Why gpg 2.1.9 cannot export secret key without passphrase?
Andrey Utkin
andrey.od.utkin at gmail.com
Mon Nov 30 20:10:07 CET 2015
On 27.11.2015 13:28, Peter Lebbing wrote:
> I think it makes sense to be able to store a private key without a passphrase in
> a safe place (as in: an actual safe), so you don't run the risk that you forgot
> the passphrase. Currently, this is not possible
Is it impossible straight from RFC 4880 in any defined mode, or is it
just a wrong behaviour in GnuPG/Libgcrypt? Empty passphrases are banned
in several places in this software:
gnupg: agent/protect.c: 1218 (hash_passphrase())
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/protect.c;h=cdb39fd1310dd539b3fa88f55e117a9aeecdb1e9;hb=refs/heads/master#l1218
libgcrypt: cipher/kdf.c: 245 (_gcry_kdf_derive())
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob;f=cipher/kdf.c;h=ad5c46efdce696896f60521f8fe856ea102e6950;hb=refs/heads/master#l245
I haven't learned the RFC yet, so any quick tips are very appreciated.
More information about the Gnupg-users
mailing list