mirror of git://git.gnupg.org/gnupg.git
43b23aa82b
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t. Return an
error code if sec_to_pub_keyblock failed. Resync secret keyblock.
--
When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway. This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key. After importing
the public key the secret keys suddenly showed up.
This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.
Caution: The ecc.scm test now fails because two of the sample keys
don't have binding signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| E657FB607BB4F21C90BB6651BC067AF28BC90111.asc | ||
| README | ||
| authenticate-only.pub.asc | ||
| authenticate-only.sec.asc | ||
| dda252ebb8ebe1af-1.asc | ||
| dda252ebb8ebe1af-2.asc | ||
| e2e-p256-1-clr.asc | ||
| e2e-p256-1-prt.asc | ||
| ecc-sample-1-pub.asc | ||
| ecc-sample-1-sec.asc | ||
| ecc-sample-2-pub.asc | ||
| ecc-sample-2-sec.asc | ||
| ecc-sample-3-pub.asc | ||
| ecc-sample-3-sec.asc | ||
| ed25519-cv25519-sample-1.asc | ||
| eddsa-sample-1-pub.asc | ||
| eddsa-sample-1-sec.asc | ||
| issue2346.gpg | ||
| no-creation-time.gpg | ||
| pgp-desktop-skr.asc | ||
| rsa-primary-auth-only.pub.asc | ||
| rsa-primary-auth-only.sec.asc | ||
| rsa-rsa-sample-1.asc | ||
| silent-running.asc | ||
| ssh-dsa.key | ||
| ssh-ecdsa.key | ||
| ssh-ed25519.key | ||
| ssh-rsa.key | ||
| whats-new-in-2.1.asc | ||
README
no-creation-time.gpg A key with a zero creation time. ecc-sample-1-pub.asc A NIST P-256 ECC sample key. ecc-sample-1-sec.asc Ditto, but the secret keyblock. ecc-sample-2-pub.asc A NIST P-384 ECC sample key. ecc-sample-2-sec.asc Ditto, but the secret keyblock. ecc-sample-3-pub.asc A NIST P-521 ECC sample key. ecc-sample-3-sec.asc Ditto, but the secret keyblock. eddsa-sample-1-pub.asc An Ed25519 sample key. eddsa-sample-1-sec.asc Ditto, but as protected secret keyblock. dda252ebb8ebe1af-1.asc rsa4096 key 1 dda252ebb8ebe1af-2.asc rsa4096 key 2 with a long keyid collision. whats-new-in-2.1.asc Collection of sample keys. e2e-p256-1-clr.asc Google End-end-End test key (no protection) e2e-p256-1-prt.asc Ditto, but protected with passphrase "a". E657FB607BB4F21C90BB6651BC067AF28BC90111.asc Key with subkeys (no protection) pgp-desktop-skr.asc Secret key with subkeys w/o signatures rsa-rsa-sample-1.asc RSA+RSA sample key (no passphrase) ed25519-cv25519-sample-1.asc Ed25519+CV25519 sample key (no passphrase) silent-running.asc Collection of sample secret keys (no passphrases) rsa-primary-auth-only.pub.asc rsa2408 primary only, usage: cert,auth rsa-primary-auth-only.sec.asc Ditto but the secret keyblock. Notes: - pgp-desktop-skr.asc is a secret keyblock without the uid and subkey binding signatures. When exporting a secret key from PGP desktop such a file is created which is then directly followed by a separate armored public key block. To create such a sample concatenate pgp-desktop-skr.asc and E657FB607BB4F21C90BB6651BC067AF28BC90111.asc - ecc-sample-2-sec.asc and ecc-sample-3-sec.asc do not have and binding signatures either. ecc-sample-1-sec.asc has them, though.