FS#44220 - [gnupg] regression --passphrase-file ignored in gnupg 2.1.2
Attached to Project:
Arch Linux
Opened by Reno Reckling (exi) - Tuesday, 17 March 2015, 10:00 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 07 May 2015, 16:36 GMT
Opened by Reno Reckling (exi) - Tuesday, 17 March 2015, 10:00 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 07 May 2015, 16:36 GMT
|
Details
Description:
When trying to decrypt a file for a specific key and the passphrase present in a file, gpg still asks for a passphrase via pinentry and reuses to accept the file. strace suggests that the file is actually read but the content is ignored. Using a non-existent passphrase-file will give an "File not found" error. Typing in the passphrase by hand still works. Using --batch --passphrase-file works in gpg (GnuPG) 1.4.16 on ubuntu. Additional info: * core/gnupg 2.1.2-1 Steps to reproduce: $ gpg --homedir . --gen-key gpg: WARNING: unsafe permissions on homedir './' gpg (GnuPG) 2.1.2; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Note: Use "gpg2 --full-gen-key" for a full featured key generation dialog. GnuPG needs to construct a user ID to identify your key. Real name: tester Email address: test@test.com You selected this USER-ID: "tester <test@test.com>" ###generate key with passphrase "123" ### $ echo "123" > passphrase $ echo "myfile" > file $ gpg --homedir . --recipient test@test.com --output file.gpg --encrypt file $ gpg --homedir . --batch --passphrase-file passphrase --output file-2 file.gpg ###Asks for the passphrase despite the --batch mode### gpg: encrypted with 2048-bit RSA key, ID 88B483A6, created 2015-03-17 "tester <test@test.com>" gpg: public key decryption failed: Operation cancelled gpg: decryption failed: No secret key |
This task depends upon
Closed by Gaetan Bisson (vesath)
Thursday, 07 May 2015, 16:36 GMT
Reason for closing: Not a bug
Additional comments about closing: See upstream report.
Thursday, 07 May 2015, 16:36 GMT
Reason for closing: Not a bug
Additional comments about closing: See upstream report.
Could you report it to them? http://bugs.g10code.com/
Thanks.
Upstream says that this should work with '--batch --pinentry-mode=loopback --passphrase-file <file>' but the loopback pinentry mode is not available in the arch gpg build.
'gpg: setting pinentry mode 'loopback' failed: Not supported'
Could this be enabled in the gpg build?
Solution is described in the upstream bug.