gen-key with wrong passphrase
gniibe at fsij.org
Tue Oct 6 20:29:03 CEST 2015
I found that the commit efde50f92a introduced a regression for wrong
passphrase input (different passphrase for second time). When it's
different, it failed with following error.
gpg: agent_genkey failed: Unknown system error
Key generation failed: Unknown system error
Expected behavior is to repeat asking passphrase.
In genkey.c, the function reenter_compare_cb can return -1.
The value -1 is incompatible by the change of the commit efde50f92a.
I'm not sure how we fix this. Shall we change the callback
pininfo->check_cb return type from int to gpg_error_t?
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 11 16:28:32 2015 +0100
agent: Improve error reporting from Pinentry.
* agent/call-pinentry.c (unlock_pinentry): Add error logging. Map
error source of uncommon errors to Pinentry.
With this change it is possible to detect whether an error like
GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes
from another part of gpg-agent.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
index a96406f..ef1bfa4 100644
@@ -133,6 +133,34 @@ unlock_pinentry (int rc)
assuan_context_t ctx = entry_ctx;
+ if (rc)
+ if (DBG_ASSUAN)
+ log_debug ("error calling pinentry: %s <%s>\n",
+ gpg_strerror (rc), gpg_strsource (rc));
+ /* Change the source of the error to pinentry so that the final
+ consumer of the error code knows that the problem is with
+ pinentry. For backward compatibility we do not do that for
+ some common error codes. */
+ switch (gpg_err_code (rc))
+ case GPG_ERR_NO_PIN_ENTRY:
+ case GPG_ERR_CANCELED:
+ case GPG_ERR_FULLY_CANCELED:
+ case GPG_ERR_ASS_UNKNOWN_INQUIRE:
+ case GPG_ERR_ASS_TOO_MUCH_DATA:
+ case GPG_ERR_NO_PASSPHRASE:
+ case GPG_ERR_BAD_PASSPHRASE:
+ case GPG_ERR_BAD_PIN:
+ rc = gpg_err_make (GPG_ERR_SOURCE_PINENTRY, gpg_err_code (rc));
entry_ctx = NULL;
err = npth_mutex_unlock (&entry_lock);
More information about the Gnupg-devel