Page MenuHome GnuPG

gpg: confirm again before deleting primary key
Needs ReviewPublic

Authored by matheusmoreira on May 2 2019, 5:05 AM.
This revision needs review, but there are no reviewers specified.


  • g10/delkey.c (confirm_deletion): Reconfirm primary key deletion.
  • po/pt.po: Translate primary key deletion confirmation message.

The primary key is more important than the subkeys bound to it.
Confirming its deletion explicitly reduces the chance of accidents.

Signed-off-by: Matheus Afonso Martins Moreira <>

Test Plan

Given a temporary gpg home with primary and subordinate keys:

$ agent/gpg-agent --daemon --homedir $XDG_RUNTIME_DIR/gnupg-git
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --passphrase '' --default-new-key-algo 'rsa1024/cert+rsa1024/sign' --quick-gen-key test
$ PRIMARY=$(g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K --with-subkey-fingerprint --with-colons | awk -F: '/fpr/ { print $10 }' | head -1)

Attempting to delete the $PRIMARY! key should result in a third confirmation prompt warning about the fact the user's primary key is about to be deleted.

Diff Detail

rG GnuPG
Lint Skipped
Unit Tests Skipped

Event Timeline