CLI 2.0 fails to verify on Raspberry Pi

XIII
XIII
Community Member

Since the Apt install is failing for me I'm trying a manual install instead, but verification is failing for me:

➜ gpg --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22
gpg: key AC2D62742012EA22: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg:           w/o user IDs: 1
➜ gpg --verify op.sig op
gpg: Signature made Thu 10 Mar 2022 11:19:58 PM CET
gpg:                using RSA key 3FEF9748469ADBE15DA7CA80AC2D62742012EA22
gpg: Can't check signature: No public key

1Password Version: CLI 2.0.0
Extension Version: n/a
OS Version: Raspberry Pi OS (bullseye, 32 bits)

Comments

  • Hey @XIII

    Looks like this is because the key import step was skipped due to the user ID being stripped by the default keyserver (keys.openpgp.org).

    This is tricky because different platforms have different default keyservers..

    I tried it on my Debian OS Docker and encountered the same issue so we appreciate you bringing it up!

    I got the signature step to work by specifying a different keyserver during the retrieve keys step:

    gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22

    Hope this helps.

  • XIII
    XIII
    Community Member

    I get this when I do that:

    ➜ gpg --verify op.sig op
    gpg: Signature made Thu 10 Mar 2022 11:19:58 PM CET
    gpg:                using RSA key 3FEF9748469ADBE15DA7CA80AC2D62742012EA22
    gpg: Good signature from "Code signing for 1Password <codesign@1password.com>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 3FEF 9748 469A DBE1 5DA7  CA80 AC2D 6274 2012 EA22
    

    Is that the expected result?

  • Yep, that is the message from the success case!

  • XIII
    XIII
    Community Member

    Too bad it's giving a warning. Maybe you should explain this in the documentation?

  • I will make an issue to update the docs, thank you @XIII !

This discussion has been closed.