search

vsajip / python-gnupg

A Python API for the GNU Privacy Guard (GnuPG). Encrypt, decrypt, sign and verify your data using Python! N.B. This repository has been migrated from Mercurial on 2019-11-16, so references to commits before this date will refer to the Mercurial source and not this Git repository. The migration is marked by a commit that adds a .gitignore file.
https://docs.red-dove.com/python-gnupg/
Other
107 stars 29 forks source link

GPG message with multiple signatures #21

Closed vsajip closed 6 years ago

vsajip commented 10 years ago

Original report by Anonymous.

From what I understant gpg.verify will return a result with information about the last valid signature it encounters while parsing GPG's output.

Any suggestions on how to handle this if I were to write a patch?

vsajip commented 6 years ago

Should be fixed in b72bbe0.

vsajip commented 10 years ago

Sorry, I don't quite understand. A patch to do what, exactly?

vsajip commented 10 years ago

Original comment by Anonymous.

A patch that makes gpg.verify give me an array of keyids/fingerprints.

Some examples of multiple signing: http://lists.gnupg.org/pipermail/gnupg-users/2013-July/047118.html

I haven't really tested anything yet, but reading the code makes me think I can't do this with the current version. Please correct me if I'm wrong.

vsajip commented 10 years ago

Is this an officially supported feature of GnuPG? How does one use GnuPG to add multiple signatures?

vsajip commented 10 years ago

Original comment by Ben McGinnes (Bitbucket: benmcginnes, ).

Yes it is an officially supported feature of GPG and it is used to handle transitioning from one key to another (e.g. the shift from DSA keys back to RSA a few years ago).

BTW, since GPG 2.1 is nearly at the end of the beta cycle, this will become more of an issue soon when people start adopting EC keys in the not too distant future.

vsajip commented 10 years ago

Original comment by Anonymous.

Vinay, you could do it like this if you have two keys on your secring : gpg --sign -u me@home -u me@work

vsajip commented 10 years ago

Then I suppose to be consistent, this functionality would also need to be supported (currently, only one signer is assumed both for signing and verification). Tests and docs would need updating. For backward compatibility, the existing API shouldn't change, but the object that collects results could grow a new list attribute to which all collected signatures are added. The keyid and passphrase parameters in the signing APIs would need to accept sequences of key ids and corresponding passphrases, with error checking for equal lengths etc.

vsajip commented 10 years ago

Also, if this functionality is available for GPG2 only, we would need to check for that.

vsajip commented 10 years ago

Original comment by Ben McGinnes (Bitbucket: benmcginnes, ).

No, it's available in 1.4.x and has been available for a long time. I still use the 1.4 branch because it's easier to customise before compiling (I tweak the max key sizes and secure memory). Anyway, I transitioned from my DSA/ElGamal key a bit over 2 years ago to my current RSA/ElGamal key (yeah, that's possible too) and created a transition document with just such a double signature. It's here:

http://www.adversary.org/keyswitch.txt.asc

Feel free to test with it, but verification should show good signatures from 0x371AC5BFA04AE313 (the old key) and 0x321E4E2373590E5D (the current one), though as it is a message the latter key will have used the 0x7FF2D37135C7553C signing subkey.

Yeah, here it is:

bash4-4.3$ gpg -v --verify keyswitch.txt.asc 
gpg: armor header: Hash: SHA512
gpg: original file name=''
gpg: Signature made Sun 29 Jul 12:08:05 2012 AEST
gpg:                using DSA key 0x371AC5BFA04AE313
gpg: Good signature from "Ben McGinnes <ben@adversary.org>"
gpg:                 aka "Ben McGinnes <ben-work@adversary.org>"
gpg:                 aka "Ben McGinnes (A secondary address - primary address is still ben@adversary.org) <benmcginnes@gmail.com>"
gpg: textmode signature, digest algorithm SHA512
gpg: Signature made Sun 29 Jul 12:08:05 2012 AEST
gpg:                using RSA key 0x7FF2D37135C7553C
gpg: using subkey 0x7FF2D37135C7553C instead of primary key 0x321E4E2373590E5D
gpg: Good signature from "Ben McGinnes <ben@adversary.org>"
gpg:                 aka "Ben McGinnes (backup email address) <benmcginnes@gmail.com>"
gpg:                 aka "Ben McGinnes <ben.mcginnes@pirateparty.org.au>"
gpg:                 aka "Ben McGinnes <ben.mcginnes@pirate.org.au>"
gpg: textmode signature, digest algorithm SHA512
bash4-4.3$

Obviously the time is local to me, but you should see the same thing.

vsajip commented 10 years ago

@benmcginnes Thanks, this is helpful. I'm a little busy at the moment but I hope to look at this soon. If @abfg wants to have a go at a patch along the lines I suggested above, I'll be happy to have a look at it.

vsajip commented 6 years ago

Original changes by Vinay Sajip (Bitbucket: vinay.sajip, GitHub: vsajip).

changed content from "From what I understant gpg.verify will return a result with information about the last valid signature it encounters while parsing GPG's output.

Any suggestions on how to handle this if I were to write a patch? " to "From what I understant gpg.verify will return a result with information about the last valid signature it encounters while parsing GPG's output.

Any suggestions on how to handle this if I were to write a patch?"; changed state from "new" to "resolved"

vsajip commented 9 years ago

Original changes by Vinay Sajip (Bitbucket: vinay.sajip, GitHub: vsajip).

removed "0.3.7" milestone