Greetings,
I have tried to verify GnuPG-signed documents with PGP 5.0i,
(the newest available international version of PGP for unix
computers), with the following results:
- I could import my GnuPG-generated public-key block into PGP
with no problem.
- When I clearsign the document, PGP verifies the signature
with no problem.
- However, when I merely do 'gpg -s' or 'gpg -a -s', then PGP
dies with signal 11 (segmentation violation).
Of course, part of the blame must be placed on PGP 5.0i (even
with incorrect data the program should not segfault), but
since GnuPG claims to be compatible with PGP, it appears to
me that GnuPG needs some more work in this area also.
Here is a message which PGP 5.0i segfaults on
-----BEGIN PGP MESSAGE-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org
owJ4nJvAy8zAJGi/TnTjXVcWZ8Y1fUnsBekFJanFJeapP4VDMlIV8pOyUpNLMsuA
rDSFkozMYgWQrAKIzldIzkhNzgaKJpYoeCoUpeam5ialFgH5qQp5qeUKBYnFxQUZ
RYnFqVyJeSkg9WWpRZlplTANyYl5CqXFqQoB7gEIwxIVijPT8xJLSotS9bg67JlZ
GUAugblQkCn4B8P8fGujSg6hhZorWtu3Ln5/r1altd+GYX6CS4bzPmmRO5MT9Gwz
NaZkFk2ZdhoAeFVRFQ==
=49nM
-----END PGP MESSAGE-----
and here is the public key corresponding to the signature of that
message
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDdhEXIRBAChQ4E1fr9dgk0EFXSG+b7f5sBrGqALlg6D/W1VppOiHHQu5769
SJDG2jcnGivF1N2C7Fc9a0+e4h0w7yBIivfUIxxc08B3qNSYK9FxC042Nzg12wK9
Rn/Ce+uW2ZuiNVUPygY9z7sMpuJvURGE4+cCh/r5m4/5DTyE9heKCO6nSwCg3MzL
hujjsDKNfL6NGSjRIxQN3SsD/RKsZQH6X54z5h28TOfBT5fEMWGViRD9ILvoRkXm
1yeMx4kCeTD/Y4TWGH7N1MSn/U0JXrkxOZi7tY9IvHJstJRnrP4dwNx8vmnC+TJF
rVIPPlKUP8SzwR+f/tj8jzVRGgZk2Gmzj+FVhqZzyRfeWIuJN7X/P31HBQxdkQCd
zpWZA/972QNjNrzm2o+856KpAuFBeQ5uVVrBmTGPfMC3E3GvgkVnhrv0/M1YgZlw
QvLpE8DoJavSaNxpagUrV4BHePr7nYFwI6YUN6/61zo6vbPidamFFOoSCmvItQaU
j/FwSAqrTMO5vKEnTMUZgicR3+SuAIBXfSQ/yLyfL00mdIwLF7Q4Tm9yYmVydCBC
b2xsb3cgKGNhc3VhbCBzZWN1cml0eSBrZXkpIDxuYkB0aGlua2NvYWNoLmNvbT6I
VQQTEQIAFQUCN2ERcgMLCgMDFQMCAxYCAQIXgAAKCRA/rhWx3UUEQzb4AJ4juLh7
Qibsvd0ybUAHeFPLv7QqBQCfdfz6XxqDL6HYKaJirkCXi0ZZ/8m0M05vcmJlcnQg
Qm9sbG93IChjYXN1YWwgc2VjdXJpdHkga2V5KSA8bmJAcG9ib3guY29tPohVBBMR
AgAVBQI3YRInAwsKAwMVAwIDFgIBAheAAAoJED+uFbHdRQRDiHcAn1KC/BTce0UK
pNLNYSutpgbIxdzvAKCUt2ktRWMMRoV+pPKQaObr7FVo77kBDQQ3YRF4EAQA/LMz
dq0TqamN6l4G8zlhJOavNjzGitC3Y/TFIyz0AdN//oPrCyIyXdeTZZ/np99Qpm3G
CwdHEp536RuRsS7AQE8LlvIdUtEDQ/MxpxY0h0DuEH4RzRwRfbHgh8TYzh/k4UVY
HlEiih7hUesZLCZi7QK/92DXpVJG78pDwWWtUHcAAwUEALgDwyvHdew98R5THDF7
P5fAOB+u5bWi7QjPUOSNfZ6aHT6KHSk0ucqdmIrD5N+TV72H40eH5P67AZyr3soU
yGF2lSlu417Lxf9t+buSckiTNTVs7xG6qM3meyOvtdnVLzv2bZP7gNFczIDSnQ72
e0RYsaY7AWske7uHIF3Om2XLiEYEGBECAAYFAjdhEXgACgkQP64Vsd1FBENU3wCf
aD5dEg0e8dKbfahmDniJQ6+rt24An3x8kF2I5vnZwBism04xv/TZrnwu
=9Zxu
-----END PGP PUBLIC KEY BLOCK-----
norbert@quill:~/crypto > pgpv pgptest1.asc
Received signal 11.
May blessings from the eternal God surprise and overtake you!
Norbert.
--
New snail mail address: Norbert Bollow, Weidlistr. 18, CH-8624 Gruet.
