Page MenuHome GnuPG
Create Task
Maniphest T2346

Invalid import result in gnupg 2.1 when importing secret keys
Closed, ResolvedPublic
Actions

Description

With 2.1 the secret key import result changed.

I've asked about this on the mailing list before:
https://lists.gnupg.org/pipermail/gnupg-devel/2016-March/030877.html

I think this should be treated as a bug.
The result:
gpg: Total number processed: 2
gpg: imported: 1
gpg: secret keys read: 2
gpg: secret keys imported: 1

Is the result for "GnuPG imported all secret keys in that file" but but the
result shows that it read more then it imported.

This result indicates that not all keys in that file were imported, which is not
true.

If the intention is to include information about subkeys that should be an extra
number.

Details

Version
master

Related Objects

Event Timeline

aheinecke added projects: gnupg (gpg21), gnupg, Bug Report.May 4 2016, 10:28 AM
aheinecke set Version to master.
aheinecke added a subscriber: aheinecke.
werner lowered the priority of this task from Normal to Low.May 6 2016, 8:09 PM
bernhard added a subscriber: werner.May 31 2016, 4:54 PM
bernhard added a subscriber: bernhard.

Hi, I consider it a regular defect if unexplained, because the API somehow changed.

I ran into it while testing python3-gpgme on Debian Jessie.
Two testcases fail because of the changed gpgme behaviour to count more processed
"keys" than before.

pygpgme-0.3$ python3 -m unittest tests.test_import

F..F..

FAIL: test_import_concat (tests.test_import.ImportTestCase)

Traceback (most recent call last):

File "/home/bernhard/werkbank/2auto/pygpgme-0.3/tests/test_import.py", line 105, in

test_import_concat

self.assertEqual(result.considered, 3)

AssertionError: 5 != 3

FAIL: test_import_secret_file (tests.test_import.ImportTestCase)

Traceback (most recent call last):

File "/home/bernhard/werkbank/2auto/pygpgme-0.3/tests/test_import.py", line 58, in

test_import_secret_file

self.assertEqual(result.considered, 1)

AssertionError: 3 != 1

How to see the difference without pygpgme installed in Jessie with
Package: libgpgme11
Version: 1.6.0-99intevation1

Package: gnupg2
Version: 2.1.11-99intevation2

pygpgme-0.3/tests/keys$ LANG=C GNUPGHOME=~/tmp/dot.gnupg3 gpg2 --with-colons --import
key1.pub key1.sec key2.pub
gpg: Total number processed: 5

The same on wheezy:
Package: libgpgme11
Version: 1.3.1-0kk3

Package: gnupg2
Version: 2.0.25-99intevation2
ygpgme-0.3/tests/keys$ LANG=C GNUPGHOME=~/tmp/dot.gnupg gpg2 --with-colons --import
key1.pub key1.sec key2.pub

gpg: Total number processed: 3

bernhard renamed this task from Invalid import result in gnupg 2.1 when importing secret keys to Changed gpgme import result count in gnupg 2.1 when importing secret keys.May 31 2016, 4:54 PM
bernhard assigned this task to werner.
bernhard raised the priority of this task from Low to Normal.
werner added a comment.Jun 1 2016, 2:13 PM

Bernhard: Please do not assign bugs to me without my consent.

werner renamed this task from Changed gpgme import result count in gnupg 2.1 when importing secret keys to Invalid import result in gnupg 2.1 when importing secret keys.Jun 1 2016, 2:13 PM
werner removed werner as the assignee of this task.
werner lowered the priority of this task from Normal to Low.
werner removed a subscriber: aheinecke.
justus added a subscriber: justus.Jul 25 2016, 11:32 AM

How did you create the key? I tried to reproduce it, and my numbers are even funnier:

% gpg2 --list-packets key2
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!

off=0 ctb=95 tag=5 hlen=3 plen=919

:secret key packet:

version 4, algo 1, created 1262304006, expires 0
pkey[0]: [2048 bits]
pkey[1]: [17 bits]
skey[2]: [2046 bits]
skey[3]: [1024 bits]
skey[4]: [1024 bits]
skey[5]: [1016 bits]
checksum: 4197
keyid: 576109131A46786C

off=922 ctb=b4 tag=13 hlen=2 plen=29

:user ID packet: "Test Keyyy <test@example.org>"

off=953 ctb=89 tag=2 hlen=3 plen=311

:signature packet: algo 1, keyid 576109131A46786C

version 4, created 1262304006, md5len 0, sigclass 0x13
digest algo 8, begin of digest 79 38
hashed subpkt 2 len 4 (sig created 2010-01-01)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
hashed subpkt 21 len 5 (pref-hash-algos: 8 9 10 11 2)
hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (keyserver preferences: 80)
subpkt 16 len 8 (issuer key ID 576109131A46786C)
data: [2045 bits]

off=1267 ctb=9d tag=7 hlen=3 plen=920

:secret sub key packet:

version 4, algo 1, created 1262304006, expires 0
pkey[0]: [2048 bits]
pkey[1]: [17 bits]
skey[2]: [2047 bits]
skey[3]: [1024 bits]
skey[4]: [1024 bits]
skey[5]: [1024 bits]
checksum: 4233
keyid: 2D1354FDD1343C83

off=2190 ctb=89 tag=2 hlen=3 plen=287

:signature packet: algo 1, keyid 576109131A46786C

version 4, created 1262304006, md5len 0, sigclass 0x18
digest algo 8, begin of digest 49 47
hashed subpkt 2 len 4 (sig created 2010-01-01)
hashed subpkt 27 len 1 (key flags: 0C)
subpkt 16 len 8 (issuer key ID 576109131A46786C)
data: [2047 bits]

% GNUPGHOME=$(mktemp -d) gpg2 --import key2
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: keybox '/tmp/tmp.vt2HmFYk11/pubring.kbx' created
gpg: /tmp/tmp.vt2HmFYk11/trustdb.gpg: trustdb created
gpg: key 576109131A46786C: public key "Test Keyyy <test@example.org>" imported
gpg: key 576109131A46786C: secret key imported
gpg: Total number processed: 3
gpg: imported: 1
gpg: secret keys read: 3
gpg: secret keys imported: 2

I'd say 'Total number processed' and 'secret keys read' is off by one even if one counts the
subkeys.

justus claimed this task.Jul 25 2016, 11:32 AM
justus added a subscriber: aheinecke.
justus closed this task as Resolved.Jul 25 2016, 12:54 PM

Fixed in 4ba11251.