Why gpg 2.1.9 cannot export secret key without passphrase?

Andrey Utkin andrey.od.utkin at gmail.com
Mon Nov 30 20:10:07 CET 2015

On 27.11.2015 13:28, Peter Lebbing wrote:
> I think it makes sense to be able to store a private key without a passphrase in
> a safe place (as in: an actual safe), so you don't run the risk that you forgot
> the passphrase. Currently, this is not possible

Is it impossible straight from RFC 4880 in any defined mode, or is it
just a wrong behaviour in GnuPG/Libgcrypt? Empty passphrases are banned
in several places in this software:

gnupg: agent/protect.c: 1218 (hash_passphrase())
libgcrypt: cipher/kdf.c: 245 (_gcry_kdf_derive())

I haven't learned the RFC yet, so any quick tips are very appreciated.

More information about the Gnupg-users mailing list