I have tried to verify GnuPG-signed documents with PGP 5.0i,
(the newest available international version of PGP for unix
computers), with the following results:
- I could import my GnuPG-generated public-key block into PGP
with no problem.
- When I clearsign the document, PGP verifies the signature
with no problem.
- However, when I merely do 'gpg -s' or 'gpg -a -s', then PGP
dies with signal 11 (segmentation violation).
Of course, part of the blame must be placed on PGP 5.0i (even
with incorrect data the program should not segfault), but
since GnuPG claims to be compatible with PGP, it appears to
me that GnuPG needs some more work in this area also.
Here is a message which PGP 5.0i segfaults on
-----BEGIN PGP MESSAGE-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org
owJ4nJvAy8zAJGi/TnTjXVcWZ8Y1fUnsBekFJanFJeapP4VDMlIV8pOyUpNLMsuA
rDSFkozMYgWQrAKIzldIzkhNzgaKJpYoeCoUpeam5ialFgH5qQp5qeUKBYnFxQUZ
RYnFqVyJeSkg9WWpRZlplTANyYl5CqXFqQoB7gEIwxIVijPT8xJLSotS9bg67JlZ
GUAugblQkCn4B8P8fGujSg6hhZorWtu3Ln5/r1altd+GYX6CS4bzPmmRO5MT9Gwz
NaZkFk2ZdhoAeFVRFQ==
=49nM
-----END PGP MESSAGE-----
and here is the public key corresponding to the signature of that
message
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDdhEXIRBAChQ4E1fr9dgk0EFXSG+b7f5sBrGqALlg6D/W1VppOiHHQu5769
SJDG2jcnGivF1N2C7Fc9a0+e4h0w7yBIivfUIxxc08B3qNSYK9FxC042Nzg12wK9
Rn/Ce+uW2ZuiNVUPygY9z7sMpuJvURGE4+cCh/r5m4/5DTyE9heKCO6nSwCg3MzL
hujjsDKNfL6NGSjRIxQN3SsD/RKsZQH6X54z5h28TOfBT5fEMWGViRD9ILvoRkXm
1yeMx4kCeTD/Y4TWGH7N1MSn/U0JXrkxOZi7tY9IvHJstJRnrP4dwNx8vmnC+TJF
rVIPPlKUP8SzwR+f/tj8jzVRGgZk2Gmzj+FVhqZzyRfeWIuJN7X/P31HBQxdkQCd
zpWZA/972QNjNrzm2o+856KpAuFBeQ5uVVrBmTGPfMC3E3GvgkVnhrv0/M1YgZlw
QvLpE8DoJavSaNxpagUrV4BHePr7nYFwI6YUN6/61zo6vbPidamFFOoSCmvItQaU
j/FwSAqrTMO5vKEnTMUZgicR3+SuAIBXfSQ/yLyfL00mdIwLF7Q4Tm9yYmVydCBC
b2xsb3cgKGNhc3VhbCBzZWN1cml0eSBrZXkpIDxuYkB0aGlua2NvYWNoLmNvbT6I
VQQTEQIAFQUCN2ERcgMLCgMDFQMCAxYCAQIXgAAKCRA/rhWx3UUEQzb4AJ4juLh7
Qibsvd0ybUAHeFPLv7QqBQCfdfz6XxqDL6HYKaJirkCXi0ZZ/8m0M05vcmJlcnQg
Qm9sbG93IChjYXN1YWwgc2VjdXJpdHkga2V5KSA8bmJAcG9ib3guY29tPohVBBMR
AgAVBQI3YRInAwsKAwMVAwIDFgIBAheAAAoJED+uFbHdRQRDiHcAn1KC/BTce0UK
pNLNYSutpgbIxdzvAKCUt2ktRWMMRoV+pPKQaObr7FVo77kBDQQ3YRF4EAQA/LMz
dq0TqamN6l4G8zlhJOavNjzGitC3Y/TFIyz0AdN//oPrCyIyXdeTZZ/np99Qpm3G
CwdHEp536RuRsS7AQE8LlvIdUtEDQ/MxpxY0h0DuEH4RzRwRfbHgh8TYzh/k4UVY
HlEiih7hUesZLCZi7QK/92DXpVJG78pDwWWtUHcAAwUEALgDwyvHdew98R5THDF7
P5fAOB+u5bWi7QjPUOSNfZ6aHT6KHSk0ucqdmIrD5N+TV72H40eH5P67AZyr3soU
yGF2lSlu417Lxf9t+buSckiTNTVs7xG6qM3meyOvtdnVLzv2bZP7gNFczIDSnQ72
e0RYsaY7AWske7uHIF3Om2XLiEYEGBECAAYFAjdhEXgACgkQP64Vsd1FBENU3wCf
aD5dEg0e8dKbfahmDniJQ6+rt24An3x8kF2I5vnZwBism04xv/TZrnwu
=9Zxu
-----END PGP PUBLIC KEY BLOCK-----
norbert@quill:~/crypto > pgpv pgptest1.asc
Received signal 11.
May blessings from the eternal God surprise and overtake you!
Norbert.
--
New snail mail address: Norbert Bollow, Weidlistr. 18, CH-8624 Gruet.