[Pkg-haskell-maintainers] Bug#764618: hopenpgp-tools: hot fails when it encounters a stripped secret key

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Oct 9 16:11:04 UTC 2014 

Package: hopenpgp-tools
Version: 0.11-1
Severity: normal

gpg lets you export secret keys with the primary key missing via
--export-secret-subkeys.

When it does this, it marks the primary key's secret parts as
encrypted with the gnu-dummy S2K ID (101, from the experimental range)
and then doesn't bother to include the secret subkey material at all.

Below shows the different ways that this info is interpreted by
pgpdump, "gpg --list-packets", and "hot dump"

hot dump actually fails to show *anything* when it encounters this
packet.

"hot dump" should play nicer and not fail :)

Thanks for hopenpgp-tools!

   --dkg

1 jj955 at alice:~$ gpg --list-secret-keys
/home/jj955/.gnupg/secring.gpg
------------------------------
sec#  2048R/97A9A5A0 2014-10-08
uid                  monkey man <avawefwf at example.com>
ssb   2048R/0875BC2C 2014-10-08

0 jj955 at alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | hot dump
hot (hopenpgp-tools) 0.11
Copyright (C) 2012-2014  Clint Adams
hot comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions.
hot: Unknown S2K
1 jj955 at alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | gpg --list-packets
:secret key packet:
	version 4, algo 1, created 1412809939, expires 0
	skey[0]: [2048 bits]
	skey[1]: [17 bits]
	gnu-dummy S2K, algo: 0, simple checksum, hash: 0
	protect IV: 
	keyid: 7507557D97A9A5A0
:user ID packet: "monkey man <avawefwf at example.com>"
:signature packet: algo 1, keyid 7507557D97A9A5A0
	version 4, created 1412809939, md5len 0, sigclass 0x13
	digest algo 8, begin of digest 0d b9
	hashed subpkt 2 len 4 (sig created 2014-10-08)
	hashed subpkt 27 len 1 (key flags: 03)
	hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
	hashed subpkt 21 len 5 (pref-hash-algos: 8 9 10 11 2)
	hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
	hashed subpkt 30 len 1 (features: 01)
	hashed subpkt 23 len 1 (key server preferences: 80)
	subpkt 16 len 8 (issuer key ID 7507557D97A9A5A0)
	data: [2047 bits]
:secret sub key packet:
	version 4, algo 1, created 1412809939, expires 0
	skey[0]: [2048 bits]
	skey[1]: [17 bits]
	iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: abae83536af46295
	protect count: 20971520 (228)
	protect IV:  7a 88 7b 81 56 23 8f 78 6f df 5d 6c ec a1 4b e8
	encrypted stuff follows
	keyid: 7F8AD0AA0875BC2C
:signature packet: algo 1, keyid 7507557D97A9A5A0
	version 4, created 1412809939, md5len 0, sigclass 0x18
	digest algo 8, begin of digest 4e c0
	hashed subpkt 2 len 4 (sig created 2014-10-08)
	hashed subpkt 27 len 1 (key flags: 0C)
	subpkt 16 len 8 (issuer key ID 7507557D97A9A5A0)
	data: [2047 bits]
0 jj955 at alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | pgpdump
Old: Secret Key Packet(tag 5)(277 bytes)
	Ver 4 - new
	Public key creation time - Wed Oct  8 19:12:19 EDT 2014
	Pub alg - RSA Encrypt or Sign(pub 1)
	RSA n(2048 bits) - ...
	RSA e(17 bits) - ...
	Sym alg - Plaintext or unencrypted data(sym 0)
	GnuPG string-to-key(s2k 101)
	Encrypted RSA d
	Encrypted RSA p
	Encrypted RSA q
	Encrypted RSA u
	Encrypted checksum
Old: User ID Packet(tag 13)(33 bytes)
	User ID - monkey man <avawefwf at example.com>
Old: Signature Packet(tag 2)(311 bytes)
	Ver 4 - new
	Sig type - Positive certification of a User ID and Public Key packet(0x13).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA256(hash 8)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Wed Oct  8 19:12:19 EDT 2014
	Hashed Sub: key flags(sub 27)(1 bytes)
		Flag - This key may be used to certify other keys
		Flag - This key may be used to sign data
	Hashed Sub: preferred symmetric algorithms(sub 11)(4 bytes)
		Sym alg - AES with 256-bit key(sym 9)
		Sym alg - AES with 192-bit key(sym 8)
		Sym alg - AES with 128-bit key(sym 7)
		Sym alg - Triple-DES(sym 2)
	Hashed Sub: preferred hash algorithms(sub 21)(5 bytes)
		Hash alg - SHA256(hash 8)
		Hash alg - SHA384(hash 9)
		Hash alg - SHA512(hash 10)
		Hash alg - SHA224(hash 11)
		Hash alg - SHA1(hash 2)
	Hashed Sub: preferred compression algorithms(sub 22)(3 bytes)
		Comp alg - ZLIB <RFC1950>(comp 2)
		Comp alg - BZip2(comp 3)
		Comp alg - ZIP <RFC1951>(comp 1)
	Hashed Sub: features(sub 30)(1 bytes)
		Flag - Modification detection (packets 18 and 19)
	Hashed Sub: key server preferences(sub 23)(1 bytes)
		Flag - No-modify
	Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x7507557D97A9A5A0
	Hash left 2 bytes - 0d b9 
	RSA m^d mod n(2047 bits) - ...
		-> PKCS-1
Old: Secret Subkey Packet(tag 7)(966 bytes)
	Ver 4 - new
	Public key creation time - Wed Oct  8 19:12:19 EDT 2014
	Pub alg - RSA Encrypt or Sign(pub 1)
	RSA n(2048 bits) - ...
	RSA e(17 bits) - ...
	Sym alg - AES with 128-bit key(sym 7)
	Iterated and salted string-to-key(s2k 3):
		Hash alg - SHA1(hash 2)
		Salt - ab ae 83 53 6a f4 62 95 
		Count - 20971520(coded count 228)
	IV - 7a 88 7b 81 56 23 8f 78 6f df 5d 6c ec a1 4b e8 
	Encrypted RSA d
	Encrypted RSA p
	Encrypted RSA q
	Encrypted RSA u
	Encrypted SHA1 hash
Old: Signature Packet(tag 2)(287 bytes)
	Ver 4 - new
	Sig type - Subkey Binding Signature(0x18).
	Pub alg - RSA Encrypt or Sign(pub 1)
	Hash alg - SHA256(hash 8)
	Hashed Sub: signature creation time(sub 2)(4 bytes)
		Time - Wed Oct  8 19:12:19 EDT 2014
	Hashed Sub: key flags(sub 27)(1 bytes)
		Flag - This key may be used to encrypt communications
		Flag - This key may be used to encrypt storage
	Sub: issuer key ID(sub 16)(8 bytes)
		Key ID - 0x7507557D97A9A5A0
	Hash left 2 bytes - 4e c0 
	RSA m^d mod n(2047 bits) - ...
		-> PKCS-1
0 jj955 at alice:~$ 


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages hopenpgp-tools depends on:
ii  libbz2-1.0   1.0.6-7
ii  libc6        2.19-11
ii  libffi6      3.1-2
ii  libgmp10     2:6.0.0+dfsg-6
ii  libnettle4   2.7.1-3
ii  libyaml-0-2  0.1.6-2
ii  zlib1g       1:1.2.8.dfsg-2

hopenpgp-tools recommends no packages.

hopenpgp-tools suggests no packages.

-- debconf-show failed

More information about the Pkg-haskell-maintainers mailing list