kspsig
------
Key Signing Party signature verification tool
If you are concerned about the hash algorithm strength used
in key signing this tool seeks to answer questions you may have
following a key signing party...
- How strongly did others sign my key?
- How strongly did I sign other's keys?
- How strong are the signatures for my key?
This tool only reads keyrings: it does not do any key modifications.
The most common use case is to verify signature strength
of SHA256 (or greater) prior to importing keys (e.g. here Carla
verifies Joe's signature strength, and then imports the sig):
$ kspsig 0x40BFEE868B055D9B.1.signed-by-0x542AA88AAD5896AD.asc
pub:u:4096:1:40BFEE868B055D9B:2010-07-26:::u:Carla Coder <carla@coder.net>:
SHA256 AD5896AD Joe Hacker <joe@hacker.net>
$ gpg --import 0x40BFEE868B055D9B.1.signed-by-0x542AA88AAD5896AD.asc
News
----
As of version 0.9.0
- Switch from python 2 to python 3
- Remove dependency on any python gpg library (just use gpg directly)
- The old debian packaging has been removed (and needs to be updated)
- Added examples/ directory (for future PR's which demonstrate bugs)
NOTE:
Never use 32 bit hex id's to identify keys: see http://evil32.com
(use 0x40BFEE868B055D9A not just 0x8B055D9A)
An ITP has been filed for this program #594907
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594907
However it has been suggested that it be combined with signing-party
and thus the following bug has been opened #595060
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595060
License
-------
Copyright (c) 2010-2017 Tom Marble
Licensed under GPLv3 or later http://www.gnu.org/licenses/gpl-3.0.txt
The full text of the license is available in LICENSE and
on Debian (and derived) systems you may find the full text of the
license in /usr/share/common-licenses/GPL-3
Download
--------
You can find the latest version of kspsig at:
http://github.com/tmarble/kspsig
Configuring caff
----------------
Configuring caff to use a strong hash algorithm for signatures
is a little tricky... If you haven't already please consider
adding "cert-digest-algo SHA512" to ~/.gnupg/gpg.conf and then
insure caff uses your default GnuPG config file as follows:
$ mv ~/.caff/gnupghome/gpg.conf ~/.caff/gnupghome/gpg.conf.old
$ ln -s ~/.gnupg/gpg.conf ~/.caff/gnupghome/gpg.conf
You can verify the caff signature preference with:
$ grep cert-digest-algo ~/.gnupg/gpg.conf ~/.caff/gnupghome/gpg.conf
/home/USER/.gnupg/gpg.conf:cert-digest-algo SHA512
/home/USER/.caff/gnupghome/gpg.conf:cert-digest-algo SHA512
$
Note: SHA512 isn't strictly necessary. In the future
the GPG default will be SHA256 (see last URL below).
Apparently the default caff(1) behavior is a _feature_
(see link to bug #527944 below).
It may be wise to review photo UID's before signing
with caff(1) by using this little wrapper function (you can
define it in your ~/.bashrc and don't forget to install xloadimage
or some other gpg --photo-viewer):
function tcaff() {
echo "=== show photo UIDs ==="
if ! gpg --list-options show-photos --list-keys $1 ; then
gpg --recv-key $1
gpg --list-options show-photos --list-keys $1
fi
echo "=== sign key $1 ==="
caff $1
}
Fixing weak signatures
----------------------
Once you have caff configured for a strong signature algorithm
you may be asked to re-sign some keys. Here is an approach:
1. Delete the weak signature(s) on your signature (caff) keyring
(e.g. you signed 0xDEADCAFF with SHA1):
$ gpg --homedir=~/.caff/gnupghome --secret-keyring ~/.gnupg/secring.gpg --no-auto-check-trustdb --trust-model=always --edit-key 0xDEADCAFF
gpg> uid 1
gpg> delsig
gpg> save
NOTE: if you signed multiple uid's for that key will need to
select and delete the signature for each.
2. Re-sign with caff
$ caff --no-download 0xDEADCAFF
3. Verify the new signature
$ kspsig --outgoing 0xDEADCAFF
4. If the new signature doesn't use the algorithm you intended
then try to reconfigure caff and goto step 1.
Sample Letter
-------------
To: Joe Hacker <joe@hacker.net>
Subject: Re-sign with stronger signature? [was Re: Your signed PGP key ...]
Thank you for signing my key at KEY SIGNING PARTY.
I noticed that you signed it with the weaker SHA1 algorithm [0].
