2

When verifying a pgp signed message using GnuPG, one gets an output similar to the following:

gpg: Signature made Fr 07 Jan 2022 13:42:21 CET
gpg:                using RSA key 610B4AFF906E6890EEDC797201E99CB6C034BC3B
gpg:                issuer "name@domain.com"
gpg: Good signature from "Some Person <name@domain.com>" [full]

Apart from GnuPG already showing the identity of the signee (public key is present in my keyring) and also the trust level, I would like to understand what exactly the line 'using RSA key ...' means, in particular considering the situation where I might not have the public key of the signee in my keyring, yielding the output

gpg: Signature made Fr 07 Jan 2022 13:42:21 CET
gpg:                using RSA key 610B4AFF906E6890EEDC797201E99CB6C034BC3B
gpg:                issuer "name@domain.com"
gpg: Can't check signature: No public key

I assume that this is the hash of the public RSA key that has been used to produce the signature (typically some signing subkey). So the question is:

How can I display these RSA keys, given that I have some public key in my GnuPG keyring?

The use case would be to look up those keys on a device where the public is available, and compare them by hand to associate the signature with some known key.


Maybe getting to a little bit more detail: In case a main key has different signing subkeys, I assume that the used RSA key shown will be different for these subkeys. So how can I find out which subkey has been used, i.e. display all available subkeys with their RSA hashes of some given public key (along with the subkeys)?

2 Answers2

0

(I'm using gpg --version 2.2 in one context, and 2.0 in another)

How do I find out which subkey has been used?

Pipe to gpg --list-packets or specify a file with gpg --list-packets /your/file, (providing the private key/ password is optional you'll still get "some" output, just a lot "less" if you don't decrypt)

Now you can get specific detail on a key, including the full fingerprint and public-key attributes, by using: gpg --fingerprint KEYID or gpg --with-colons --fingerprint KEYID. In this context KEYID can be a short, long or full fingerprint.

How can I display these RSA keys, given that I have some public key in my GnuPG keyring?

Another command that may be helpful is gpg --list-signatures, which by itself will give you a detailed dump from the currently logged in user's key ring. Depending on your version you might need --list-sigs instead.

gpg --list-signatures --fingerprint --fingerprint (yes, two of, v2.2), or gpg --list-sigs --fingerprint --fingerprint (v2.0), splits apart the fingerprints of all sub-keys, meanwhile gpg --list-signatures --with-subkey-fingerprints shows them in the more compact form, short or long, depending on your environment.

Key IDs and short or long fingerprints

With respect to the hash of the public key, there's the concept of short 4-byte and long 8-byte fingerprints, with short and sometimes short and long being referred to as the key id. The smaller keyspace of truncated/ short fingerprints have been demonstrated to be exploitable Klafter and Swanson (primarily by tricking "someone" into agreeing to "something") so only long or full ones should be used for validation purposes.

This answer and discussion focusses on short and long fingerprints Erat'15, to explicity display long fingerprints, add: --keyid-format long - on one of my instals long fingerprints are displayed when unspecified, and short ones must be explicitly asked for (v2.2). Whereas on a server I'm administering at the moment (v2.0), the short form is the default and long or fingerprint output must be asked for explicitly.

brynk
  • 1,016
  • 4
  • 14
0

I would like to understand what exactly the line using RSA key ... means, in particular considering the situation where I might not have the public key of the signee in my keyring

That line indicates the fingerprint of the key (or subkey) that created the signature. This information is contained in the signature data with the "Issuer Fingerprint" subpacket (type 33). The signing key's User ID (name and/or email address) is likewise contained in the signature data with the "Signer's User ID" subpacket (type 28).

The fingerprint itself is a hash (SHA-1 for version 4 keys, and SHA-256 for version 5) of the binary public key packet material and this hash is how PGP keys are uniquely identified.

How can I display these RSA keys, given that I have some public key in my GnuPG keyring?

If GnuPG outputs gpg: Can't check signature: No public key then the required key (or subkey) is not in your keyring and must be imported or retrieved from a keyserver.

If the key is in your keyring the following command will show the primary key and all its subkey fingerprints:

gpg --with-subkey-fingerprint --list-keys 610B4AFF906E6890EEDC797201E99CB6C034BC3B

Note that by default GnuPG will not display expired or revoked subkeys. To override this, include the --list-options show-unusable-subkeys option in the above command.

fuzzydrawrings
  • 481
  • 2
  • 9