Unable to verify signature: Bad signature length when updating from 3.3.3316 to 3.3.3320

Unofficial solve for this issue below, run at your own peril (very dramatic music plays :slight_smile: )

I couldn’t find an example of this issue in the posts and I think it was originally caused by installing 3.3.3316 in parallel to 3.2.xx then uninstalling 3.2.xx. IMO that’s a rare edge case and not worth anyone wasting time trying to officially solve.

What I did might, or might not, fix it for you too, and it’s not a true “fix” for the root cause but it did eliminate the issue for me so, sharing…

Symptom: Installation from GP version 3.3.3316, auto update detects 3.3.3320 and 3.3.3322 updates are outstanding, press update, updater displays “installing 3.3.3320” and reaches higher than 93% (maybe gets to 100% but too fast to see) and then stops with Update Failed error:

org.bouncycastle.openpgp.PGPRuntimeOperationException: unable to verify signature: Bad signature length: got 384 but was expecting 256

The “fix” (that eventually worked):

  1. Uninstall GanttProject
  2. ensure c:\program files\ganttproject 3.3\ is gone
  3. delete any ganttproject-update<*>zip files from c:\users\appdata\local\temp
  4. delete c:\users\.ganttproject.d ← I think this was the final fix step cause the problem persisted over several re-installs until this was deleted and there were old 3.2.xx updates in there still
  5. download the latest installer, in my case this was the same as before 3.3.3316 ← I did this at the same time as step 4, no doing that isn’t perfect testing practice, and the downloads appeared to be identical, but no I didn’t crc check them either, meh it’s not an official fix so :stuck_out_tongue:
  6. Let GanttProject start after install and it immediately runs the updater. Let it update without opening any files etc.
  7. Updates 3.3.3320 and 3.3.3322 were detected and both installed without error.
  8. GanttProject scheduling time! :grin: