Package: signing-party Version: 1.1.3-1 Severity: normal Tags: patch
pgpring displays wrong key length for some key How to reproduce: $gpg --recv-key 65D0FD58 $gpg --list-key --with-colons | grep ^pub | grep 65D0FD58 pub:q:1024:17:D2BB0D0165D0FD58:2003-07-11:2033-07-03::-:CA Cert Signing Authority (Root CA) <g...@cacert.org>::scaESCA: [key length is 1024] $pgpring -k $HOME/.gnupg/pubring.gpg | grep ^pub | grep 65D0FD58 pub:q:1022:17:D2BB0D0165D0FD58:2003-07-11::::CA Cert Signing Authority (Root CA) <g...@cacert.org>: [pgpring says that key length is 1022] -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages signing-party depends on: ii gnupg 1.4.10-4 GNU privacy guard - a free PGP rep ii libc6 2.11.2-6+squeeze1 Embedded GNU C Library: Shared lib ii libclass-methodmaker-p 2.15-2 Perl module for creating generic m ii libgnupg-interface-per 0.42-3 Perl interface to GnuPG ii libmailtools-perl 2.06-1 Manipulate email in perl programs ii libmime-tools-perl 5.428-1 Perl5 modules for MIME-compliant m ii libterm-readkey-perl 2.30-4 A perl module for simple terminal ii libtext-template-perl 1.45-1 Text::Template perl module ii perl 5.10.1-15 Larry Wall's Practical Extraction ii qprint 1.0.dfsg.2-2 encoder and decoder for quoted-pri Versions of packages signing-party recommends: ii libgd-gd2-noxpm-perl 1:2.39-2+b1 Perl module wrapper for libgd - gd ii libpaper-utils 1.1.24 library for handling paper charact ii libtext-iconv-perl 1.7-2 converts between character sets in ii postfix [mail-transport-agen 2.7.1-1 High-performance mail transport ag ii whiptail 0.52.11-1 Displays user-friendly dialog boxe Versions of packages signing-party suggests: pn imagemagick | graphicsmagick- <none> (no description available) ii mutt 1.5.20-9 text-based mailreader supporting M pn texlive-latex-recommended <none> (no description available) pn wipe <none> (no description available) -- no debconf information
diff -rup signing-party-1.1.3.orig/keyanalyze/pgpring/pgppubring.c signing-party-1.1.3/keyanalyze/pgpring/pgppubring.c --- signing-party-1.1.3.orig/keyanalyze/pgpring/pgppubring.c 2010-02-11 19:26:31.000000000 +0100 +++ signing-party-1.1.3/keyanalyze/pgpring/pgppubring.c 2010-11-03 09:59:07.000000000 +0100 @@ -281,14 +281,14 @@ static pgp_key_t *pgp_parse_pgp3_key (un p->algorithm = pgp_pkalgbytype (alg); p->flags |= pgp_get_abilities (alg); + len = (buff[j] << 8) + buff[j + 1]; + p->keylen = len; + if (alg == 17) skip_bignum (buff, l, j, &j, 3); else if (alg == 16 || alg == 20) skip_bignum (buff, l, j, &j, 2); - len = (buff[j] << 8) + buff[j + 1]; - p->keylen = len; - if (alg >= 1 && alg <= 3) skip_bignum (buff, l, j, &j, 2); else if (alg == 17 || alg == 16 || alg == 20)