Bug#1101007: regression: gpg --edit-key clean removes signature that was kept in 2.2.45

[Uwe Kleine-König]

Hello,

On Thu, Mar 27, 2025 at 06:51:46PM +0100, Uwe Kleine-König wrote:
> On Mon, Mar 24, 2025 at 04:55:20PM +0100, Uwe Kleine-König wrote:
> > On Fri, Mar 21, 2025 at 06:43:19PM +0100, Uwe Kleine-König wrote:
> > > Package: gnupg
> > > Version: 2.2.46-5
> > > Severity: normal
> > > X-Debbugs-Cc: uklei...@debian.org
> > > 
> > > Hello,
> > > 
> > >   uwe@taurus:~$ keyringgpghome="$(mktemp -d)"
> > > 
> > >   uwe@taurus:~$ gpg --homedir "$keyringgpghome" --locate-external-key 
> > > tgamb...@baylibre.com u.kleine-koe...@baylibre.com
> > >   gpg: keybox '/tmp/tmp.U5pMuWLasg/pubring.kbx' created
> > >   gpg: /tmp/tmp.U5pMuWLasg/trustdb.gpg: trustdb created
> > >   gpg: key E2DCDD9132669BD6: public key "Uwe Kleine-König 
> > > <u.kleine-koe...@baylibre.com>" imported
> > >   gpg: Total number processed: 1
> > >   gpg:               imported: 1
> > >   gpg: no ultimately trusted keys found
> > >   gpg: key B0D589D46708EC99: public key "Trevor Gamblin 
> > > <tgamb...@baylibre.com>" imported
> > >   gpg: Total number processed: 1
> > >   gpg:               imported: 1
> > >   gpg: no ultimately trusted keys found
> > >   pub   rsa4096 2010-06-15 [SC] [expires: 2027-06-21]
> > >         0D2511F322BFAB1C1580266BE2DCDD9132669BD6
> > >   uid           [ unknown] Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub   rsa2048 2023-03-17 [A] [expires: 2027-06-21]
> > >   sub   rsa2048 2023-03-17 [S] [expires: 2027-06-21]
> > >   sub   rsa2048 2023-03-17 [E] [expires: 2027-06-21]
> > > 
> > >   pub   rsa4096 2024-11-19 [C] [expires: 2026-11-19]
> > >         A3A9D4BDAB1069811F48D30EB0D589D46708EC99
> > >   uid           [ unknown] Trevor Gamblin <tgamb...@baylibre.com>
> > >   sub   cv25519 2024-11-19 [E]
> > >   sub   ed25519 2024-11-19 [S]
> > >   sub   ed25519 2024-11-19 [A]
> > > 
> > >   uwe@taurus:~$ gpg --homedir "$keyringgpghome" --list-sigs --with-colon 
> > > E2DCDD9132669BD6 | grep -E '(^pub|^uid|B0D589D46708EC99)'
> > >   
> > > pub:-:4096:1:E2DCDD9132669BD6:1276614694:1813572000::-:::scESCA::::::23:1742578410:4:
> > >   uid:-::::1739887646::7E218F31504E286A852C2E05459BA0DC22FF34AE::Uwe 
> > > Kleine-König <u.kleine-koe...@baylibre.com>:::::::::1742578410:4 
> > > https\x3a//openpgpkey.baylibre.com:
> > >   sig:::1:B0D589D46708EC99:1732894509::::Trevor Gamblin 
> > > <tgamb...@baylibre.com>:10x::A3A9D4BDAB1069811F48D30EB0D589D46708EC99:::10:
> > > 
> > > So my key E2DCDD9132669BD6 has a signature by Trevor's key.
> > > 
> > >   uwe@taurus:~$ gpg --homedir "$keyringgpghome" --edit-key 
> > > E2DCDD9132669BD6 clean save
> > >   gpg (GnuPG) 2.2.46; Copyright (C) 2024 g10 Code GmbH
> > >   This is free software: you are free to change and redistribute it.
> > >   There is NO WARRANTY, to the extent permitted by law.
> > > 
> > > 
> > >   pub  rsa4096/E2DCDD9132669BD6
> > >        created: 2010-06-15  expires: 2027-06-21  usage: SC
> > >        trust: unknown       validity: unknown
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/DB334D9FBE6A05BF
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: A
> > >   The following key was revoked on 2015-01-11 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa4096/3C3A2D28B94A2928
> > >        created: 2010-06-15  revoked: 2015-01-11  usage: E
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/C1FC1478ADCAEC09
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: S
> > >   sub  rsa2048/B29A43280A6EF95B
> > >        created: 2023-03-17  expires: 2027-06-21  usage: A
> > >   sub  rsa2048/8F80FB587D12FE4E
> > >        created: 2023-03-17  expires: 2027-06-21  usage: S
> > >   sub  rsa2048/120E75698E64909B
> > >        created: 2023-03-17  expires: 2027-06-21  usage: E
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/F2FF566A57C91BC7
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: E
> > >   [ unknown] (1). Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > > 
> > >   User ID "Uwe Kleine-König <u.kleine-koe...@baylibre.com>": 7 signatures 
> > > removed
> > > 
> > >   pub  rsa4096/E2DCDD9132669BD6
> > >        created: 2010-06-15  expires: 2027-06-21  usage: SC
> > >        trust: unknown       validity: unknown
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/DB334D9FBE6A05BF
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: A
> > >   The following key was revoked on 2015-01-11 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa4096/3C3A2D28B94A2928
> > >        created: 2010-06-15  revoked: 2015-01-11  usage: E
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/C1FC1478ADCAEC09
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: S
> > >   sub  rsa2048/B29A43280A6EF95B
> > >        created: 2023-03-17  expires: 2027-06-21  usage: A
> > >   sub  rsa2048/8F80FB587D12FE4E
> > >        created: 2023-03-17  expires: 2027-06-21  usage: S
> > >   sub  rsa2048/120E75698E64909B
> > >        created: 2023-03-17  expires: 2027-06-21  usage: E
> > >   The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6 
> > > Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > >   sub  rsa2048/F2FF566A57C91BC7
> > >        created: 2015-01-11  revoked: 2023-03-17  usage: E
> > >   [ unknown] (1). Uwe Kleine-König <u.kleine-koe...@baylibre.com>
> > > 
> > >   uwe@taurus:~$ gpg --homedir "$keyringgpghome" --list-sigs --with-colon 
> > > E2DCDD9132669BD6 | grep -E '(^pub|^uid|B0D589D46708EC99)'
> > >   
> > > pub:-:4096:1:E2DCDD9132669BD6:1276614694:1813572000::-:::scESCA::::::23:1742578410:4:
> > >   uid:-::::1739887646::7E218F31504E286A852C2E05459BA0DC22FF34AE::Uwe 
> > > Kleine-König <u.kleine-koe...@baylibre.com>:::::::::1742578410:4 
> > > https\x3a//openpgpkey.baylibre.com:
> > > 
> > > So "clean"ing my key removed Trevor's signature.
> > 
> > To expand the set of affected sample data: If you do the above and import 
> > the
> > keys for
> >     u.kleine-koe...@baylibre.com
> >     khil...@baylibre.com
> >     mkorpersh...@baylibre.com
> >     dlech...@baylibre.com
> >     tgamb...@baylibre.com
> > 
> > cleaning the first four keys removes (only) all the signatures by Trevor.
> > 
> > The kernel pgp keyring has some more examples it seems:
> > 
> >     git clone https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git
> >     cd pgpkeys
> >     keyringgpghome="$(mktemp -d)"
> >     gpg --homedir "$keyringgpghome" --import keys/*.asc
> >     gpg --homedir "$keyringgpghome" --export > keyring-2.2.46
> >     gpg --homedir "$keyringgpghome" --export --export-options export-clean 
> > > keyring-2.2.46-clean
> > 
> > and repeating the same with gpg 2.2.45, I get:
> > 
> >     $ ls -lS keyring-*
> >     -rw-rw-r-- 1 uwe uwe  8705354 Mar 24 16:39 keyring-2.2.45
> >     -rw-rw-r-- 1 uwe uwe  8705354 Mar 24 16:37 keyring-2.2.46
> >     -rw-rw-r-- 1 uwe uwe  8199427 Mar 24 16:40 keyring-2.2.45-clean
> >     -rw-rw-r-- 1 uwe uwe  8162407 Mar 24 16:37 keyring-2.2.46-clean
> > 
> > The cleaned keyring exported by 2.2.46 is considerably smaller, so
> > 2.2.46 cleaned more aggressively. Looking at the output of
> > 
> >     diff -u <(gpg --list-packets keyring-2.2.45-clean | grep "issuer key" | 
> > sort) <(gpg --list-packets keyring-2.2.46-clean | grep "issuer key" | sort)
> > 
> > there are differences in both directions (i.e. signatures that are only
> > removed by 2.2.45 and others that are only removed by 2.2.46). At least
> > that is my interpretation given there are + and - lines. I didn't try to
> > inspect the data to judge for each difference which version of gnupg is
> > correct.
> 
> JFTR: I did check some of the ones that gpg 2.2.45 removed. All but
> 
>  pub:-:4064:1:26BCFA05FCF60E4C:1464562073:1779922073::-:::scESC::::::::0:
>  fpr:::::::::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:
>  uid:-::::1727161650::90AF1B0CCF60A66F8C25A9779B5F6580A67B72CE::Marek Behún 
> <ka...@kernel.org>::::::::::0:
> -sig:::1:26BCFA05FCF60E4C:1663342750::::Marek Behún 
> <ka...@kernel.org>:13x::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:::8:
>  sig:::1:26BCFA05FCF60E4C:1727161650::::Marek Behún 
> <ka...@kernel.org>:13x::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:::10:
>  uid:-::::1727161645::6021E246B2D94BF22E0DF15A8BD6E73079859DC0::Marek Behun 
> <ka...@blackhole.sk>::::::::::0:
> -sig:::1:26BCFA05FCF60E4C:1556565206::::Marek Behún 
> <ka...@kernel.org>:13x::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:::8:
> -sig:::1:BD6A501CB78B7C26:1556571913::::Jacek Anaszewski 
> <jacek.anaszew...@gmail.com>:10x::BF1DFC0A568F05F795757090BD6A501CB78B7C26:::8:
>  sig:::1:26BCFA05FCF60E4C:1727161645::::Marek Behún 
> <ka...@kernel.org>:13x::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:::10:
>  uid:-::::1556564998::3D89AAFC785B5B4E4D125A8D9DD223C8ACCB21FD::Marek Behún 
> <marek.be...@nic.cz>::::::::::0:
>  sig:::1:26BCFA05FCF60E4C:1556564998::::Marek Behún 
> <ka...@kernel.org>:13x::95C62D2248EE0D8A44C3D3B426BCFA05FCF60E4C:::8:
>  sub:-:4064:1:B81F800D3C7D948E:1464562073:1779922073:::::e:::::::
>  fpr:::::::::CA49A590D97148D89162602CB81F800D3C7D948E:
>  sig:::1:26BCFA05FCF60E4C:1464562073::::Marek Behún 
> <ka...@kernel.org>:18x:::::8:
> 
> (The lines marked with - are dropped by cleaning with 2.2.45-2)
> 
> I do understand (drops signatures of expired keys, all but the newest
> self-sig). Here I fail to see why Jacek's signature is removed. I

