Two Bugs Affecting passwordstore.org with GnuPG 2.1.1

Jason A. Donenfeld Jason at zx2c4.com
Wed Jan 28 17:25:43 CET 2015


On Wed, Jan 28, 2015 at 2:54 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> == Bug 2: gpg-agent/pinentry called when it shouldn't be ==
>
> The keys in the attached GnuPG home folder do not have passphrases
> (they're used in a test harness). On GnuPG 2.0, the following
> succeeds. On GnuPG 2.1, the following fails.
>
> $ unset DISPLAY
> $ echo hello > signme
> $ gpg -s signme </dev/null
> gpg: signing failed: Operation cancelled
> gpg: signing failed: Operation cancelled
>
> GnuPG should *not* prompt for a passphrase when keys are not protected
> with passphrases.

A follow-up on this report. It seems the real problem is that when
GnuPG 2.1 imports keys from 2.0, it marks them as protected, even if
they have no passphrase.



More information about the Gnupg-devel mailing list