Page MenuHome GnuPG

gnupg 1.4.x adds unknown ECC subkeys repeatedly.
Closed, ResolvedPublic

Description

if an RSA primary key has an ECC subkey, gpg 1.4.x (and maybe 2.0.x? i haven't
tried) doesn't know how to interpret it. however, it will import the subkey anyway.

When it imports it multiple times (even if the key is no different), it adds
another subkey entry each time. See the 0E/6E929F2B line duplicating itself
after each gpg --import below:

0 dkg@alice:/tmp/cdtemp.sFx63f$ cat test.gpg
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mI0EVUERCwEEANSosjdBJGoYHtOaGC59Eb0HeoPQ0skPh1Zm8XWbVIl9M+EbD/Rx
/DPZAxqPiQ0FbPgvh5TzUmKexJ2xt4E2/z31/pxnBaCDDPD7jZAugLqD8iFPqF7f
HqSveCJDY7bBzh1W17gTdgRzxfrVahdH0mqkjit/sb2ucrJO7pyWx0J1ABEBAAG0
HHRlc3QgdXNlciA8dGVzdEBleGFtcGxlLm9yZz6IvQQTAQgAJwUCVUERCwIbAwUJ
AAk6gAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRC0kfnrb5hP+TvFBACijgvF
jBcB8HrmpiMiW/gJLPSunMqSJbIRDBmELbjXsJjnh1g3SzYVAqVxxdDTWtw7dPmg
ZiZmdGsnwQ40CgLt+gmspezNetgj6oR6W/xfyWUspZtTlqHqKDXsCKFHoObdIFA+
KtcbWfWPZ1JMeO4M/AfLFV6Lot8c7oEfK+aHTLhSBFVBESITCCqGSM49AwEHAgME
Z6xWbvcEEv8ndJ4WEU0t+a+eUDBgIrqpIIH7e184bgV0ocg5Ahjk8554VF83tiI9
RgqgvPupNeZNsSNNHRrcWIkBBQQYAQgADwUCVUERIgIbAgUJAAk6gABqCRC0kfnr
b5hP+V8gBBkTCAAGBQJVQREiAAoJEK8iVnVukp8rk7MA/1bAy3E8YaYWgO0Pc/jB
w6G9ahSlkV8XJM85ujkpMEiCAP0ZZw2igLEcgVDBrcp+xhAdiBqsPIyA1KQdDyBQ
H/P5oh6ZBACpHPH4KKidTGSlQcx8h8BaPktcoHrh/WHhCD/QbIUpMy8pgrZD+BgV
g3IY25XWgWxM+4Npi7aZpjkL1nIEgOzqppZY7GD2hOewAFSCfZqYHpWIfTqaPRID
MypqH0qqWMe42xsX5c4Rd9RjA0myUE0JOgOCiFR238Ef7hiniBYMIw==

atcJ

-----END PGP PUBLIC KEY BLOCK-----
0 dkg@alice:/tmp/cdtemp.sFx63f$ gpg --list-keys
0 dkg@alice:/tmp/cdtemp.sFx63f$ gpg --import < test.gpg
gpg: key 6F984FF9: public key "test user <test@example.org>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2015-05-06
0 dkg@alice:/tmp/cdtemp.sFx63f$ gpg --list-keys

/tmp/cdtemp.sFx63f/pubring.gpg

pub 1024R/6F984FF9 2015-04-29 [expires: 2015-05-06]
uid test user <test@example.org>
sub 0E/6E929F2B 2015-04-29 [expires: 2015-05-06]

0 dkg@alice:/tmp/cdtemp.sFx63f$ gpg --import < test.gpg
gpg: key 6F984FF9: "test user <test@example.org>" 1 new signature
gpg: key 6F984FF9: "test user <test@example.org>" 1 new subkey
gpg: Total number processed: 1
gpg: new subkeys: 1
gpg: new signatures: 1
0 dkg@alice:/tmp/cdtemp.sFx63f$ gpg --list-keys

/tmp/cdtemp.sFx63f/pubring.gpg

pub 1024R/6F984FF9 2015-04-29 [expires: 2015-05-06]
uid test user <test@example.org>
sub 0E/6E929F2B 2015-04-29 [expires: 2015-05-06]
sub 0E/6E929F2B 2015-04-29 [expires: 2015-05-06]

0 dkg@alice:/tmp/cdtemp.sFx63f$

Details

Version
1.4.19

Event Timeline

dkg added projects: gnupg, Bug Report.
dkg added a subscriber: dkg.

Thank you for the reproducible case.
This would be the cause my key becoming too big in someone's keyring.
I'm going to investigate in detail, for 1.4.x and 2.0.x.

gniibe removed a project: In Progress.

Fixed in 1.4.20 (and 2.0.28).