Today
Sat, Jan 23
Thu, Jan 21
Wed, Jan 20
Thanks for report. I reproduced this by building i386 with optimizations disabled "-O0" (gcc 10). With normal optimization level such as "-O2", the issue does not appear.
Dec 5 2019
I believe the problem was fixed in the master of pinentry with newer gpg-error-config and libassuan-config which support cross build better.
Mar 4 2019
Jun 6 2018
May 18 2018
Mar 30 2017
May 18 2013
In order to work around this potential bug I do the following at the moment:
- Store: (a) Export the ASCII-armored *secret* key together with its subkeys. (b) Export the ASCII-armored *public* key together with its subkeys.
- Restore: (a) Import the ASCII-armored *public* key together with its subkeys. (b) Import the ASCII-armored *secret* key together with its subkeys.
The actions [1.(b)] and [2.(a)] should not be necessary if there was not this
potential bug.
I further tried to find the action that causes the potential bug with an another
test key as follows:
- Create a certify-only RSA4096 primary key.
- Store the public keyring with: (a) cp ~/.gnupg/pubring.gpg{,XXX}
- Export the secret key to an ASCII-armored file with: (a) gpg -v --status-fd 1 --armor --output 0xEEE9979BE8C80E95.pub.asc.txt --
export 0xEEE9979BE8C80E95
- Export the public key to an ASCII-armored file with: (a) gpg -v --status-fd 1 --armor --output 0xB6BF97893ACA0C17.pub.asc.txt --
export 0xB6BF97893ACA0C17
- Delete the public and secret key with: (a) gpg --delete-secret-and-public-keys 0xEEE9979BE8C80E95
- Import the secret key from an ASCII-armored file with: (a) gpg -v --status-fd 1 --armor --import 0xEEE9979BE8C80E95.sec.asc.txt
- Compare the previously stored public key against the new one with: (a) diff -q ~/.gnupg/pubring.gpg{,XXX}
- Repeat action 1. to 7. by: (a) Adding a sign-only RSA4096 subkey. (b) Adding a encrypt-only RSA4096 subkey. (c) Change the expiry date of the encrypt-only RSA4096 subkey.
ERROR: *Changing the expiry date*, exporting, purging, importing the primary key
with its 2 subkeys makes the first sign-only RSA4096 subkey disappear from the
pubring.gpg file but not from the secring.gpg file.