Your message dated Thu, 09 Oct 2014 19:18:41 +0000
with message-id <[email protected]>
and subject line Bug#764618: fixed in haskell-hopenpgp-tools 0.12-1
has caused the Debian Bug report #764618,
regarding hopenpgp-tools: hot fails when it encounters a stripped secret key
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
764618: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764618
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: hopenpgp-tools
Version: 0.11-1
Severity: normal
gpg lets you export secret keys with the primary key missing via
--export-secret-subkeys.
When it does this, it marks the primary key's secret parts as
encrypted with the gnu-dummy S2K ID (101, from the experimental range)
and then doesn't bother to include the secret subkey material at all.
Below shows the different ways that this info is interpreted by
pgpdump, "gpg --list-packets", and "hot dump"
hot dump actually fails to show *anything* when it encounters this
packet.
"hot dump" should play nicer and not fail :)
Thanks for hopenpgp-tools!
--dkg
1 jj955@alice:~$ gpg --list-secret-keys
/home/jj955/.gnupg/secring.gpg
------------------------------
sec# 2048R/97A9A5A0 2014-10-08
uid monkey man <[email protected]>
ssb 2048R/0875BC2C 2014-10-08
0 jj955@alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | hot dump
hot (hopenpgp-tools) 0.11
Copyright (C) 2012-2014 Clint Adams
hot comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions.
hot: Unknown S2K
1 jj955@alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | gpg --list-packets
:secret key packet:
version 4, algo 1, created 1412809939, expires 0
skey[0]: [2048 bits]
skey[1]: [17 bits]
gnu-dummy S2K, algo: 0, simple checksum, hash: 0
protect IV:
keyid: 7507557D97A9A5A0
:user ID packet: "monkey man <[email protected]>"
:signature packet: algo 1, keyid 7507557D97A9A5A0
version 4, created 1412809939, md5len 0, sigclass 0x13
digest algo 8, begin of digest 0d b9
hashed subpkt 2 len 4 (sig created 2014-10-08)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
hashed subpkt 21 len 5 (pref-hash-algos: 8 9 10 11 2)
hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
subpkt 16 len 8 (issuer key ID 7507557D97A9A5A0)
data: [2047 bits]
:secret sub key packet:
version 4, algo 1, created 1412809939, expires 0
skey[0]: [2048 bits]
skey[1]: [17 bits]
iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: abae83536af46295
protect count: 20971520 (228)
protect IV: 7a 88 7b 81 56 23 8f 78 6f df 5d 6c ec a1 4b e8
encrypted stuff follows
keyid: 7F8AD0AA0875BC2C
:signature packet: algo 1, keyid 7507557D97A9A5A0
version 4, created 1412809939, md5len 0, sigclass 0x18
digest algo 8, begin of digest 4e c0
hashed subpkt 2 len 4 (sig created 2014-10-08)
hashed subpkt 27 len 1 (key flags: 0C)
subpkt 16 len 8 (issuer key ID 7507557D97A9A5A0)
data: [2047 bits]
0 jj955@alice:~$ gpg --export-secret-subkeys '0x0875BC2C!' | pgpdump
Old: Secret Key Packet(tag 5)(277 bytes)
Ver 4 - new
Public key creation time - Wed Oct 8 19:12:19 EDT 2014
Pub alg - RSA Encrypt or Sign(pub 1)
RSA n(2048 bits) - ...
RSA e(17 bits) - ...
Sym alg - Plaintext or unencrypted data(sym 0)
GnuPG string-to-key(s2k 101)
Encrypted RSA d
Encrypted RSA p
Encrypted RSA q
Encrypted RSA u
Encrypted checksum
Old: User ID Packet(tag 13)(33 bytes)
User ID - monkey man <[email protected]>
Old: Signature Packet(tag 2)(311 bytes)
Ver 4 - new
Sig type - Positive certification of a User ID and Public Key
packet(0x13).
