GnuPG 2.4.4 still using legacy packets?

Loup Vaillant loup at loup-vaillant.fr
Tue Nov 11 10:44:01 CET 2025 

Hi,

I'm currently trying to implement OpenPGP signatures to sign my code. 
RFC 9580 is fairly readable, but it’s not crystal clear how people do 
signatures in practice, so I used GnuPG as a reference.  Version 2.4.4, 
as installed by default on my Ubuntu 24.04.

I made a signature with the following command:

     gpg --detach-sign monocypher-4.0.2.tar.gz

Here’s the hex dump of the resulting file:

     0000  88 75 04 00 16 0a 00 1d  16 21 04 bb bc 09 18 65
     0010  b9 94 0a 37 ca 9a df 86  40 f6 ba 7b ff b3 4a 05
     0020  02 69 12 0d 2c 00 0a 09  10 86 40 f6 ba 7b ff b3
     0030  4a fb 3b 00 fe 3f a0 ab  23 e1 5f df e2 21 a2 5b
     0040  2b 9b 01 5d 7c 9a 8d ec  da ac c8 85 96 24 94 bf
     0050  f9 da 57 86 a8 00 f9 01  10 75 54 63 b2 86 7d a7
     0060  7d 13 f5 5e cb 09 82 f9  c2 11 84 4d ae dc 9f fb
     0070  4a 5a e3 8d 82 76 0f
     0077

Reading the RFC, the first bytes should contain a packet header.
The first byte is the Encoded Packet Type ID.  So:

     0x88 = 0b10001000

Broken down, I get:

     10  : Legacy format
     0010: 2 (SIG)
     00  : Length is encoded in one byte

So the next byte, 0x75, should be the length of the body.  Which matches 
the length of my file (0x77 bytes total, minus the 2-byte header).  I 
have yet to decipher the rest of the packet, but that’s not my main 
concern right now. My question is, *did GnuPG really produce a legacy 
packet?*

The RFC states that is should not:

 > The Legacy packet format SHOULD NOT be used to generate new data,
 > unless the recipient is known to only support the Legacy packet
 > format. This latter case is extremely unlikely, as the Legacy packet
 > format was obsoleted by [RFC2440] in 1998.

As far as I can tell, version 2.4.4 is from last year.  And yet it 
outputs *by default* a legacy format that was obsoleted 26 years prior? 
I must be missing something.  Either I read the hex dump wrong, or 
there’s a justification behind GnuPG’s use of the legacy format.  If 
someone could explain, I’d be very grateful.

Thanks,
Loup.

More information about the Gnupg-users mailing list