Page MenuHome GnuPG
Create Task
Maniphest T5284

Allow gpgme to export w/o attributes
Open, NormalPublic
Actions

Description

In src/engine-gpg.c , in the function export_common, there's this snippet:

if ((mode & GPGME_EXPORT_MODE_MINIMAL))
  {
    if ((mode & GPGME_EXPORT_MODE_NOUID))
      err = add_arg (gpg, "--export-options=export-minimal,export-drop-uids");
    else
      err = add_arg (gpg, "--export-options=export-minimal");
  }

However, recent versions of gnupg require --export-options=export-minimal,no-export-attributes to drop the uid.

I don't know how to add compatibility with older GPG versions to gpgme, but if that is not needed the fix is simple of course.

Details

Version
1.15.1

Revisions and Commits

rM GPGME
rMc8fd8870b3bf core: Remove experimental feature GPGME_EXPORT_MODE_NOUID.

Event Timeline

jap created this task.Feb 1 2021, 3:18 PM
werner triaged this task as Normal priority.Feb 1 2021, 4:50 PM
werner added a subscriber: werner.

Oops, that was an experimental feature never intended for a released version. Will be removed in a way that it does not leas to compile problems - just to be extra cautiousness.

Thanks for reporting.

jap added a comment.Feb 1 2021, 5:18 PM

Not exactly the answer I was hoping for..

For generating autocrypt headers, I'm looking for a way to do the minimal and no-attributes export, and this seemed to be the right direction. Or should this NOUID flag have a name that better matches the GPG cli?

There's this thread as well: https://lists.gnupg.org/pipermail/gnupg-devel/2014-January/028135.html but that patch seems to have been abandoned. Would you mind if I try reviving it?

werner added a comment.Feb 1 2021, 5:50 PM

A public keyblock without a user id packet is non-compliant. I see no reason to provide a feature to created crippled data. We had all this discussions back in the early 90s regarding to self-signatures. OpenPGP spoke a final word on this in 1998 by making user ids and corresponding self-signatures mandatory.

Dropping attributes is a different thing than user ids. I probably forgot about your patch. Repurposing that flag value for dropping attributes makes sense to me.

werner added a commit: rMc8fd8870b3bf: core: Remove experimental feature GPGME_EXPORT_MODE_NOUID..Feb 1 2021, 7:13 PM
werner renamed this task from gpgme uses incorrect flags for minimal, no uid export of public keys to Allow gpgme to export w/o attributes.Jun 24 2021, 6:24 PM
werner edited projects, added Feature Request; removed Bug Report.