Pub alg - RSA Encrypt or Sign(pub 1)
Hash alg - SHA256(hash 8)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Wed Oct 8 19:12:19 EDT 2014
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to certify other keys
Flag - This key may be used to sign data
Hashed Sub: preferred symmetric algorithms(sub 11)(4 bytes)
Sym alg - AES with 256-bit key(sym 9)
Sym alg - AES with 192-bit key(sym 8)
Sym alg - AES with 128-bit key(sym 7)
Sym alg - Triple-DES(sym 2)
Hashed Sub: preferred hash algorithms(sub 21)(5 bytes)
Hash alg - SHA256(hash 8)
Hash alg - SHA384(hash 9)
Hash alg - SHA512(hash 10)
Hash alg - SHA224(hash 11)
Hash alg - SHA1(hash 2)
Hashed Sub: preferred compression algorithms(sub 22)(3 bytes)
Comp alg - ZLIB <RFC1950>(comp 2)
Comp alg - BZip2(comp 3)
Comp alg - ZIP <RFC1951>(comp 1)
Hashed Sub: features(sub 30)(1 bytes)
Flag - Modification detection (packets 18 and 19)
Hashed Sub: key server preferences(sub 23)(1 bytes)
Flag - No-modify
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0x7507557D97A9A5A0
Hash left 2 bytes - 0d b9
RSA m^d mod n(2047 bits) - ...
-> PKCS-1
Old: Secret Subkey Packet(tag 7)(966 bytes)
Ver 4 - new
Public key creation time - Wed Oct 8 19:12:19 EDT 2014
Pub alg - RSA Encrypt or Sign(pub 1)
RSA n(2048 bits) - ...
RSA e(17 bits) - ...
Sym alg - AES with 128-bit key(sym 7)
Iterated and salted string-to-key(s2k 3):
Hash alg - SHA1(hash 2)
Salt - ab ae 83 53 6a f4 62 95
Count - 20971520(coded count 228)
IV - 7a 88 7b 81 56 23 8f 78 6f df 5d 6c ec a1 4b e8
Encrypted RSA d
Encrypted RSA p
Encrypted RSA q
Encrypted RSA u
Encrypted SHA1 hash
Old: Signature Packet(tag 2)(287 bytes)
Ver 4 - new
Sig type - Subkey Binding Signature(0x18).
Pub alg - RSA Encrypt or Sign(pub 1)
Hash alg - SHA256(hash 8)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Wed Oct 8 19:12:19 EDT 2014
Hashed Sub: key flags(sub 27)(1 bytes)
Flag - This key may be used to encrypt communications
Flag - This key may be used to encrypt storage
Sub: issuer key ID(sub 16)(8 bytes)
Key ID - 0x7507557D97A9A5A0
Hash left 2 bytes - 4e c0
RSA m^d mod n(2047 bits) - ...
-> PKCS-1
0 jj955@alice:~$
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages hopenpgp-tools depends on:
ii libbz2-1.0 1.0.6-7
ii libc6 2.19-11
ii libffi6 3.1-2
ii libgmp10 2:6.0.0+dfsg-6
ii libnettle4 2.7.1-3
ii libyaml-0-2 0.1.6-2
ii zlib1g 1:1.2.8.dfsg-2
hopenpgp-tools recommends no packages.
hopenpgp-tools suggests no packages.
-- debconf-show failed
--- End Message ---
--- Begin Message ---
Source: haskell-hopenpgp-tools
Source-Version: 0.12-1
We believe that the bug you reported is fixed in the latest version of
haskell-hopenpgp-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Clint Adams <[email protected]> (supplier of updated haskell-hopenpgp-tools
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 09 Oct 2014 15:03:59 -0400
Source: haskell-hopenpgp-tools
Binary: hopenpgp-tools
Architecture: source amd64
Version: 0.12-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Haskell Group
<[email protected]>
Changed-By: Clint Adams <[email protected]>
Description:
hopenpgp-tools - hOpenPGP-based command-line tools
Closes: 764618
Changes:
haskell-hopenpgp-tools (0.12-1) unstable; urgency=medium
.
* New upstream version.
