Page MenuHome GnuPG
Create Task
Maniphest T1122

adduid does not detect duplicate user ids
Closed, ResolvedPublic
Actions

Description

when i adduid and provide a uid that is already present, it seems like gpg
should notice this and behave differently. instead, it produces a pair of
identical uids.

This doesn't appear to be fixed until after the next time an "edit-key" is done,
which means that in the interim, gpg provides weird behavior. For example:

0 wt215@pip:~$ printf 'Key-Type: RSA\nKey-Length: 1024\nName-Real: foo bar\n' |
gpg --gen-key --batch
gpg: directory `/home/wt215/.gnupg' created
gpg: new configuration file `/home/wt215/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/wt215/.gnupg/gpg.conf' are not yet active during
this run
gpg: keyring `/home/wt215/.gnupg/secring.gpg' created
gpg: keyring `/home/wt215/.gnupg/pubring.gpg' created

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 263 more bytes)
......+++++
+++++
gpg: /home/wt215/.gnupg/trustdb.gpg: trustdb created
gpg: key 364472D6 marked as ultimately trusted
0 wt215@pip:~$ gpg --edit-key 364472D6
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 1024R/364472D6 created: 2009-08-27 expires: never usage: SCEA

trust: ultimate      validity: ultimate

[ultimate] (1). foo bar

Command> adduid
Real name: foo bar
Email address:
Comment:
You selected this USER-ID:

"foo bar"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

pub 1024R/364472D6 created: 2009-08-27 expires: never usage: SCEA

trust: ultimate      validity: ultimate

[ultimate] (1) foo bar
[ultimate] (2). foo bar

Command> save
0 wt215@pip:~$ gpg --list-key 364472D6
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 1024R/364472D6 2009-08-27
uid foo bar
uid foo bar

0 wt215@pip:~$ gpg --edit-key 364472D6
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: key 364472D6: duplicated user ID detected - merged
Secret key is available.

pub 1024R/364472D6 created: 2009-08-27 expires: never usage: SCEA

trust: ultimate      validity: ultimate

[ultimate] (1). foo bar

Command> quit
Save changes? (y/N) y
0 wt215@pip:~$ gpg --list-key

/home/wt215/.gnupg/pubring.gpg

pub 1024R/364472D6 2009-08-27
uid foo bar

0 wt215@pip:~$

T768 looks like it is related to this --
maybe the fix was incomplete?

Details

Version
1.4.9

Event Timeline

dkg set Version to 1.4.9.Aug 27 2009, 10:11 PM
dkg added projects: gnupg, Bug Report.
dkg added a subscriber: dkg.
werner added a subscriber: werner.Aug 28 2009, 6:44 PM

We will never get 1.4.10 out if you guys always find bugs :-)

werner added a comment.Sep 3 2009, 9:39 PM

Fixed for 2.0 - svn 5147.

werner added projects: In Progress, backport.Sep 3 2009, 9:39 PM
werner closed this task as Resolved.May 12 2010, 11:39 AM
werner claimed this task.
werner removed a project: In Progress.