Two Bugs Affecting passwordstore.org with GnuPG 2.1.1

Werner Koch wk at gnupg.org
Thu Jan 29 16:37:42 CET 2015


On Wed, 28 Jan 2015 14:54, Jason at zx2c4.com said:

> GnuPG should *not* prompt for a passphrase when keys are not protected
> with passphrases.

Just fixed.

The reasons for this is, as you also noted, the import of unprotected
openpgp keys.  We import them in the native openpgp format and at the
first use gpg-agent migrates them to its own format (because at that
opportunity it knows the passphrase required for re-encryption).  The
unprotected openpgp format also used the protected format but with an
indicator for no protection.  Now, any protected key triggers the
get-passphrase code even that it was not used later.  The remedy is to
detect that special protected format early enough to not ask for a
passphrase.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list