| Summary: | option "save in password manager" is broken and always fails | ||
|---|---|---|---|
| Product: | [Applications] kgpg | Reporter: | 222.222.ffffffff |
| Component: | general | Assignee: | Rolf Eike Beer <kde> |
| Status: | RESOLVED NOT A BUG | ||
| Severity: | major | CC: | 222.222.ffffffff |
| Priority: | NOR | ||
| Version: | 17.12.2 | ||
| Target Milestone: | --- | ||
| Platform: | Arch Linux | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
should be easy to reproduce on a rolling release distro. That method is only called for GnuPG versions before 2.1, where it is actually needed. As I said: the option to save the password in the keystore comes from gcr, so you need to file a bug there. |
option "save in password manager" is broken and always fails I can't tell whether this bug is related to the other recent ones, but what I can tell you is this: Having 3 keystores in KDE, i.e. firefox-passwd, KWALLETMANAGER and the gpg-keyring is obviously a mega poor idea and is bound to confuse 90% of users. It is aggravating, that 99% of all password dialogues do not state anything meaningful about what the password is for and where it goes. Kgpg is another bad example of leaving its users in the dark about those damned passwords. gpg acts somewhat as expected and doing the exact same thing with Kgpg can not fully succeed. On a Konsole bash CLI the following works as expected: gpg --secret-keyring ./skr --symmetric ./22 gpg --decrypt ./22 coding and decoding the file "22". Except that you NEVER must give the password (or passphrase or WTF) during decode, but it still deciphers OK. Now reproduce this Kgpg-bug by doing symmetric file encode using the option: "save in password manager" and it will always fail, because Kgpg says it cannot open the darn password manager with that password you gave. that "password manager" is the one in gpg residing in ~/.gpg by the way. the manual should make 100% clear that it has nothing to do with KWALLETMANAGER, and not making that 100% clear is very unfriendly to KDE users. Thank you, manual writers! maybe it is due to this active code: KGpgSignTransactionHelper::setSecringFile(const QString &filename) { QStringList secringargs(QLatin1String( "--secret-keyring" )); secringargs << filename; asTransaction()->insertArguments(1, secringargs); } when gpg manual page states: --secret-keyring file This is an obsolete option and ignored. All secret keys are stored in the ‘private-keys-v1.d’ directory below the GnuPG home directory. so Kgpg uses an obsolete function most likely causing all sorts of trouble. whatever the case may be: stuff works with gpg and stuff breaks with Kgpg, so clearly Kgpg is at fault.