Page MenuHome GnuPG
Create Task
Maniphest T6569

unusable secret key selectable for crypto operations
Closed, DuplicatePublic
Actions

Description

Noticed when testing T5869:

If you have an encrypt only key, both Kleopatra and GpgOL will allow to select the key for signing which does not have the capability for it.
If you do not have another secret key, it will be automatically suggested, too.


Details

Version
3.1.26

Related Objects

Event Timeline

ebo created this task.Jun 30 2023, 5:19 PM
ebo mentioned this in T5869: GpgOL: Sign requested without signing key shows error.
ikloecker added a subscriber: ikloecker.Jun 30 2023, 6:31 PM

I don't think that Kleopatra allows to select an encrypt-only key for signing because I have fixed exactly this issue a couple of months: T6456: Kleopatra: Offers encryption-only OpenPGP keys as signing key.

But it's possible that Kleopatra preselects an encrypt-only key if that's the only secret key in the keyring.

ebo added a comment.Jul 3 2023, 9:44 AM

No, it doesn't do even that. Sorry, I only tested that with 3.1.26 which is older than your fix.
No encrypt-only key is offered or selectable for signing any more in Gpg4win-4.2.0-beta360

ebo closed this task as a duplicate of T6456: Kleopatra: Offers encryption-only OpenPGP keys as signing key.Jul 3 2023, 10:02 AM