RSA v4 keys

taurus1 taurus1 at hotpop.com
Sat Nov 15 02:43:26 CET 2003 

Hello David Shaw,

On Fri, 14 Nov 2003 07:54:27 -0500, you wrote:
<big snip here>
   >> :signature packet: algo 1, keyid 63FCD21A4A5C8066
>>         version 3, created 1068589973, md5len 5, sigclass 18
>>         digest algo 2, begin of digest d1 62
>>         data: [2048 bits]
>
>Nothing is broken here.  You have a v3 signature on your subkey, which
Is this explicit in the quoted text above?

>implicitly makes it a sign+encrypt subkey.  When GnuPG sees a usable
>subkey, it uses it instead of the primary.  PGP can't make signatures
>with subkeys, so it uses the primary.  Everything is working as it
>should.
Understood.

>That said, while the key is valid, the makeup of the key
>is... eccentric.  You have a self-signature with class 10, which GnuPG
>doesn't generate.  PGP does generate it, but it wouldn't have put
>Blowfish in the preferences.  Then you have a v3 subkey binding
>signature which neither GnuPG or PGP generates.  The key flags are
>missing completely, making your primary key into a "sign+encrypt" key.
>
Thank you for elucidating this to us.

>What did you use to make this key?
I think used pgpckt08, but I make a similar key using gpg with WinPT front
end with same results, (will test it again).

After I read your post, I made a sig only RSA key and an encrypt sub key,
using gpg command line, and it works as expected.;o)

You need a passphrase to unlock the secret key for
user: "Test2 <test2 at test.mail>"
2048-bit RSA key, ID 263EE8D8, created 2003-11-15

gpg: writing to `c:\windows\temp\~gpgtray.tmp'
gpg: RSA signature from: "263EE8D8 Test2 <test2 at test.mail>"

**************************
Here are list-packets output of test2 key:

C:\GnuPG>gpg --export 263EE8D8 | gpg --list-packets
gpg: writing to stdout
:public key packet:
        version 4, algo 1, created 1068859781, expires 0
        pkey[0]: [2048 bits]
        pkey[1]: [6 bits]
:user ID packet: "Test2 <test2 at test.mail>"
:signature packet: algo 1, keyid D8AD2D5D263EE8D8
        version 4, created 1068859781, md5len 0, sigclass 13
        digest algo 2, begin of digest a5 f4
        hashed subpkt 2 len 4 (sig created 2003-11-15)
        hashed subpkt 27 len 1 (key flags: 03)
        hashed subpkt 11 len 6 (pref-sym-algos: 9 8 7 3 2 1)
        hashed subpkt 21 len 2 (pref-hash-algos: 2 3)
        hashed subpkt 22 len 2 (pref-zip-algos: 2 1)
        hashed subpkt 30 len 1 (features: 01)
        hashed subpkt 23 len 1 (key server preferences: 80)
        subpkt 16 len 8 (issuer key ID D8AD2D5D263EE8D8)
        data: [2047 bits]
:public sub key packet:
        version 4, algo 1, created 1068860188, expires 0
        pkey[0]: [4096 bits]
        pkey[1]: [6 bits]
:signature packet: algo 1, keyid D8AD2D5D263EE8D8
        version 4, created 1068860188, md5len 0, sigclass 18
        digest algo 2, begin of digest 8a 56
        hashed subpkt 2 len 4 (sig created 2003-11-15)
        hashed subpkt 27 len 1 (key flags: 0C)
        subpkt 16 len 8 (issuer key ID D8AD2D5D263EE8D8)
        data: [2046 bits]

Thank you for your support.
-- 
taur

More information about the Gnupg-users mailing list