Page MenuHome GnuPG
Create Task
Maniphest T1847

Cannot read old keyring (issue 1793 related)
Closed, ResolvedPublic
Actions

Description

(sorry, but new to this bug tracker so probably using it wrongly).

gpg --list-keys
does list keys (except old pgp2 keys).

gpg --list-keys rickert
fails to list any keys (it should list my keys). Instead, it gives:

% gpg --list-keys rickert
gpg: Oops: keyid_from_fingerprint: no pubkey
gpg: error reading key: Legacy key

KDE is unable to access "kdewallet", presumably because of this problem.

I am attaching a small demo keyring (if I can get that to work). It contains 5
keys, all with "rickert" as part of the name. I have private keys for all. One
of those is an older (pgp 2.6.2) key. "gpg --list-keys" shows 4 of those keys.
But "gpg --list-keys rickert" gives only an error.

Yes, I know about the work-around, and I am using that for regular use. But I
still think this is a bug that should be fixed.

Details

Version
gpg 2.1.2

Related Objects

Event Timeline

nrickert added a subscriber: nrickert.Feb 20 2015, 6:17 PM

557_pubring.gpg8 KBDownload

nrickert set Version to gpg 2.1.2.Feb 20 2015, 6:17 PM
nrickert added projects: gnupg, Bug Report.
werner added a project: In Progress.Feb 23 2015, 3:39 PM
werner added a subscriber: werner.Feb 23 2015, 4:43 PM

The code to skip the old keys is getting quite complex for the only reason to
allow reporting the use of such keys during import.

Please try the attached patch.

werner added a comment.Feb 23 2015, 4:43 PM

D285: 559_0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch

nrickert added a comment.Feb 26 2015, 6:13 AM

With that patch:
gpg --list-keys rickert

that now works. However, I am still unable to decrypt. When attempting to open

kdewallet, I get the message:

Error when attempting to decrypt the wallet kdewallet using GPG. If you're using
a SmartCard, please ensure it's inserted then try again.

GPG error was Decryption failed

If I try to decrypt a file at the command line, I get:

gpg: encrypted with 2048-bit ELG key, ID 1F38684E, created 1999-07-05

"Neil W Rickert <rickert@cs.niu.edu>"
gpg: decryption failed: No secret key

However, using the same keyring, this all works with opensuse 13.2 (gpg 2.0.26),
so the secret key is there. The file uses the same key as kdewallet.

werner added a comment.Feb 27 2015, 1:52 PM

Does

gpg -K  1F38684E

list this key? If not please do

gpg --with-keygrip -k 1F38684E

and check that there is a file named after the kegrip below
~/.gnupg/private-keys-v1.d/

nrickert added a comment.Feb 27 2015, 3:14 PM

Here's the output:

% gpg -K 1F38684E
% gpg -K 1F38684E
gpg: Oops: keyid_from_fingerprint: no pubkey
sec dsa1024/46B1EFE1 1999-07-05
uid [ultimate] Neil W Rickert <rickert@cs.niu.edu>
ssb elg2048/1F38684E 1999-07-05

% gpg --with-keygrip -k 1F38684E
gpg: Oops: keyid_from_fingerprint: no pubkey
pub dsa1024/46B1EFE1 1999-07-05

Keygrip = AD607F40378A7ADBC06212C08554174AB7A02B0D

uid [ultimate] Neil W Rickert <rickert@cs.niu.edu>
sub elg2048/1F38684E 1999-07-05

Keygrip = 007FC4C272831E165FDC61E9B078E566D7F472A3

Files exist for both keygrips in that output.

werner added a comment.Mar 3 2015, 10:24 AM

Thanks. It might be related to a left overPGP-2 key in the trustdb. I need to
investigate that closer.

werner claimed this task.Mar 3 2015, 10:24 AM
werner added a comment.Jan 15 2016, 4:48 PM

Several such bugs have been fixed since 2.1.2. Thus I assume this has been
resolved.

werner closed this task as Resolved.Jan 15 2016, 4:48 PM
werner removed a project: In Progress.