- Build-depends on a new enough version of hOpenPGP to handle
non-standard S2K types. closes: #764618.
Checksums-Sha1:
cc783d7529b517114b183bde15a4a3bb18b954c9 2871 haskell-hopenpgp-tools_0.12-1.dsc
0cfd4234d4592024da14cea956c5609d7618bfbd 58802
haskell-hopenpgp-tools_0.12.orig.tar.gz
596c3fc8f3641f971ba5c647cf666fa18de366e4 12432
haskell-hopenpgp-tools_0.12-1.debian.tar.xz
5126226924ab8e077b9facc780717d1d01c53d91 5091166
hopenpgp-tools_0.12-1_amd64.deb
Checksums-Sha256:
5781c22163ebc154f3516bb3e22dd29984e849fa82e8cb0a0fbafd0361ea3321 2871
haskell-hopenpgp-tools_0.12-1.dsc
db54537b052ebaef00f432e84a04b52f9cf87fd8758e45a77dd8a757bd3a7e80 58802
haskell-hopenpgp-tools_0.12.orig.tar.gz
bad9ebb41796398ccfa7863a3ae09f634313f2ea030a4874a6a4a8f74225808a 12432
haskell-hopenpgp-tools_0.12-1.debian.tar.xz
3c1dcd67927ffa54d29c9930e7dc64acf2ceb59012935e5172e378f88cf6f0ae 5091166
hopenpgp-tools_0.12-1_amd64.deb
Files:
be1549df1f26cee895d97b7d575e8efa 5091166 haskell extra
hopenpgp-tools_0.12-1_amd64.deb
aa077e8e86d243475731d655e081728f 2871 haskell extra
haskell-hopenpgp-tools_0.12-1.dsc
64af4f8e4b3723f31be377fe289a3c68 58802 haskell extra
haskell-hopenpgp-tools_0.12.orig.tar.gz
d3973578e7c7a95a330d533bc0ac4dad 12432 haskell extra
haskell-hopenpgp-tools_0.12-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Debian!
iQJ8BAEBCgBmBQJUNtz5XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ3NTgxRUM4NzQwNTNFNkM4MDc3OTFCOUI1
NTkyMzMxRTE5OUQzOEE4AAoJEFWSMx4ZnTio+hgP/0MuWBrFGA4MTVPLs2HiKVSp
H7ZOxQdFe3pxMcsvBzAbg11T3sPxpw88qtSzuCM+nMY9uEzwkpUeMrMGqEQn060a
3pcIAeFxBj6J3u6nrevPWqBvtXFR8ODiSPMNI/4ZLGtLhU7F2WK75dNlw8urEsVI
ZqlkuoZoypZg0wM5iEimqOHvlZVLq4V4PIHEdXWstj9cqsTx9iUyapiRuxD7QwXJ
WZvEs2JcEloINOqR83AP9WNxxr+d2tUGk31kbwDf8pY++RMimjlxfBgTTvVp8mxv
Bbsm+xLxC5leyVgS7MMoSmWYksWXZSzCCtuhKFx4WEqdWlxB89Q6tVkstYKbrrTx
A5dUEIXqR0vjaF9Q+R90poFeE8WJoXhcJ1RIgypfKTI9IE1LyXP3FpWXAT+9dwTT
j6BdZhmhPzHxQ5sDXBVISpujv78pH363TdMslkXvjPkt/uwbM5MRrzEzBdBCTmvl
76er6FqRInRARzimjicUMWdCfilNjxegBZC1svKbjkiMQ9Xg71hN+uI48t8BhVDN
9CtXrQK6QfWLhYLudwWqNGYxdPMxAgp4/7p1HSjJBQHDZy5sHTnb8W2WDF6aSAT3
Wy8kyNeuRo5ratZikzIrtp8nXrOGNg1gTBfBFdwAalqsNm1Eogfzrsp0Tp78qhkT
w+YO+t+2mvYETv0HiwNB
=6ZIX
-----END PGP SIGNATURE-----
--- End Message ---
