Unknown signature subpacket: 33, GnuPG 2.1.15

[DrMcCoy]

I am currently migrating to a new GPG key, so I wanted to revoking my proofs and then attach my new key.

My system now by default uses GnuPG 2 (version 2.1.15, to be exact). Trying to revoke the proofs spits out the error message "Unknown signature subpacket: 33". That I could fix by replacing "gpg" by "gpg1", i.e. by using the old GnuPG version.

However, adding my new key, created with GnuPG 2, does not work either, with the error message "Unknown signature subpacket: 33". And there, creating the armored export with gpg1 doesn't help either. So now I'm stuck with an empty keybase identity at the moment.

[eriqnelson]

Experiencing this same error message with a new PGP key. I've run into this on the web and again while uploading the key from the OSX terminal. "▶ ERROR key generation error: Unknown signature subpacket: 33 (error 905)"

[maxtaco]

Does anyone happen to know what Signature subpacket 33 is? I can't find any mention of it in the RFCs

[skwerlman]

It looks like it might be IssuerFingerprint: http://gnupg-devel.gnupg.narkive.com/Z0EFUBU7/issuer-fingerprint-was-vanity-keys
This is the only mention I could find on any of the relevant lists, but it also doesn't say whether it got implemented.

[ixt]

Yeah the same error code occurs when sending signed encrypted messages to people (on their end) it doesnt happen when I send it without signing. I'm also using GnuPG for the encrypting

[mabels]

Have the same problem. This is my keystructure:

pub ed25519 2016-05-31 [C] [expires: 2021-05-30]
F36846C4A7DEFD55F492069C19B013CF06A4BEEF
uid [ unknown] Meno Abels
sub ed25519 2016-05-31 [A] [expires: 2021-05-30]
sub rsa4096 2016-05-31 [SEA] [expires: 2021-05-30]
sub rsa4096 2016-06-06 [SE] [expires: 2021-06-05]
sub rsa4096 2016-06-06 [SE] [expires: 2021-06-05]

I only have access to my subkeys which are stored in a ccid(yubikey).
My masterkey is offline stored.

[andrewhowdencom]

Also have this issue.

• Yubikey

$ gpg --version
gpg (GnuPG) 2.1.15
libgcrypt 1.7.3-beta
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/hahanope/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ uname -a
Linux sw-20160601-01 4.8.0-1-amd64 #1 SMP Debian 4.8.5-1 (2016-10-28) x86_64 GNU/Linux # This is stretch.

Cannot perform any operations; I found this initially trying to do a "follow" command, but the keybase client also can't be set up for the same reason.

Seems to have started recently. I don't remember it being a problem a couple of weeks ago.

[keisisqrl]

Confirmed, line 118 of common/openpgpdefs.h as of GnuPG 2.1.16 :

SIGSUBPKT_ISSUER_FPR = 33, /* EXPERIMENTAL: Issuer fingerprint. */

In release terms, this first appeared in GnuPG 2.1.14.

[gnuself]

I'm also experiencing this issue. Would like for this to be fixed so I can use keybase. At the moment I'm not able to do that.
gpg (GnuPG) 2.1.16
libgcrypt 1.7.3

kernel 4.8.11

[K0HAX]

I am having the same issue with my key.

▶ INFO Bundle unlocked: 7502F475E7B6CCB9
▶ ERROR key generation error: bad signature: Unknown signature subpacket: 33 (error 1002)

[maxtaco]

Ok we will hopefully get to it soon.

…

On Mon, Dec 5, 2016 at 10:47 AM Michael Englehorn ***@***.***> wrote: I am having the same issue with my key. ▶ INFO Bundle unlocked: 7502F475E7B6CCB9 ▶ ERROR key generation error: bad signature: Unknown signature subpacket: 33 (error 1002) — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#2668 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA05_4L2KS0cds5pnOKbPql_W7woXHuNks5rFEAogaJpZM4K0Qdh> .

[tmarble]

I also have this issue :(
gpg (GnuPG) 2.1.16
libgcrypt 1.7.3-beta

[jetibest]

One year later, I have the same error when trying to import private key generated by gpg.

$ gpg --version
gpg (GnuPG) 2.2.3
libgcrypt 1.8.1

Is this project still being developed?

[andrewhowdencom]

@jetibest it works for me at the minute with follow/unfollow operations:

gpg (GnuPG) 2.2.2
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/__USER_NAME__/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

[maxtaco]

We fixed this issue a while ago. @jetibest what exactly isn't working?

[jetibest]

@maxtaco I am now using javascript to generate the keypair, but I also made other radical changes to my code. Therefore it's hard to reproduce, but I'm sure it was my own mistake. However, the given error message could still wrong imo.

[maxtaco]

OK, i'm pretty sure this works for people using the Website and the Go client. If there are STR this bug, we can look further into it. And yes, the project is still being maintained, you'll see that our Github projects are very active

[limakzi]

@maxtaco Well, I think I know what is the problem. have just faced that.

• None of the readers above mentioned new versions of gpg of use ECC instead of RSA.
• The armor format of ED25519 looks different than RSA.
• Welcome to help, if you need.

limakzi@46b15d13-2c92-47da-b05f-d93463d2f875 ~ % gpg --version
gpg (GnuPG) 2.3.1
libgcrypt 1.9.3
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/limakzi/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
AEAD: EAX, OCB
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
limakzi@46b15d13-2c92-47da-b05f-d93463d2f875 ~ % 

---------------------------------
sec   ed25519 2021-05-22 [SC] [expires: 2022-05-22]
      8C76B93043D07153E499BCC1615DED8F22BF73D1
uid           [ultimate] Kamil zabielski <kamil.zabielski@sysdogs.com>
ssb   cv25519 2021-05-22 [E] [expires: 2022-05-22]

limakzi@46b15d13-2c92-47da-b05f-d93463d2f875 ~ % gpg --full-gen-key 
gpg (GnuPG) 2.3.1; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (14) Existing key from card
Your selection? 

It seems to be identical to #4025.