Prompting on concurrent invocations of gpg

John Lane gnupg at jelmail.com
Tue Mar 16 12:19:17 CET 2021


Hello, I have a scenario where gpg is prompting for a passphrase when I
don't think it should because it is cached in the agent. It seems to be
triggered by concurrent use. Here is an example.

First, create some encrypted data:

$ echo test | gpg --encrypt -o test.gpg -r <email-address>

Then decrypt it a number of times:

$ for n in {1..100}; do gpg --decrypt test.gpg &> /dev/null; done

This may prompt for a passphrase if it isn't cached but, if it does, it
should do so only once. I null the output because it's irrelevant. The
main point here is, this works as expected.

Now do the same, but concurrently:

$ for n in {1..10}; do ( gpg --decrypt test.gpg &> /dev/null;) & done

This will prompt for the passphrase a number of times. The number of
iterations can be small, but it seems to start prompting at 6.

Sometimes, not always and only on this concurrent example, I also see a
memory allocation error (this appears unrelated to the prompting and
happens after running the test a few times):

    gpg: public key decryption failed: Cannot allocate memory

Version information:
    gpg (GnuPG) 2.2.25 libgcrypt 1.8.7
    Linux 5.10.6-arch1-1 #1 SMP PREEMPT Sat, 09 Jan 2021 18:22:35 +0000
x86_64 GNU/Linux

Agent config:

    $ cat ~/.gnupg/gpg-agent.conf
    enable-ssh-support
    default-cache-ttl 900
    max-cache-ttl 3600

Why does this happen, can I do something to disable this behaviour, or
is it a bug ?

Thanks




More information about the Gnupg-users mailing list