Sign-key verification with long fingerprints

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Sign-key verification with long fingerprints

duplicity-talk mailing list
Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
 Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
Try the verify with 349A3434 as the sign key.  It should work.

...Ken


On Thu, Nov 17, 2016 at 12:25 PM, Richard McGraw via Duplicity-talk <[hidden email]> wrote:
Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
 Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
This is indeed a bug, i've run into this before. It seems that it saves whatever you pass in to the duplicity script, but it doesn't do what gpg does and try and expand that to a unique identifier. the work around is to ensure that you pass the long ID to the backup command and not the shortened one

~Mark 

On Nov 17, 2016, at 12:20, Kenneth Loafman via Duplicity-talk <[hidden email]> wrote:

Try the verify with 349A3434 as the sign key.  It should work.

...Ken


On Thu, Nov 17, 2016 at 12:25 PM, Richard McGraw via Duplicity-talk <[hidden email]> wrote:
Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
 Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
Well, it looks like duplicity is only passing the last 8 chars of the sign key, not the longer forms.  The encrypt key is passed unchanged, so the longer forms get passed.

...Ken


On Thu, Nov 17, 2016 at 2:39 PM, Mark Grandi <[hidden email]> wrote:
This is indeed a bug, i've run into this before. It seems that it saves whatever you pass in to the duplicity script, but it doesn't do what gpg does and try and expand that to a unique identifier. the work around is to ensure that you pass the long ID to the backup command and not the shortened one

~Mark 

On Nov 17, 2016, at 12:20, Kenneth Loafman via Duplicity-talk <[hidden email]> wrote:

Try the verify with 349A3434 as the sign key.  It should work.

...Ken


On Thu, Nov 17, 2016 at 12:25 PM, Richard McGraw via Duplicity-talk <[hidden email]> wrote:
Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
 Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk



_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
In reply to this post by duplicity-talk mailing list
The thing is, GPG knows how to figure out what key one is referring to when given different things, such as email, first 20 characters of fingerprint, all 40 characters of fingerprint, etc, but Duplicity doesn't

Duplicity should probably consult GPG on the full fingerprint of the key being used to encrypt before it saves it, so that way if someone passes in a different (but still valid according to GPG) identifier for the key, we won't get these errors

Example of how GPG could be called by duplicity to get the full 40 character fingerprint given different identifiers passed in by the user (see the 'fpr' line)

with email:

[2016-11-17 15:42:07] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons [hidden email]
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

first 20 characters of fingerprint:

[2016-11-17 15:42:17] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons C7DC9D26A1C7DFB9
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

full 40 characters of fingerprint:

[2016-11-17 15:44:07] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

~Mark

On Nov 17, 2016, at 11:25, Richard McGraw via Duplicity-talk <[hidden email]> wrote:

Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
Fix has been committed to the trunk.


On Thu, Nov 17, 2016 at 4:50 PM, Mark Grandi via Duplicity-talk <[hidden email]> wrote:
The thing is, GPG knows how to figure out what key one is referring to when given different things, such as email, first 20 characters of fingerprint, all 40 characters of fingerprint, etc, but Duplicity doesn't

Duplicity should probably consult GPG on the full fingerprint of the key being used to encrypt before it saves it, so that way if someone passes in a different (but still valid according to GPG) identifier for the key, we won't get these errors

Example of how GPG could be called by duplicity to get the full 40 character fingerprint given different identifiers passed in by the user (see the 'fpr' line)

with email:

[2016-11-17 15:42:07] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons [hidden email]
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

first 20 characters of fingerprint:

[2016-11-17 15:42:17] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons C7DC9D26A1C7DFB9
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

full 40 characters of fingerprint:

[2016-11-17 15:44:07] markgrandi@Gypaetus:~$ gpg2 --list-secret-keys --fingerprint --with-colons BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9
sec::4096:1:C7DC9D26A1C7DFB9:1459373464::::::scESC::::
fpr:::::::::BB93C97A6D5BD11F4469A0F6C7DC9D26A1C7DFB9:
uid:::::1459373464::4B52287E61873F1175B997D6DD5684840430C5C4::Aurelion Sol (Hope. Wonder. Insignificance. Imagine what they'll feel when I complete the stars.) <[hidden email]>:
uat:::::1459374102::175AADA90BE77BC78BD607F8011CFB34AD2F7A14::1 11228:
ssb::4096:1:AFC816A06E475087:1459373464::::::e::::
ssb::3072:17:2B5AE45A43093539:1459374008::::::s::::
ssb::4096:16:1BAC9BA4BF4D887D:1459374080::::::e::::
ssb::2048:1:AED498799F693180:1459374094::::::e::::

~Mark

On Nov 17, 2016, at 11:25, Richard McGraw via Duplicity-talk <[hidden email]> wrote:

Hello,

I tried to verify a backup signed with --sign-key <40-digit-hex-string>

duplicity responds with:
Volume was signed by key 349A3434, not
123434343434343C3434343434343734349A3434

Does it imply that signature verification was skipped ? If yes, it
looks like a bug.

--
Richard

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk



_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
On Mon, 21 Nov 2016 10:29:38 -0600
Kenneth Loafman via Duplicity-talk <[hidden email]> wrote:

> Fix has been committed to the trunk.

With 0.7.11 I made a test backup with --sign-key=<40-hex fingerprint>

duplicity verify prints:

Volume was signed by key <A>, not <B>

where B is the fingerprint used to sign, and A is B[-16:]

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Sign-key verification with long fingerprints

duplicity-talk mailing list
The 16-byte key is sufficient.  Use that for now.  It's what gpg[12] returns.

...Ken


On Thu, Jan 5, 2017 at 4:56 AM, Richard McGraw via Duplicity-talk <[hidden email]> wrote:
On Mon, 21 Nov 2016 10:29:38 -0600
Kenneth Loafman via Duplicity-talk <[hidden email]> wrote:

> Fix has been committed to the trunk.

With 0.7.11 I made a test backup with --sign-key=<40-hex fingerprint>

duplicity verify prints:

Volume was signed by key <A>, not <B>

where B is the fingerprint used to sign, and A is B[-16:]

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk