...
 
Commits (1)
  • Daniel Kahn Gillmor's avatar
    clean up cruft from stored keyrings · 061bf73a
    Daniel Kahn Gillmor authored
    I noticed that there was some cruft in the OpenPGP keys we are
    distributing.  For example, NIIBE's key (0x00B45EBD4CA7BABE) contained
    multiple copies of his weird bitcoin ECC subkey.
    
    gpg(1) has a nice import-option for curation/cleanup.  It says:
    
        import-export
           Run the entire import code but instead of storing the key
           to  the local keyring write it to the output.
             [ ... ]
           This  option can be used to remove all invalid parts from
           a key without the need to store it.
    
    so i used this against all the keys in debian-keyring-gpg, like so:
    
        for targ in 0x* ; do
           gpg --no-keyring --batch --quiet \
               --import-options import-export --import \
               < $targ > tmp && \
           /bin/mv tmp $targ
        done
    
    You can see what's changed with:
    
       GIT_EXTERNAL_DIFF=openpgp-diff git diff
    
    where openpgp-diff looks something like:
    
    echo  "changes to file $1"
    diff -u <(pgpdump <"$2") <(pgpdump <"$5")
    true
    
    This removes ~400KB (about 1.5% by volume) of malformed misaligned, or
    duplicated OpenPGP packets.
    061bf73a
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.