Silent re-encryption of private keys by gpg-agent: expected behaviour?

[Baptiste Jonglez]

Hi,

I spent quite some time wondering why, a few days ago, one of my private
keys had suddenly changed.  More precisely, the file holding the private
key (~/.gnupg/private-keys-v1.d/${keygrip}.key) had changed, without any
obvious reason.  Note that I am using gnupg 2.1.6, so this is the new
private key format.

After some investigation with a backup, it looks like the change is merely
a re-encryption of the private key using a different algorithm.  I am not
familiar with the private key format, but it looks like bencoded data.
The old file exhibits the following string:

    9:protected14:openpgp-native(19:openpgp-private-key(7:version1:4)(4:algo3:RSA)(4:skey

while the modified file contains instead:

    9:protected25:openpgp-s2k3-sha1-aes-cbc((4:sha1

Besides this, lots of binary data has changed in the file.

This is an old subkey, created in 2010 and revoked in 2013, which got
converted to the new gpg-agent format in late 2014, when I started using
gnupg 2.1.0.

My theory is that, a few days ago, I have been reading an old email,
encrypted towards this old subkey.  Upon using the private key, gpg-agent
might have realised that the encryption algorithm of the private key is
weak, and decided to silently re-encrypt the key using a newer algorithm.
If this theory holds, then this behaviour was probably introduced between
gnupg 2.1.0 and 2.1.6, because gnupg 2.1.0 converted the old key to the
new gpg-agent format using the "weak" encryption algorithm.

Still, I am not very comfortable about a private key getting suddenly
modified.  Is this the expected behaviour?  I couldn't find any hint about
private key re-encryption in the release notes or in the various man
pages.

Thanks,
Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20150823/a4d9ec1a/attachment.sig>