Page MenuHome GnuPG
Create Task
Maniphest T2667

No NEED_PASSPHRASE status line on --export-secret-keys
Closed, ResolvedPublic
Actions

Description

Using GnuPG 2.1.15 and command:

gpg2 --status-fd '3' --command-fd '4' --no-secmem-warning --no-tty
--no-default-keyring --no-options --no-permission-warning
--exit-on-status-write-error --trust-model always --pinentry-mode loopback
--armor --homedir 'test-keychain' --export-secret-keys
'8D2299D9C5C211128B32BBB0C097D9EC94C06363'

I got no NEED_PASSPHRASE in status

[GNUPG:] KEY_CONSIDERED 8D2299D9C5C211128B32BBB0C097D9EC94C06363 0
[GNUPG:] INQUIRE_MAXLEN 100
[GNUPG:] GET_HIDDEN passphrase.enter

From all tests in my suite only exporting private keys does not provide
NEED_PASSPHRASE.

Details

Version
2.1.15

Revisions and Commits

rG GnuPG
rG872137b5921d g10: Make sure to emit NEED_PASSPHRASE on --import of secret key.
rGd8e46f10698d g10: Make sure to emit NEED_PASSPHRASE on --export-secret-key.

Related Objects

Event Timeline

alecpl set Version to 2.1.15.Sep 3 2016, 4:53 PM
alecpl added projects: gnupg, Bug Report.
alecpl added a subscriber: alecpl.
alecpl added a comment.Sep 4 2016, 10:17 AM

I observed the same behavior with --import.

marcus added a commit: rGd8e46f10698d: g10: Make sure to emit NEED_PASSPHRASE on --export-secret-key..Jul 24 2017, 4:06 PM
marcus closed this task as Resolved.Jul 24 2017, 4:06 PM
marcus claimed this task.
marcus added a subscriber: marcus.

Thanks, I fixed this in d8e46f106 for export-secret-keys. I am not sure how/when import asks for a passphrase. Please clarify if that is still an issue and reopen the report (or create a new one).

alecpl added a comment.Jul 24 2017, 4:49 PM

@marcus From my memory, importing private keys with passwords requires passphrase. Is this not a case in recent versions? What when you have some private keys in keyring and you import more private keys? Isn't the access to private keyring password protected in GnuPG 2.1 as I thought?

marcus added a commit: rG872137b5921d: g10: Make sure to emit NEED_PASSPHRASE on --import of secret key..Jul 24 2017, 5:19 PM
marcus added a comment.Jul 24 2017, 5:19 PM

Ah, yes, this can happen, see T2313. With --batch, this can be avoided, and I added the NEED_PASSPHRASE with 872137b59.