Mailing List Archive

On Sonntag, 11. Februar 2024 02:05:52 CET mlist_e9e869bc--- via Gnupg-users
wrote:
> I'm trying to import a key generated from GPG 2.4.4 to 2.2.27 but
> unsuccessful.
>
> Upon importing, it returns `gpg: no valid OpenPGP data found.`
>
> I tried with compliance options but it does nothing.
>
> Command I used:
>
> - export: `gpg -a --export-secret-subkey <key_id> | gpg -a -c
> --cipher-algo AES --force-mdc -o <file>`
> - import: `gpg --decrypt -o - keys.sec.asc | gpg --import -`
>
> What else I can do? I can't update the GPG version because one of my
> import device is an Android phone which stuck at 2.2.27 for quite a long
> time.

Are you sure that the problem isn't the decryption? I checked the code and
this error message is emitted by the armor/dearmor code. My guess is that the
decryption fails and therefore outputs nothing and importing nothing results
exactly in the above error message:
```
$ echo "" | gpg --import -
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
```

Regards,
Ingo

On 11/02/2024 18:09, IngoKlöcker 'kloecker at kde.org' wrote:
> Are you sure that the problem isn't the decryption? I checked the code and
> this error message is emitted by the armor/dearmor code. My guess is that the
> decryption fails and therefore outputs nothing and importing nothing results
> exactly in the above error message:
> ```
> $ echo "" | gpg --import -
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> ```
>
> Regards,
> Ingo

Hello Ingo,

Thanks for the reply. It seems like the update I sent yesterday didn't
went out. Apologize for being a noob on mailing list.

The problem is in the certify signature. For some reason a certify
signature is done in Version 5, instead of Version 4 like other parts of
the key. With that certify signature removed, I can import the secret
key to GPG 2.2.27 no problem.

Now the unrelated decryption. It actually decrypt nicely to an armoured
PGP private key block. However, it just not importable even with GPG
2.4.4. I guess the data with in is corrupted but no way to verify.

Regards,
Hartman

On Sun, 11 Feb 2024 20:28, mlist_e9e869bc--- said:

> signature is done in Version 5, instead of Version 4 like other parts of
> the key. With that certify signature removed, I can import the secret
> key to GPG 2.2.27 no problem.

Can you please try to import that key (with the v5 key signature) using
a current 2.2. version (2.2.42)? Or you can send me the public key by
private mail so that I can check what's going on.


Salam-Shalom,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

On 13/02/2024 09:57, Werner Koch 'wk at gnupg.org' wrote:
> Can you please try to import that key (with the v5 key signature) using
> a current 2.2. version (2.2.42)? Or you can send me the public key by
> private mail so that I can check what's going on.
>
>
> Salam-Shalom,
>
> Werner
>
I couldn't find a distro with 2.2.42 so I have to compile it myself. I'm
using Docker with ubuntu:latest.

In conclusion, the import failed.

```
$ gpg --version
gpg (GnuPG) 2.2.42
libgcrypt 1.9.4
Copyright (C) 2023 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /root/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed

$ gpg --import PUBLIC_v5_certify.asc
gpg: packet(2) with unknown version 5
gpg: read_block: read error: Invalid packet
gpg: import from 'PUBLIC_v5_certify.asc' failed: Invalid keyring
gpg: Total number processed: 0
```

Is wk at gnupg.org the private email I can send the public key to you?
I'm willing to send you a copy to examine but not publicly as that's
(now I remember) a result of a dumb experiment.

Regards,
Hartman



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Am Dienstag 13 Februar 2024 15:50:55 schrieb mlist_e9e869bc--- via
Gnupg-users:
> Is wk at gnupg.org the private email I can send the public key to you?

Yes, that is one of Werner's pubkeys.

The following will get his pubkey by WKD on the command line:
gpg --locate-keys --auto-key-locate clear,nodefault,wkd wk@gnupg.org

> I'm willing to send you a copy to examine but not publicly as that's
> (now I remember) a result of a dumb experiment.


--
https://intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter

On Wed, 14 Feb 2024 11:24, Bernhard Reiter said:

> The following will get his pubkey by WKD on the command line:
> gpg --locate-keys --auto-key-locate clear,nodefault,wkd wk@gnupg.org


FWIW,

gpg --locate-external-key wk@gnupg.org

is much easier that the abvove long list of options.


Salam-Shalom,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein