Hello all,
I have a public key with a photo-ID uploaded to WKD at my domain and when I 
download it manually and import to gpg, everything works as expected:

> ubuntu@sandbox-jammy:~$ mkdir curl
> ubuntu@sandbox-jammy:~$ chmod 0700 curl
> ubuntu@sandbox-jammy:~$ gpg --homedir curl --list-keys
> gpg: keybox '/home/ubuntu/curl/pubring.kbx' created
> gpg: /home/ubuntu/curl/trustdb.gpg: trustdb created
> ubuntu@sandbox-jammy:~$ curl 
> https://morgwai.pl/.well-known/openpgpkey/hu/iffe93qcsgp4c8ncbb378rxjo6cn9q6u?l=test
>  |gpg --homedir curl --import
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  
> Current
>                                  Dload  Upload   Total   Spent    Left  Speed
> 100  6131  100  6131    0     0   7041      0 --:--:-- --:--:-- --:--:--  7039
> gpg: key 5EE910C88398CC40: public key "Test Email <t...@morgwai.pl>" imported
> gpg: Total number processed: 1
> gpg:               imported: 1
> ubuntu@sandbox-jammy:~$ gpg --homedir curl --list-keys
> /home/ubuntu/curl/pubring.kbx
> -----------------------------
> pub   rsa3072 2022-01-31 [SC] [expires: 2024-01-31]
>       23F3101D5D4428E12E6659095EE910C88398CC40
> uid           [ unknown] Test Email <t...@morgwai.pl>
> uid           [ unknown] [jpeg image of size 3890]
> sub   rsa3072 2022-01-31 [E] [expires: 2024-01-31]


However if I try to locate the same key automatically using WKD mechanism, then 
the attached photo-ID is not imported into my keyring:

> ubuntu@sandbox-jammy:~$ gpg --homedir wkd --list-keys
> gpg: keybox '/home/ubuntu/wkd/pubring.kbx' created
> gpg: /home/ubuntu/wkd/trustdb.gpg: trustdb created
> ubuntu@sandbox-jammy:~$ gpg -vv --homedir wkd --locate-keys t...@morgwai.pl
> gpg: using pgp trust model
> gpg: error retrieving 't...@morgwai.pl' via Local: No public key
> # off=0 ctb=99 tag=6 hlen=3 plen=397
> :public key packet:
>       version 4, algo 1, created 1643637767, expires 0
>       pkey[0]: [3072 bits]
>       pkey[1]: [17 bits]
>       keyid: 5EE910C88398CC40
> # off=400 ctb=b4 tag=13 hlen=2 plen=28
> :user ID packet: "Test Email <t...@morgwai.pl>"
> # off=430 ctb=89 tag=2 hlen=3 plen=468
> :signature packet: algo 1, keyid 5EE910C88398CC40
>       version 4, created 1643637767, md5len 0, sigclass 0x13
>       digest algo 10, begin of digest d0 92
>       hashed subpkt 33 len 21 (issuer fpr v4 
> 23F3101D5D4428E12E6659095EE910C88398CC40)
>       hashed subpkt 2 len 4 (sig created 2022-01-31)
>       hashed subpkt 27 len 1 (key flags: 03)
>       hashed subpkt 9 len 4 (key expires after 2y0d0h0m)
>       hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
>       hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2)
>       hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
>       hashed subpkt 30 len 1 (features: 01)
>       hashed subpkt 23 len 1 (keyserver preferences: 80)
>       subpkt 16 len 8 (issuer key ID 5EE910C88398CC40)
>       data: [3072 bits]
> # off=901 ctb=d1 tag=17 hlen=3 plen=3909 new-ctb
> :attribute packet: [jpeg image of size 3890]
> # off=4813 ctb=89 tag=2 hlen=3 plen=468
> :signature packet: algo 1, keyid 5EE910C88398CC40
>       version 4, created 1643638375, md5len 0, sigclass 0x13
>       digest algo 10, begin of digest 64 cc
>       hashed subpkt 33 len 21 (issuer fpr v4 
> 23F3101D5D4428E12E6659095EE910C88398CC40)
>       hashed subpkt 2 len 4 (sig created 2022-01-31)
>       hashed subpkt 27 len 1 (key flags: 03)
>       hashed subpkt 9 len 4 (key expires after 2y0d0h0m)
>       hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
>       hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2)
>       hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
>       hashed subpkt 30 len 1 (features: 01)
>       hashed subpkt 23 len 1 (keyserver preferences: 80)
>       subpkt 16 len 8 (issuer key ID 5EE910C88398CC40)
>       data: [3072 bits]
> # off=5284 ctb=b9 tag=14 hlen=3 plen=397
> :public sub key packet:
>       version 4, algo 1, created 1643637767, expires 0
>       pkey[0]: [3072 bits]
>       pkey[1]: [17 bits]
>       keyid: B66941040BC242DD
> # off=5684 ctb=89 tag=2 hlen=3 plen=444
> :signature packet: algo 1, keyid 5EE910C88398CC40
>       version 4, created 1643637767, md5len 0, sigclass 0x18
>       digest algo 10, begin of digest 65 bc
>       hashed subpkt 33 len 21 (issuer fpr v4 
> 23F3101D5D4428E12E6659095EE910C88398CC40)
>       hashed subpkt 2 len 4 (sig created 2022-01-31)
>       hashed subpkt 27 len 1 (key flags: 0C)
>       hashed subpkt 9 len 4 (key expires after 2y0d0h0m)
>       subpkt 16 len 8 (issuer key ID 5EE910C88398CC40)
>       data: [3069 bits]
> gpg: pub  rsa3072/5EE910C88398CC40 2022-01-31  Test Email <t...@morgwai.pl>
> gpg: writing to '/home/ubuntu/wkd/pubring.kbx'
> gpg: key 5EE910C88398CC40: public key "Test Email <t...@morgwai.pl>" imported
> gpg: no running gpg-agent - starting '/usr/bin/gpg-agent'
> gpg: waiting for the agent to come up ... (5s)
> gpg: connection to agent established
> gpg: Total number processed: 1
> gpg:               imported: 1
> gpg: auto-key-locate found fingerprint 
> 23F3101D5D4428E12E6659095EE910C88398CC40
> gpg: automatically retrieved 't...@morgwai.pl' via WKD
> pub   rsa3072 2022-01-31 [SC] [expires: 2024-01-31]
>       23F3101D5D4428E12E6659095EE910C88398CC40
> uid           [ unknown] Test Email <t...@morgwai.pl>
> sub   rsa3072 2022-01-31 [E] [expires: 2024-01-31]


Is this intended or is it a bug? Is there a way to force gpg to retrieve 
photo-ID when using WKD?
I'm using GnuPG-2.2.27 on ubuntu jammy.
Or maybe there's some problem with my WKD, regardless that it works manually 
with curl as shown above? It was generated using the python-3 script: 
`./generate-openpgpkey-hu-3 -k .gnupg/pubring.kbx -m morgwai.pl -o hu`

Thanks!

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to