Page MenuHome GnuPG
Create Task
Maniphest T5122

Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times)
Closed, ResolvedPublic
Actions

Description

When gpg --import for a secret key, wrong passphrase may result interaction error.

When the first passphrase resulted partially-looking-good secret key, it causes confusing interaction.

A user should be able to try three times always (according to the dialog), but the second try results GPG_ERR_MISSING_VALUE even if good passphrase.
And no third try.

This is because the variable SKEY is overwritten within the function do_unprotect, at the initial call.

Revisions and Commits

rG GnuPG
rG7a80004d5407 agent: Fix importing protected secret key.

Related Objects

Event Timeline

gniibe created this task.Nov 9 2020, 4:09 AM
Jab added a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 11:55 AM
aheinecke removed a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 12:21 PM
gniibe updated the task description. (Show Details)Jun 9 2021, 3:36 AM
gniibe renamed this task from Importing secret key with wrong passphrase results GPG_ERR_MISSING_VALUE (should be able to be tried 3 times) to Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times).Jun 9 2021, 3:38 AM
gniibe added a comment.Jun 9 2021, 3:53 AM

I encountered this bug last year, but I realized that it's hard to make a reproducible case.

gniibe added a commit: rG7a80004d5407: agent: Fix importing protected secret key..Jun 9 2021, 3:59 AM
gniibe changed the task status from Open to Testing.Jun 9 2021, 4:00 AM

Fixed.
I'm not sure if it's worth backporting this to 2.2.

werner added a subscriber: werner.Jun 9 2021, 10:37 AM

Better don't backport this.

werner mentioned this in T5405: Release GnuPG 2.3.2.Aug 24 2021, 7:55 PM
werner closed this task as Resolved.Aug 24 2021, 8:00 PM