Why has my gpg key been revoked (should I be concerned)?

gnupg encryption

I've been using my public/private key pair for multiple years on my own machine for local purposes only and I've experienced the yearly expiration.

However, this time (around the time my key usually expires) gpg says:

gpg2 --list-keys
/home/user/.gnupg/pubring.kbx
--------------------------------
pub   rsa4096 2016-11-22 [SC] [widerrufen: 2016-11-25]
      KEY123456789
uid        [ widerrufen] My Name (Me) <[email protected]>

I'm 100% sure I didn't revoke my key. Since my gpg version is localized and says "widerrufen", which should translate to "revoked", I tried expiring it nonetheless (via gpg --edit-key and subsequently expire and 1y), but to no avail:

gpg: Beglaubigung fehlgeschlagen: Verarbeitung wurde abgebrochen
gpg: make_keysig_packet failed: Verarbeitung wurde abgebrochen

Which should translate to

gpg: Authentication failed: Processing aborted
gpg: make_keysig_packet failed: Processing aborted

Also I'm confused why it says, that it has been revoked on 2016-11-25. Is this an old key? Is it possible that my regular key has been removed from the key-ring without me noticing?

I read in Un-revoke PGP key that I should be able to reimport my key. However, I'm concerned that my system has been compromised, as I'm not able to explain why my key got revoked in the first place.

Is there an explanation for this?


Also I'm confused why it says, that it has been revoked on 2016-11-25.

The revoked date reflects the date the revocation certificate was generated, not the date the revocation was applied to the key.

As far as how it happened, all that can be certain is the revocation certificate used was not the one automatically generated at the time of key creation - this is evidenced by the fact the key creation time and revocation date are not identical:

pub   rsa4096 2016-11-22 [SC] [widerrufen: 2016-11-25]

3 days after the key was created, you (or, if the key had no password protection, possibly someone else with access to your computer) generated a revocation certificate using gpg --gen-revoke name. Do you recall generating this revocation certificate? If so, do you remember where you stored it?

Unless you have an encrypted home directory, anyone with access to your computer could import the revocation certificate to your keyring.

Is this an old key? Is it possible that my regular key has been removed from the key-ring without me noticing?

Sure, that's possible. If you want to make sure this is the right key, try verifying some signature you made with it prior to revocation.

Related

My laptop does not support ultrawide monitor?
SwiftUI dismiss modal
Do you really need the 'finally' block
With Capybara, how do I switch to the new window for links with "_blank" targets?
Is there a way to negate a boolean returned to variable?
How to test components using new react router hooks?
Customize/remove Django select box blank option
How to make an Asynchronous Method return a value?
Truncate to three decimals in Python
Python - sum values in dictionary
Does the range-based 'for' loop deprecate many simple algorithms?
Remove a field from a Elasticsearch document