I used kspsig to verify this [1]:
$ kspsig 0x40BFEE868B055D9B.1.signed-by-0x542AA88AAD5896AD.asc
pub:u:4096:1:40BFEE868B055D9B:2010-07-26:::u:Carla Coder <carla@coder.net>:
SHA1 AD5896AD Joe Hacker <joe@hacker.net>
$
I have not imported nor uploaded this signature yet. Would
you please consider reconfiguring gpg [2] and caff and signing it again?
Just add "cert-digest-algo SHA512" to ~/.gnupg/gpg.conf and then
insure caff uses your default GnuPG config file as follows:
% mv ~/.caff/gnupghome/gpg.conf ~/.caff/gnupghome/gpg.conf.old
% ln -s ~/.gnupg/gpg.conf ~/.caff/gnupghome/gpg.conf
Please let me know if you have any questions,
--Carla Coder
[0] http://www.gnupg.org/faq/weak-digest-algos.en.html
[1] http://github.com/tmarble/kspsig
[2] http://www.debian-administration.org/users/dkg/weblog/48
Usage Examples
--------------
# Verify incoming signatures
$ ./kspsig examples/0x40BFEE868B055D9A.1.signed-by-0xDB221A6900000011.asc
file: 0x40BFEE868B055D9A.1.signed-by-0xDB221A6900000011.asc
SIGNED 0x40BFEE868B055D9A UID 1 = "Tom Marble <tmarble@info9.net>"
BY 0xDB221A6900000011 = Keith Packard <keithp@keithp.com> WITH SHA256
# How did I sign someone's key?
$ kspsig --caffhome ~/.gnupg -o tmancill@debian.org
pub RSA 4096 0x21D20589974B3E96 2010-07-19 [SC]
uid #1 [full] tony mancill <tmancill@debian.org>
SHA512 sig 40BFEE868B055D9A 2010-09-02 Tom Marble <tmarble@info9.net>
uid #2 [full] tony mancill <tony@mancill.com>
SHA512 sig 40BFEE868B055D9A 2010-09-02 Tom Marble <tmarble@info9.net>
# How did someone sign my key?
$ kspsig --key 0x21D20589974B3E96 --caffhome ~/.gnupg --outgoing 0x40BFEE868B055D9A
pub RSA 4096 0x40BFEE868B055D9A 2010-07-26 [SC]
uid #1 [ultimate] Tom Marble <tmarble@info9.net>
SHA1 sig 21D20589974B3E96 2010-08-06 tony mancill <tmancill@debian.org>
# How did a third person sign someone's key
$ kspsig --key miguel@miguel.cc --caffhome ~/.gnupg --outgoing tmancill@debian.org
pub RSA 4096 0x21D20589974B3E96 2010-07-19 [SC]
uid #1 [full] tony mancill <tmancill@debian.org>
SHA512 sig 6E608B637D8967E9 2014-09-09 Miguel Landaeta <miguel@miguel.cc>
uid #2 [full] tony mancill <tony@mancill.com>
SHA512 sig 6E608B637D8967E9 2014-09-09 Miguel Landaeta <miguel@miguel.cc>
SHA512 sig 6E608B637D8967E9 2014-09-09 Miguel Landaeta <miguel@miguel.cc>
SHA512 sig 6E608B637D8967E9 2014-09-09 Miguel Landaeta <miguel@miguel.cc>
# show the strengh of all signatures on my key
./kspsig --signatures
# show the strengh of all signatures on someone's key
$ kspsig -s 0xDB221A6900000011
pub RSA 4096 0xDB221A6900000011 2012-03-15 [ESCA]
uid #1 [full] Keith Packard <keithp@keithp.com>
SHA1 sig E74D29B82BE16D01 2013-08-13 Moray Allan <moray@sermisy.org>
SHA256 sig E106481EEDF008C5 2013-08-25 [uid#1 E106481EEDF008C5]
SHA1 sig 79BE3E4300411886 2013-10-02 Linus Torvalds <torvalds@linux-foundation.org>
Bugs
----
There are certainly bugs in kspsig related to multiple UID's
and non-standard UID's (e.g. JPEG images). Please file issues
and / or make pull requests to add example files in the
examples/ directory (in order to reproduce the bug).
See Also
--------
gpg(1)
caff(1)
http://www.debian-administration.org/users/dkg/weblog/48
http://www.gnupg.org/faq/weak-digest-algos.en.html
http://keyring.debian.org/creating-key.html
http://lists.debian.org/debian-devel-announce/2009/05/msg00005.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=527944
http://www.gag.com/bdale/blog/posts/Strong_Keys.html
https://evil32.com/