That was a false alarm, BD6A501CB78B7C26 is expired. So that is ok.

> guess it is related to the key having validity '-' and so the signatures
> on it are unusable and so dropped. (Why this key isn't valid however is
> a mystery to me.)

Maybe that '-' is a red herring.

I did some more digging with the kernel's pgpkeyring in `keyring` and
gpg 2.2.45:

        keyringgpghome="$(mktemp -d)"
        gpg="gpg --homedir $keyringgpghome"

        $gpg --import keyring
        for keyid in $($gpg --with-colons --list-key | awk -F: '$1 == "pub" { 
print $5 }'); do
                $gpg --edit-key "$keyid" clean save
        done
        $gpg --export > keyring-2.2.45-cleaned

update to 2.2.46-6 and then

        for keyid in $($gpg --with-colons --list-key | awk -F: '$1 == "pub" { 
print $5 }'); do
                $gpg --edit-key "$keyid" clean save
        done
        $gpg --export > keyring-2.2.46-cleaned

Looking at the differences between these to exported keyrings and which
signatures were removed:

        diff <(hokey canonicalize < keyring-2.2.45-cleaned | gpg --list-packets 
| grep -v ^#) <(hokey canonicalize < keyring-2.2.46-cleaned | gpg 
--list-packets | grep -v ^#) | grep :signature | sort | uniq -c
              5 < :signature packet: algo 1, keyid 05FE503E47DDDE57
              2 < :signature packet: algo 1, keyid 0BAA159BA80750A9
              3 < :signature packet: algo 1, keyid 175C464E541B6D47
              1 < :signature packet: algo 1, keyid 22E2C55B37CF380C
              1 < :signature packet: algo 1, keyid 23026B4FBAB691B9
              1 < :signature packet: algo 1, keyid 352FE6582ED9B5DA
              1 < :signature packet: algo 1, keyid 376EB100563EF7A7
              1 < :signature packet: algo 1, keyid 467C8ED2716A93D7
              3 < :signature packet: algo 1, keyid 488550E901166008
              1 < :signature packet: algo 1, keyid 76691E98F228D396
              2 < :signature packet: algo 1, keyid 8BC68E994040912F
              1 < :signature packet: algo 1, keyid 8BCFBD7BFE04EAB7
              2 < :signature packet: algo 1, keyid 8DAD75EC88883C99
              1 < :signature packet: algo 1, keyid 8FF4B8D271675527
              2 < :signature packet: algo 1, keyid A250D8303357AD7F
              5 < :signature packet: algo 1, keyid AD3F818B34FA35B7
              1 < :signature packet: algo 1, keyid AFE43F15E8C26090
              4 < :signature packet: algo 1, keyid BA2A558FF4ED722E
              1 < :signature packet: algo 1, keyid BC617823EE0B0057
              1 < :signature packet: algo 1, keyid C52D7AFE85F25509
              7 < :signature packet: algo 1, keyid CB2312E1ECF73F57
              1 < :signature packet: algo 1, keyid D247E5D99FE76629
              7 < :signature packet: algo 1, keyid D9D98003B060B92D
              8 < :signature packet: algo 1, keyid F045C2B96991256E
              5 < :signature packet: algo 1, keyid F449AE44A8C05447
              2 < :signature packet: algo 1, keyid F6503556C11B1CCD
              8 < :signature packet: algo 1, keyid FF98A38DA80834DA

Looking at these keys, they are all cert-only keys:

        $gpg --list-keys 05FE503E47DDDE57 0BAA159BA80750A9 175C464E541B6D47 
22E2C55B37CF380C 23026B4FBAB691B9 352FE6582ED9B5DA 376EB100563EF7A7 
467C8ED2716A93D7 488550E901166008 76691E98F228D396 8BC68E994040912F 
8BCFBD7BFE04EAB7 8DAD75EC88883C99 8FF4B8D271675527 A250D8303357AD7F 
AD3F818B34FA35B7 AFE43F15E8C26090 BA2A558FF4ED722E BC617823EE0B0057 
C52D7AFE85F25509 CB2312E1ECF73F57 D247E5D99FE76629 D9D98003B060B92D 
F045C2B96991256E F449AE44A8C05447 F6503556C11B1CCD FF98A38DA80834DA | grep ^pub
        pub   rsa4096 2024-02-01 [C] [expires: 2026-01-31]
        pub   rsa4096 2023-02-26 [C] [expires: 2026-02-28]
        pub   rsa2048 2019-09-19 [C]
        pub   rsa4096 2022-03-31 [C] [expires: 2026-04-01]
        pub   rsa4096 2024-08-01 [C] [expires: 2029-03-01]
        pub   rsa4096 2023-09-28 [C] [expires: 2025-09-27]
        pub   rsa4096 2024-05-09 [C]
        pub   rsa4096 2019-05-29 [C]
        pub   rsa4096 2018-09-29 [C]
        pub   rsa4096 2022-02-11 [C] [expires: 2072-01-30]
        pub   rsa4096 2021-08-11 [C] [expires: 2025-08-02]
        pub   rsa4096 2023-11-10 [C]
        pub   rsa4096 2023-11-22 [C] [expires: 2025-11-21]
        pub   rsa4096 2018-11-29 [C] [expires: 2025-12-02]
        pub   rsa4096 2023-04-12 [C]
        pub   rsa4096 2019-02-16 [C]
        pub   rsa4096 2022-01-18 [C] [expires: 2026-02-12]
        pub   rsa4096 2020-09-08 [C]
        pub   rsa2048 2018-04-30 [C]
        pub   rsa4096 2023-04-28 [C] [expires: 2025-04-27]
        pub   rsa4096 2019-06-18 [C]
        pub   rsa4096 2021-01-14 [C] [expires: 2026-02-04]
        pub   rsa4096 2023-03-31 [C]
        pub   rsa4096 2014-10-09 [C]
        pub   rsa4096 2016-09-14 [C]
        pub   rsa4096 2021-10-29 [C]
        pub   rsa4096 2014-10-01 [C]

which seems to confirm Ingo Klöcker's guess made in
https://dev.gnupg.org/T7583.

(I didn't reply there directly because I guess they don't like reports
about Debian patched gpg and also I don't have an account there.)

Best regards
Uwe

signature.asc
Description: PGP signature