Signature File

bill
2013-05-13
2013-05-15
  • bill
    bill
    2013-05-13

    Downloaded 3.31 and it doesn't verify. I don't see a new public key for Rony but I'm guessing there is one?

    I double checked an older password safe version I have and it works:
    I:\archive\gpg\keys>gpg --verify \computer\share\Archive\pwsafe\3.26\pwsafe-3.26.exe.sig
    gpg: Signature made 06/30/11 14:18:00 using DSA key ID FA175557
    gpg: Good signature from "Rony Shapiro ronys@users.sourceforge.net"

    on 3.31 I get:
    I:\archive\gpg\keys>gpg --verify \computer\share\Archive\pwsafe\3.31\pwsafe-3.31.exe.sig
    gpg: Signature made 05/11/13 06:49:48 using RSA key ID 5CCF8BB3
    gpg: Can't check signature: public key not found

     
    • Rony Shapiro
      Rony Shapiro
      2013-05-14

      Yes, my old signing key was, well, too old (12 years!). You can download the new one from
      http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x919464515CCF8BB3
      Note that the new key's signed with the old one, as well as another key that you can download from pgp.mit.edu as well.

      Rony

       
      • bill
        bill
        2013-05-15

        Thanks;

        worked fine

         
  • fernando
    fernando
    2013-05-14

    $ curl -LOs http://sourceforge.net/projects/passwordsafe/files/passwordsafe/3.31/pwsafe-3.31.exe
    
    $ curl -LOs http://sourceforge.net/projects/passwordsafe/files/passwordsafe/3.31/pwsafe-3.31.exe.sig
    
    $ gpg pwsafe-3.31.exe.sig
    gpg: Signature made 05/11/13 05:49:48
    gpg:                using RSA key 0x919464515CCF8BB3
    gpg: Good signature from "Rony Shapiro (PasswordSafe Signing Key) <ronys@users.sourceforge.net>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: A703 C132 8EAB C7B2 0175  3BA3 9194 6451 5CCF 8BB3
    
    $ echo;cbc1bf84ecf668ee6e4fa14b992a4adc53d385a8 *pwsafe-3.31.exe|sha1sum -c
    pwsafe-3.31.exe: OK
    
    $