gpgsm's key listing (using colon mode) does not flag PSS certificates as de-vs compliant despite that verification of data shows thathe signature was compliant.
Description
Description
Revisions and Commits
Revisions and Commits
Related Objects
Related Objects
- Mentioned In
- T7998: Release GnuPG 2.5.19
Event Timeline
Comment Actions
Looks good to me on vsd-3.3.7-beta90.9 @ win10.
Given the certificates:
Output of gpgsm
> gpgsm -k --with-colons crt::4096:1:E004BFBAC0BEFCD0:20260416T093134:20270416T093134:09::1.2.840.113549.1.9.1=#636140676E7570672E74657374,CN=CA,OU=QA,O=g10code,L=Erkrath,ST=NRW,C=DE::esES::::::23: [...] crt:u:4096:1:05820209F8375194:20260416T093115:20480410T093115:1494A4F8F628848EC270D23EE981CBE126C4ED9C::1.2.840.113549.1.9.1=#636140676E7570672E74657374,CN=CA,OU=QA,O=g10code,L=Erkrath,ST=NRW,C=DE::cC::::::23: [...]
Display in Kleopatra:
Certificates Details:
ca
% openssl x509 -noout -text -in smime_certs/ca.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:94:a4:f8:f6:28:84:8e:c2:70:d2:3e:e9:81:cb:e1:26:c4:ed:9c
Signature Algorithm: rsassaPss
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
Salt Length: 0x20
Trailer Field: 0x01 (default)
[...]
Signature Algorithm: rsassaPss
Signature Value:
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
Salt Length: 0x20
Trailer Field: 0x01 (default)edward.tester-all
% openssl x509 -noout -text -in smime_certs/edward.tester-all.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: rsassaPss
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
Salt Length: 0x20
Trailer Field: 0x01 (default)
[...]
Signature Algorithm: rsassaPss
Signature Value:
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
Salt Length: 0x20
Trailer Field: 0x01 (default)