Skip to content

sqv rejects some signatures that gpg accepts

cacin on irc reported that sqv rejects some signatures that gpg accepts

$ cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 13 (trixie)"
NAME="Debian GNU/Linux"
VERSION_ID="13"
VERSION="13 (trixie)"
VERSION_CODENAME=trixie
DEBIAN_VERSION_FULL=13.1
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

$ gpg --version
gpg (GnuPG) 2.4.7
libgcrypt 1.11.0
Copyright (C) 2024 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/user/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sqv --version
sqv 1.3.0 (sequoia-openpgp 2.0.0, using Nettle 3.10 (Cv448: true, OCB: true))

$ gpg --batch --passphrase '' --quick-gen-key sqv-testkey
$ gpg -k sqv-testkey
pub   ed25519 2025-09-23 [SC] [expires: 2028-09-22]
      0AF6EB0952D199FDD9E99040C9B2377B34E4B722
uid           [ultimate] sqv-testkey
sub   cv25519 2025-09-23 [E]

$ gpg --output secret.key --armor --export-secret-keys sqv-testkey
$ cat secret.key
-----BEGIN PGP PRIVATE KEY BLOCK-----

lFgEaNK6GxYJKwYBBAHaRw8BAQdA8qgBtNXezGOke+B3n+HlZYb334jxuAMU6CS3
NNE1AtYAAP9emchdHMoPrCSiT+brvKH49D1tRf1JPqK9lCfhq/wJuxLEtAtzcXYt
dGVzdGtleYiWBBMWCgA+FiEECvbrCVLRmf3Z6ZBAybI3ezTktyIFAmjSuhsCGwMF
CQWjmoAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQybI3ezTktyKOdQD+I3o8
H7nlv5kzcPrGvIEWi7YghiJ4D4arHy1HpabNKDQA/3biiy2QAfGGj2xvsdF7eI92
cFipo+KdH9DNJ4zZN8ACnF0EaNK6GxIKKwYBBAGXVQEFAQEHQDwZijodXEz5aiiI
GYghznkng9jpZzxXJTq3yCPN62Q/AwEIBwAA/05xzRd9rAei0tYtybOWZdGNuayP
/P/i6VrqSoBWxex4FGWIeAQYFgoAIBYhBAr26wlS0Zn92emQQMmyN3s05LciBQJo
0robAhsMAAoJEMmyN3s05LciBfoA/AuFvhjTc+pCcFTPFtv+nTLoMfvgW47OUovi
oxedH7rzAP99P6dkAyPr4AysIyTYRWANYtNL8384RuSkvIC9SwG3Ag==
=JWZ7
-----END PGP PRIVATE KEY BLOCK-----

$ gpg --output public.key --armor --export sqv-testkey
$ cat public.key
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEaNK6GxYJKwYBBAHaRw8BAQdA8qgBtNXezGOke+B3n+HlZYb334jxuAMU6CS3
NNE1Ata0C3Nxdi10ZXN0a2V5iJYEExYKAD4WIQQK9usJUtGZ/dnpkEDJsjd7NOS3
IgUCaNK6GwIbAwUJBaOagAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDJsjd7
NOS3Io51AP4jejwfueW/mTNw+sa8gRaLtiCGIngPhqsfLUelps0oNAD/duKLLZAB
8YaPbG+x0Xt4j3ZwWKmj4p0f0M0njNk3wAK4OARo0robEgorBgEEAZdVAQUBAQdA
PBmKOh1cTPlqKIgZiCHOeSeD2OlnPFclOrfII83rZD8DAQgHiHgEGBYKACAWIQQK
9usJUtGZ/dnpkEDJsjd7NOS3IgUCaNK6GwIbDAAKCRDJsjd7NOS3IgX6APwLhb4Y
03PqQnBUzxbb/p0y6DH74FuOzlKL4qMXnR+68wD/fT+nZAMj6+AMrCMk2EVgDWLT
S/N/OEbkpLyAvUsBtwI=
=Y5lU
-----END PGP PUBLIC KEY BLOCK-----

$ echo 'hello world' >plaintext_message
$ cat plaintext_message
hello world

$ gpg --local-user sqv-testkey --armor --output signed_message --sign plaintext_message
$ cat signed_message
-----BEGIN PGP MESSAGE-----

owGbwMvMwCV2cpN5tcmT7UqMa5STBAtyEjPzSlIrSuJzU4uLE9NTMy7tepORmpOT
r1CeX5STwtVRysIgxsUgK6bIwvXtNWfQxZl/b76c4AAzhJUJpIGBi1MAJrK0jZHh
+Va+yCz91dE/H5tedsywqTjK8FJPaslXcb+ZUbVPTiRtYPif+i/44rL361OMdoha
fpPyN1lZoSo6f2q5+aELkwtZ/4TzAwA=
=68eH
-----END PGP MESSAGE-----

$ gpg --verify signed_message
gpg: Signature made Tue Sep 23 15:21:16 2025 UTC
gpg:                using EDDSA key 0AF6EB0952D199FDD9E99040C9B2377B34E4B722
gpg: Good signature from "sqv-testkey" [ultimate]

$ sqv --keyring=public.key --output=outfile --message -- signed_message
Error: Malformed Message: Malformed OpenPGP message