Page MenuHome GnuPG
Create Task
Maniphest T8076

Kleopatra: Unable to completely delete key with secret subkeys and offline-primary key
Open, NormalPublic
Actions

Description

This bug was first reported at https://bugs.kde.org/show_bug.cgi?id=515372

Original title: Unable to completely delete incomplete team key

SUMMARY

After deleting the incomplete team key in Kleopatra and then importing the public key of that team key, it will be found that the secret key of the team key is still present.

STEPS TO REPRODUCE

  1. Create an OpenPGP key (hereinafter referred to as Key A) with the "Set up this key for shared usage in teams" option enabled.
  2. Save secret team key for Key A; whether the "Allow team members to sign with the team key" option is enabled or not has no effect.
  3. Export the public key of Key A.
  4. Delete Key A
  5. Import the secret team key A that was exported earlier (the one with the incomplete certificate).
  6. Delete secret team key A that was just imported.
  7. Import the public key of Key A.

OBSERVED RESULT

The imported key A contains its public key and an incomplete secret key.

EXPECTED RESULT

The imported key A contains only the public key, not the secret key.

SOFTWARE/OS VERSIONS

Kleopatra: Gpg4win-5.0.1
Kleopatra: 76f98d94d858d18edd22b8d26aad565b1f71671f
GnuPG: 2.5.17
Libgcrypt: 1.11.2
KDE Frameworks: 6.20.0
Qt: Using 6.10.1 and built against 6.10.1
Windows 10 Version 21H2
Build ABI: x86_64-little_endian-llp64
Kernel: winnt 10.0.19044

ADDITIONAL INFORMATION

This might be a problem with the GPG core; it's reported that using GPG commands directly makes it impossible to delete incomplete team keys.

Details

Version
Gpg4win-5.0.1

Related Objects

Event Timeline

ikloecker created this task.Feb 2 2026, 11:27 AM
ikloecker added a comment.Feb 2 2026, 11:39 AM

This is actually a (known) bug in gpg, i.e. gpg --delete-secret-and-public-key PRIMARY_KEY_FPR only deletes the public key for keys without primary secret key.

A possible workaround seems to be to call gpg --delete-secret-and-public-key 'SUBKEY_FPR!' for each secret subkey followed by a gpg --delete-key PRIMARY_KEY_FPR to get rid of the key including all its secret subkeys.

ikloecker renamed this task from Kleopatra: Unable to completely delete incomplete team key to Kleopatra: Unable to completely delete key with secret subkeys and "offline" primary key.Feb 2 2026, 11:49 AM
ikloecker updated the task description. (Show Details)
ebo added a project: gpd5x.Feb 2 2026, 11:53 AM
werner triaged this task as Normal priority.Feb 2 2026, 12:08 PM
werner added a project: gnupg26.
ebo mentioned this in T8098: Kleopatra: Omit question about own key when importing a secret team key.Tue, Mar 3, 4:39 PM
werner added a subscriber: werner.Tue, Mar 10, 5:21 PM

If you specify a primary key the primary key shall be deleted. If there is only an offline or token based primary it can't be deleted. This is what the user requested. We can't change this because otherwise subkeys might be unintentionally deleted.

werner renamed this task from Kleopatra: Unable to completely delete key with secret subkeys and "offline" primary key to Kleopatra: Unable to completely delete key with secret subkeys and offline-primary key.Tue, Mar 10, 5:24 PM

What is an "incomplete team key" - a standard offline secret key (i.e. one with only secret subkeys)?

ikloecker added a comment.Tue, Mar 10, 5:55 PM
In T8076#215372, @werner wrote:

If you specify a primary key the primary key shall be deleted. If there is only an offline or token based primary it can't be deleted. This is what the user requested. We can't change this because otherwise subkeys might be unintentionally deleted.

gpg --delete-secret-and-public-key PRIMARY_KEY_FPR deletes the public key and just leaves the secret key data of the subkeys in the private-keys-v1.d/, i.e. for the user it looks like everything has been purged, in particular, the secret key data.

I would agree with "If you specify a primary key the primary key shall be deleted." if I had called gpg --delete-secret-keys PRIMARY_KEY_FPR! (note the trailing !). As far as I can tell the usual rule is PRIMARY_KEY_FPR means the whole key while KEY_FPR! means exactly the specified (sub)key.

ebo mentioned this in Unknown Object (Phriction Wiki Document).Wed, Mar 11, 10:05 AM
alexk added a subscriber: alexk.Wed, Mar 11, 10:29 AM
pl13 added a subscriber: pl13.Wed, Mar 11, 5:16 PM