Page MenuHome GnuPG
Create Task
Maniphest T3747

Erroneous algo picked when using quick-add-key and future-default
Closed, ResolvedPublic
Actions

Description

Trying to add subkeys for either sign or auth with future-default as the algo argument it fails with:

gpg: Key generation failed: Wrong key usage
gpg: Key not changed so no update needed.

Adding an encr key with future-default works as expected. Manually specifying ed25519 as the algo for auth/sign works as well of course.

Below is a full printout showing/testing the above, i.e. make a new key, then try to add future-default subkeys for auth, sign and encr.
Then manually specifying ed25519 for auth/sign showing that it works. As well as listing the keys.

 $ gpg --quiet --batch --passphrase "" --quick-generate-key TEST future-default cert 0
gpg: key 2E2655B274A961E3 marked as ultimately trusted
$ gpg --quiet --list-keys
/home/alice/.gnupg/pubring.kbx
------------------------------
pub   ed25519 2018-01-18 [C]
      A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3
uid           [ultimate] TEST

$ gpg --batch --passphrase "" --quick-add-key A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3 future-default auth
gpg: Key generation failed: Wrong key usage
gpg: Key not changed so no update needed.
$ gpg --batch --passphrase "" --quick-add-key A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3 future-default sign
gpg: Key generation failed: Wrong key usage
gpg: Key not changed so no update needed.
$ gpg --batch --passphrase "" --quick-add-key A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3 future-default encr
$ gpg --list-keys
/home/alice/.gnupg/pubring.kbx
------------------------------
pub   ed25519 2018-01-18 [C]
      A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3
uid           [ultimate] TEST
sub   cv25519 2018-01-18 [E]

$ gpg --batch --passphrase "" --quick-add-key A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3 ed25519 auth
$ gpg --batch --passphrase "" --quick-add-key A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3 ed25519 sign
$ gpg --list-keys
/home/alice/.gnupg/pubring.kbx
------------------------------
pub   ed25519 2018-01-18 [C]
      A528F3A24FF0FC6BDFC2AAD22E2655B274A961E3
uid           [ultimate] TEST
sub   cv25519 2018-01-18 [E]
sub   ed25519 2018-01-18 [A]
sub   ed25519 2018-01-18 [S]

$ gpg --version
gpg (GnuPG) 2.2.4
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/alice/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Details

Version
2.2.4

Revisions and Commits

rG GnuPG
rGe1e35db510c9 gpg: Fix the use of future-default with --quick-add-key.

Event Timeline

plundra created this task.Jan 18 2018, 11:21 AM
werner closed this task as Resolved.Jan 18 2018, 1:46 PM
werner claimed this task.
werner added a project: gnupg (gpg22).
werner added a subscriber: werner.

Well, that was a bit tricky to fix but it has been done and will go into 2.2.5.

Thanks for reporting.

werner added a commit: rGe1e35db510c9: gpg: Fix the use of future-default with --quick-add-key..Jan 18 2018, 2:22 PM