search

eduvpn / eduvpn-common

Code to be shared between eduVPN clients
MIT License
5 stars 3 forks source link

Development PGP key invalid #36

Closed hamarituc closed 6 months ago

hamarituc commented 6 months ago

The development key in keys/app+linux+dev@eduvpn.org.asc cannot be parsed by recent GnuPG

$ cat /usr/share/openpgp-keys/eduvpn-dev.asc
----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZTkiAhYJKwYBBAHaRw8BAQdAdREDbNbEDNvOtNxwcwFLoaAOhdwJSkpddxn4
qniBqee0RWVkdVZQTiBMaW51eCBEZXYgQXBwIFJlcG9zaXRvcnkgU2lnbmluZyBL
ZXkgPGFwcCtsaW51eCtkZXZAZWR1dnBuLm9yZ4iZBBMWCgBBFiEEenPWKtDwhFca
Mslg1XEEv5siPL8FAmU5IgICGwMFCRLMAwAFCwkIBwICIgIGFQoJCAsCBBYCAwEC
HgcCF4AACgkQ1XEEv5siPL/rrgD/caiME81fUtpqCnKgGXD2ntAg2M2mSpk7IfHe
J/Ih1bgA/i3uQOWFhur1r3I1ufxaaS0YjIIMZisSugTc5cWJ0isC
=orU4
-----END PGP PUBLIC KEY BLOCK-----
$ LANG=C gpg /usr/share/openpgp-keys/eduvpn-dev.asc
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: no valid OpenPGP data found.
gpg: processing message failed: Unknown system error

I am using the most recent version of GnuPG.

$ LANG=C gpg --version
gpg (GnuPG) 2.4.4
libgcrypt 1.10.3-unknown
Copyright (C) 2024 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Many distributions use GnuPG to verify signatures. So this issue effectively prevents me from distributing this version for Gentoo Linux. I am unsure if it's a bug in GnuPG as Sequoia reads the key.

$ sq inspect /usr/share/openpgp-keys/eduvpn-dev.asc
/usr/share/openpgp-keys/eduvpn-dev.asc: OpenPGP Certificate.

    Fingerprint: 7A73D62AD0F084571A32C960D57104BF9B223CBF
Public-key algo: EdDSA
Public-key size: 256 bits
  Creation time: 2023-10-25 14:11:14 UTC
Expiration time: 2033-10-22 14:11:14 UTC (creation time + 9years 11months 27days 21h 50m 24s)
      Key flags: certification, signing

         UserID: eduVPN Linux Dev App Repository Signing Key <app+linux+dev@eduvpn.org

Can you please check your key generation routine first for some uncommon key parameters?

hamarituc commented 6 months ago

Nevermind :see_no_evil: For some reason one hyphen character of the initial key header got lost during copy and paste from GitHub into the Gentoo Package. Sorry for the noise :man_facepalming:.