-keyring disabled: $ gpg --with-colons --list-keys 0x57930DAB0B86B067 tru::1:1631360998:1645731991:3:1:5 pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23:1630521551:1 http\x3a//keyring.debian.org\x3a11371: fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067: uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970):::::::::1630521551:1: uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>:::::::::1630521551:1: uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>:::::::::1630521551:1: uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>:::::::::1630521551:1: uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>:::::::::1630521551:1: uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>:::::::::1630521551:1: uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>:::::::::1630521551:1: uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić:::::::::1630521551:1: sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23: fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E: sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23: fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980: sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23: fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8: sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23: fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713: sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23: fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B: sub:e:2048:1:88FEF971404CA6BE:1318359224:1476039224:::::e::::::23: fpr:::::::::2A3FED2354D9264FBF0184D688FEF971404CA6BE: sub:e:4096:1:5B19798443FF7C14:1129128610:1223736610:::::e::::::23: fpr:::::::::7C2AB7A44CD6F96538CD88F05B19798443FF7C14: sub:e:4096:1:8A551DB0EC34F0AE:1223447782:1318055782:::::e::::::23: fpr:::::::::9B60E5A6C3DBCAB264A56F4E8A551DB0EC34F0AE: With debian-keyring enabled: $ gpg --with-colons --list-keys 0x57930DAB0B86B067 tru::1:1631360998:1645731991:3:1:5 pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23:1630521551:1 http\x3a//keyring.debian.org\x3a11371: fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067: uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970):::::::::1630521551:1: uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>:::::::::1630521551:1: uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>:::::::::1630521551:1: uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>:::::::::1630521551:1: uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>:::::::::1630521551:1: uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>:::::::::1630521551:1: uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>:::::::::1630521551:1: uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić:::::::::1630521551:1: sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23: fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E: sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23: fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980: sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23: fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8: sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23: fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713: sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23: fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B: sub:e:2048:1:88FEF971404CA6BE:1318359224:1476039224:::::e::::::23: fpr:::::::::2A3FED2354D9264FBF0184D688FEF971404CA6BE: sub:e:4096:1:5B19798443FF7C14:1129128610:1223736610:::::e::::::23: fpr:::::::::7C2AB7A44CD6F96538CD88F05B19798443FF7C14: sub:e:4096:1:8A551DB0EC34F0AE:1223447782:1318055782:::::e::::::23: fpr:::::::::9B60E5A6C3DBCAB264A56F4E8A551DB0EC34F0AE: pub:f:4096:1:57930DAB0B86B067:1129127891:::f:::scESC::::::23::0: fpr:::::::::B8FAC2E250475B8CE940A91957930DAB0B86B067: uid:f::::1129129467::D3568B2F561D7D224C0894CE39E650FC67F0755B::Joost E. van Baal (Nederland, 1970)::::::::::0: uid:f::::1129129236::404399E9298441B5AFF1F09D9A6314F6D0DF12FF::Joost van Baal <joostvb@mdcc.cx>::::::::::0: uid:f::::1129129331::06AF0BE4F14BBC6BEDF47674B6BCD74AEBBA5FA5::Joost van Baal <J.E.vanBaal@uvt.nl>::::::::::0: uid:f::::1129129295::83F7EC80DEAB05929AE4829E7FE6A07468F1B557::Joost van Baal <joostvb@debian.org>::::::::::0: uid:f::::1129129358::ECC854CC7EAFC26121A339FF41A0D1917097C7D7::Joost van Baal <joostvb@enosig.org>::::::::::0: uid:f::::1129129385::1857D9EC456DEEE1C4FC2C1207E9C2B9A8F844E2::Joost van Baal <joostvb@logreport.org>::::::::::0: uid:f::::1223447825::0BC514AB9B9027517C311BEDC30A59E551EB4D16::Joost van Baal <joostvb@ad1810.com>::::::::::0: uid:f::::1318359511::9E04CD3B93ECF31B7BAC1315EBAE5D5B987EF556::Joost van Baal-Ilić::::::::::0: sub:e:4096:1:A96539F624525E9E:1129128272:1223736272:::::s::::::23: fpr:::::::::C5B85256C175C10CBD0832A4A96539F624525E9E: sub:e:4096:1:F98CBB23C0BC6980:1223447515:1318055515:::::s::::::23: fpr:::::::::ABB0F0BF85D70496B35D0B7CF98CBB23C0BC6980: sub:e:2048:1:33517A72A5E6B0C8:1318359158:1476039158:::::s::::::23: fpr:::::::::B9563AB8479744C26035A9F933517A72A5E6B0C8: sub:f:4096:1:54F1A66317486713:1476171990:1728387017:::::s::::::23: fpr:::::::::92AAD901B21B4BC79A47A03054F1A66317486713: sub:f:4096:1:F4E66A7265F23E7B:1476172439:1728387066:::::e::::::23: fpr:::::::::A9202D9E6ADD2C7E7301DEE8F4E66A7265F23E7B: So it looks Joost's key in my keyring is not identical to the one from debian-keyring, but both do contain 0x54F1A66317486713 I'm not familiar with gpg at all, so I don't know what if any consequence the small difference has, but I hope you do. > So far I know gnupg does want to get rid of multiple keyrings statched > together. So maybe you find one of the bugs with statching. But you may get > more up-to-date news from gnupg mantainers in Debian. In case it's relevant: ================================================================ $ gpg --version gpg (GnuPG) 2.2.27 libgcrypt 1.9.4 Copyright (C) 2021 Free Software Foundation, Inc. License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/diederik/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 ================================================================ $ cat ~/.gnupg/gpg.conf # Disable inclusion of the version string in ASCII armored output no-emit-version # Display long key IDs keyid-format 0xlong # List all keys (or the specified ones) along with their fingerprints with-fingerprint # Show which keyring the keyrings are coming from list-options show-keyring=yes keyring /usr/share/keyrings/debian-keyring.gpg ================================================================ The tests/experiments have been by placing/removing a '#' on that last line. Cheers, Diederik
Attachment:
signature.asc
Description: This is a digitally signed message part.