Two Bugs Affecting passwordstore.org with GnuPG 2.1.1
Jason A. Donenfeld
Jason at zx2c4.com
Thu Jan 29 16:43:28 CET 2015
On Thu, Jan 29, 2015 at 4:37 PM, Werner Koch <wk at gnupg.org> wrote:
> On Wed, 28 Jan 2015 14:54, Jason at zx2c4.com said:
> > GnuPG should *not* prompt for a passphrase when keys are not protected
> > with passphrases.
> Just fixed.
> The reasons for this is, as you also noted, the import of unprotected
> openpgp keys. We import them in the native openpgp format and at the
> first use gpg-agent migrates them to its own format (because at that
> opportunity it knows the passphrase required for re-encryption). The
> unprotected openpgp format also used the protected format but with an
> indicator for no protection. Now, any protected key triggers the
> get-passphrase code even that it was not used later. The remedy is to
> detect that special protected format early enough to not ask for a
Great! Thanks Werner. Looking forward to seeing 2.1.2 released next week.
More information about the Gnupg-devel