No NEED_PASSPHRASE status line on --export-secret-keys
Closed, ResolvedPublic


Using GnuPG 2.1.15 and command:

gpg2 --status-fd '3' --command-fd '4' --no-secmem-warning --no-tty
--no-default-keyring --no-options --no-permission-warning
--exit-on-status-write-error --trust-model always --pinentry-mode loopback
--armor --homedir 'test-keychain' --export-secret-keys

I got no NEED_PASSPHRASE in status

[GNUPG:] KEY_CONSIDERED 8D2299D9C5C211128B32BBB0C097D9EC94C06363 0
[GNUPG:] GET_HIDDEN passphrase.enter

From all tests in my suite only exporting private keys does not provide

alecpl set Version to 2.1.15.Sep 3 2016, 4:53 PM
alecpl added projects: gnupg, Bug Report.
alecpl added a subscriber: alecpl.

I observed the same behavior with --import.

marcus closed this task as Resolved.Jul 24 2017, 4:06 PM
marcus claimed this task.
marcus added a subscriber: marcus.

Thanks, I fixed this in d8e46f106 for export-secret-keys. I am not sure how/when import asks for a passphrase. Please clarify if that is still an issue and reopen the report (or create a new one).

@marcus From my memory, importing private keys with passwords requires passphrase. Is this not a case in recent versions? What when you have some private keys in keyring and you import more private keys? Isn't the access to private keyring password protected in GnuPG 2.1 as I thought?

Ah, yes, this can happen, see T2313. With --batch, this can be avoided, and I added the NEED_PASSPHRASE with 872137b59.