Re: [2.1.19] --list-secret-keys not # marking unavailable subkeys?

2017-04-07 Thread Werner Koch 
Hi!

On Thu,  6 Apr 2017 14:21, d...@00dani.me said:

> It's very confusing, as it seems to indicate my secret keyring contains
> keys that it definitely doesn't. Why the inconsistency? Can I somehow

Good catch. Thanks.

There is a stupid bug in the code:

--8<---cut here---start->8---
   if (!agent_get_keyinfo (NULL, hexgrip, , NULL))
 secret = serialno? 3 : 1;
   else
-secret = '2';  /* Key not found.  */
+secret = 2;  /* Key not found.  */
--8<---cut here---end--->8---

I just pushed a fix to the repo.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpJk5XL4_yKV.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[2.1.19] --list-secret-keys not # marking unavailable subkeys?

2017-04-06 Thread Danielle McLean 
Hi, I'm using GnuPG 2.1.19 on a Mac with a smartcard (a YubiKey NEO)
holding my regularly-used subkeys - some of my keys are actually in my
secret keyring, but others are only stubs. When I run gpg --card-status,
each secret key is correctly marked with # when it's unavailable or >
when it's stored on my smartcard. For example:

$ gpg --card-status | sed -n '/General key info/,$p'

General key info..: sub  rsa2048/3844A6973C6058F1 2017-04-05 Danielle
McLean 
sec#  rsa4096/27D076D2ACA7BABE  created: 2017-04-03  expires: never
ssb#  rsa4096/5A5D2D1AFF12EEC5  created: 2017-04-04  expires: 2018-04-04
ssb#  rsa4096/D2081794136A2F3E  created: 2017-04-04  expires: 2018-04-04
ssb>  rsa2048/3844A6973C6058F1  created: 2017-04-05  expires: 2018-04-05
card-no: 0006 05312011
ssb   rsa2048/9D50913E336B08C1  created: 2017-04-05  expires: 2018-04-05
ssb>  rsa2048/9EC155D34F33D648  created: 2017-04-05  expires: 2018-04-05
card-no: 0006 05312011

The above information is correct - I have the subkeys 3C6058F1 and
4F33D648 stored on my smartcard,
the subkey 336B08C1 stored in my secret keyring, and the other secret
keys aren't available. However, when I run gpg --list-secret-keys, the #
marker doesn't appear on unavailable subkeys:

$ gpg -K ACA7BABE
sec#  rsa4096 2017-04-03 [C]
  83F3DCEC98D522B6A38AF5D927D076D2ACA7BABE
uid   [ultimate] Danielle McLean 
ssb   rsa4096 2017-04-04 [S] [expires: 2018-04-04]
ssb   rsa4096 2017-04-04 [A] [expires: 2018-04-04]
ssb>  rsa2048 2017-04-05 [S] [expires: 2018-04-05]
ssb   rsa2048 2017-04-05 [E] [expires: 2018-04-05]
ssb>  rsa2048 2017-04-05 [A] [expires: 2018-04-05]

It's very confusing, as it seems to indicate my secret keyring contains
keys that it definitely doesn't. Why the inconsistency? Can I somehow
reconfigure GnuPG so that the --list-secret-keys output includes the
missing information?

Thanks!



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users