Generated PGP keys use deprecated algorithm RSA_SIGN_ONLY

[nakedible-p]

The public keys generated by Krypton for PGP use the value "3" for algorithm everywhere:

:public key packet:
	version 4, algo 3, created 1521796413, expires 0
:signature packet: algo 3, keyid 4082B8B9C13E5A78
	version 4, created 1523818856, md5len 0, sigclass 0x13

It is specified as:

  3          - RSA Sign-Only [HAC]

However, that value is deprecated in the OpenPGP specification:

There are algorithm types for RSA Sign-Only, and RSA Encrypt-Only
keys. These types are deprecated. The "key flags" subpacket in a
signature is a much better way to express the same idea, and
generalizes it to all algorithms. An implementation SHOULD NOT
create such a key, but MAY interpret it.

Quick testing seems to indicate that GPG v1.x allows them, GPG 2.0.x does not and GPG 2.2.x does again allow them.

Given that the "key flags" subpacket does correctly specify that the key supports signing only, I would strongly suggest for compatibilitys sake to switch to algo "1" as it is customary for RSA keys and it is not deprecated.

[kcking]

Thank you for reporting this and for the PR. Unfortunately, changing the pk algorithm seems to break verification of previous signatures. We could potentially use RSA_ENCRYPT_OR_SIGN for newly generated keys only and provide a way to "reset" your public key.

Which version of gpg 2.0.x were you using? Maybe you were running into the bug mentioned here? https://lists.gnupg.org/pipermail/gnupg-users/2014-April/049520.html

[nakedible-p]

I was meaning for it to be used for newly generated keys only. Didn't know this breaks newly generated signatures for old keys, if that is what you meant. Does it break for all versions of GPG?

[nakedible-p]

GPG version:

gpg (GnuPG) 2.0.28
libgcrypt 1.5.3
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /tmp/1ac24cda-76f7-400d-bd55-ba47cbfec3ec
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Resulting error:

gpg: keyring `/tmp/c025024e-9007-467c-b5b2-822e984bbbca/secring.gpg' created
gpg: keyring `/tmp/c025024e-9007-467c-b5b2-822e984bbbca/pubring.gpg' created
gpg: key C13E5A78: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg:           w/o user IDs: 1

Resulting error if I use --allow-non-selfsigned-uid:

gpg: key C13E5A78: accepted non self-signed user ID ...

gpgv: Signature made Mon 16 Apr 2018 06:55:25 AM UTC using ? key ID C13E5A78
gpgv: Can't check signature: Invalid public key algorithm