[pkg-gnupg-maint] Upgrading sid to 2.2.42?

Andreas Metzler ametzler at bebt.de
Sun Feb 11 07:48:36 GMT 2024 

On 2024-02-11 Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On Sat 2024-02-10 13:03:31 +0100, Andreas Metzler wrote:
> > I just did quick check with 2.2.42 --generate-key and --quick-generate-key.
> > Afaict from gnupg's view AEAD is not set fo the new key:

> thanks for these tests!  can you forward me the certificates from the
> public keys that you generated?  I'd be interested in looking at them
> with other tooling if possible.

Good morning,

sure. - Find attached both key data and encypted test data.

[...]
> I think the biggest test will be to encrypt a message to this key using
> GnuPG 2.4.x and see whether it can be read from rnp/thunderbird.  It
> doesn't look to me like that was included in the tests described above.

Tried that. However Debian's rnp seems to be very accomodating, I have
failed to generate a key/encrypted data taht it could not decrypt. I also
tried with 2.4.4 unpatched both with default keytype and rsa/rsa.

===========================
testit at argenau:~$ rnp --decrypt  < encrypted/enc_for_2.4.4+unpatched.rsa\@example.com_with_2.4.4+unpatched.asc
blah encrypted with 2.4.4+unpatched for 2.4.4+unpatched.rsa at example.com
testit at argenau:~$ /dev/shm/GNUPG2/2.4.4+unpatched/usr/bin/gpg --decrypt --verbose < encrypted/enc_for_2.4.4+unpatched.rsa\@example.com_with_2.4.4+unpatched.asc
gpg: enabled compatibility flags:
gpg: public key is 055AECF88CEE4987
gpg: using subkey 055AECF88CEE4987 instead of primary key BBE48401018A243C
gpg: encrypted with rsa3072 key, ID 055AECF88CEE4987, created 2024-02-11
      "2.4.4+unpatched.rsa at example.com"
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.4)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: problem with fast path key listing: IPC parameter error - ignored
gpg: AES256.OCB encrypted data
gpg: original file name=''
blah encrypted with 2.4.4+unpatched for 2.4.4+unpatched.rsa at example.com
===========================

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test-data.tar.xz
Type: application/x-xz
Size: 47580 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20240211/d21911e1/attachment-0001.xz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20240211/d21911e1/attachment-0001.sig>

More information about the pkg-gnupg-maint mailing list