Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. devel
importing keys with escaped "="
luca at luca
Jan 12, 1999, 8:03 AM
Post #1 of 7 (300 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,
I tried to import a pgp5.0 key with gpg 0.9.1 but it failed.
I imported it in pgp5.0i, exported and the re-imported in gpg. This time it
worked.
The difference was in what it seems are some escaped = in the last lines of
the key:

these are the last lines of the original key, which gpg couldn't import

lb8i6okAPwMFGDQFtubv+KfRwps1YhECloAAn1fEIQn2VUOoNA4zhGsh/7GMmGoV
AJ9tWyz5fDpcwQ08OHj1xOWMmHyA/g=3D=3D
=3D53Sc
-----END PGP PUBLIC KEY BLOCK-----

while the re-exported key was:

lb8i6okAPwMFGDQFtubv+KfRwps1YhECloAAn1fEIQn2VUOoNA4zhGsh/7GMmGoV
AJ9tWyz5fDpcwQ08OHj1xOWMmHyA/g==
=53Sc
-----END PGP PUBLIC KEY BLOCK-----

as you see the only difference is that the last 3 "===" were replaced by
"=3D=3D=3D" in the original key.
Is it a bug in gpg or in the pgp version used to export the original key? (the
comment says: PGP for Personal Privacy 5.0)


- --
Luca Olivetti | Tarifa Plana ya! http://tarifaplana.home.ml.org/
http://www.luca.ddns.org/ | FAQ http://www.luca.ddns.org/ptp-faq.html
- ----------------------------------------------------------------------------
UNETE A LA ASOCIACION DE INTERNAUTAS: HTTP://WWW.INTERNAUTAS.ORG



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE2m2RPCQPXTRx9NmQRAmQbAJ9/MaNYH2aiAsGWNlqNahReQhSMYwCgotOZ
ifxj62xNQDzW74OQ9BN3Zx8=
=1R1S
-----END PGP SIGNATURE-----
Re: importing keys with escaped "=" [ In reply to ]
cloos at jhcloos
Jan 12, 1999, 12:32 PM
Post #2 of 7 (298 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The use of `=3D' in place of a `=' is characteristic of MIME's
quoted-printable transfer encoding.

In short, the ascii-armoured key was mangled by the sender's MUA, but
not de-mangled by yours.

Since pgp to have accepted it, pgp must have code to recognize
ascii-armour which has been converted to quoted-printable and
to decode it on input. Adding such code to gpg ought to be
trivial. But, since I'm stuck here behind the ITAR-curtain [1]
I won't include a patch herein.

- -JimC

[1] Yes, I know it isn't ITAR anymore, but ITAR-curtain sounds better :)

- --
James H. Cloos, Jr. <http://www.jhcloos.com/cloos/public_key> 1024D/ED7DAEA6
<cloos@jhcloos.com> E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE2m6MzmXqfF+19rqYRAvF7AKCwboZ72VL1pDF6+rDRV1EP23rRggCePrA3
aLXiwIFa8F9aqrql1h4HGDw=
=xTf2
-----END PGP SIGNATURE-----
Re: importing keys with escaped "=" [ In reply to ]
cloos at jhcloos
Jan 12, 1999, 5:04 PM
Post #3 of 7 (301 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I wrote:

|> Since pgp to have accepted it, ...

[SIGH]. And I don't even remember *what* distracted me in the middle
of editing that paragraph....

Anyway, please s/pgp to have accepted/pgp accepted/.

- -JimC
- --
James H. Cloos, Jr. <http://www.jhcloos.com/cloos/public_key> 1024D/ED7DAEA6
<cloos@jhcloos.com> E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE2m+MkmXqfF+19rqYRAlYCAKCbO9XqeTv3R8sPAYrCAG1mJ3uhAwCghqk6
Y8sL04N2YYdOXUnhmStyB+I=
=LVeU
-----END PGP SIGNATURE-----
Re: importing keys with escaped "=" [ In reply to ]
wk at isil
Jan 13, 1999, 2:51 AM
Post #4 of 7 (302 views)
Permalink
"James H. Cloos Jr." <cloos@jhcloos.com> writes:

> Since pgp to have accepted it, pgp must have code to recognize
> ascii-armour which has been converted to quoted-printable and
> to decode it on input. Adding such code to gpg ought to be

But is it the goal of gpg to fix problems in some mailers? The
armor is simply not compliant to rfc2440 or rfc1991 and gpg
should tell you that. But dues to the motto: Create valid output but
try to accept even somewhat mangled input I can add this and print a
warning.

Hmmm, just checked - it is not so easy cause I have to do a look ahead
and the armor code still does not read complete lines I would have to
change this first.


Werner
Re: importing keys with escaped "=" [ In reply to ]
roessler at guug
Jan 13, 1999, 4:26 AM
Post #5 of 7 (303 views)
Permalink
On Wed, Jan 13, 1999 at 10:51:59AM +0100, Werner Koch wrote:

> But is it the goal of gpg to fix problems in some mailers? The
> armor is simply not compliant to rfc2440 or rfc1991 and gpg should
> tell you that. But dues to the motto: Create valid output but try
> to accept even somewhat mangled input I can add this and print a
> warning.

I'd suggest you stay with strict armor decoding. Yes, this involves
some problems for users of buggy software. Then again, bug reports
(possibly fixes) about such programs are a Good Thing (TM).

tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1
> Hi! I'm Signature Virus 99! Copy me into your signature and join the fun!
Re: importing keys with escaped "=" [ In reply to ]
wk at isil
Jan 13, 1999, 5:02 AM
Post #6 of 7 (299 views)
Permalink
Thomas Roessler <roessler@guug.de> writes:

> I'd suggest you stay with strict armor decoding. Yes, this involves
> some problems for users of buggy software. Then again, bug reports
> (possibly fixes) about such programs are a Good Thing (TM).

Too late already commitd to the CVS :-)

But I forgot to issue a warning - Now I will not issue a warning
but an error so that gpg return an errorcode.

Werner
Re: importing keys with escaped "=" [ In reply to ]
luca at luca
Jan 13, 1999, 11:33 AM
Post #7 of 7 (301 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> But is it the goal of gpg to fix problems in some mailers? The
> armor is simply not compliant to rfc2440 or rfc1991 and gpg
> should tell you that.

The funny thing is that I found that key on a web page
http://www.arnal.es/free/email.html

God knows how they got it there, though (i.e.: probably the owner of the key
mailed it to the maintainer of the web page).

Bye
- --
Luca Olivetti | Tarifa Plana ya! http://tarifaplana.home.ml.org/
http://www.luca.ddns.org/ | FAQ http://www.luca.ddns.org/ptp-faq.html
- ----------------------------------------------------------------------------
UNETE A LA ASOCIACION DE INTERNAUTAS: HTTP://WWW.INTERNAUTAS.ORG



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE2nObyCQPXTRx9NmQRAi3BAKCleEkC38idSkNponiZVljMjGBzrgCeOnAt
EqTQMQgMCVz/JK8zOI/3BAE=
=W7Mo
-----END PGP SIGNATURE-----

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal