Bug 515372

Summary: Unable to completely delete incomplete team key
Product: [Applications] kleopatra Reporter: idivxidle
Component: generalAssignee: Ingo Klöcker <kloecker>
Status: CONFIRMED ---    
Severity: normal CC: aheinecke, mutz, pim-bugs-null
Priority: NOR    
Version First Reported In: Gpg4win-5.0.1   
Target Milestone: ---   
Platform: Microsoft Windows   
OS: Microsoft Windows   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description idivxidle 2026-02-01 04:18:09 UTC 
SUMMARY

After deleting the incomplete team key in Kleopatra and then importing the public key of that team key, it will be found that the secret key of the team key is still present.

STEPS TO REPRODUCE

1.  Create an OpenPGP key (hereinafter referred to as Key A) with the "Set up this key for shared usage in teams" option enabled.
2. Save secret team key for Key A; whether the "Allow team members to sign with the team key" option is enabled or not has no effect.
3. Export the public key of Key A.
4. Delete Key A
5. Import the secret team key A that was exported earlier (the one with the incomplete certificate).
6. Delete secret team key A that was just imported.
7. Import the public key of Key A.

OBSERVED RESULT

The imported key A contains its public key and an incomplete secret key.

EXPECTED RESULT

The imported key A contains only the public key, not the secret key.

SOFTWARE/OS VERSIONS

Kleopatra: Gpg4win-5.0.1
Kleopatra: 76f98d94d858d18edd22b8d26aad565b1f71671f
GnuPG: 2.5.17
Libgcrypt: 1.11.2
KDE Frameworks: 6.20.0
Qt: Using 6.10.1 and built against 6.10.1
Windows 10 Version 21H2
Build ABI: x86_64-little_endian-llp64
Kernel: winnt 10.0.19044

ADDITIONAL INFORMATION

This might be a problem with the GPG core; it's reported that using GPG commands directly makes it impossible to delete incomplete team keys.
Comment 1 Ingo Klöcker 2026-02-02 10:45:50 UTC 
This bug also exists in the Linux version of Kleopatra. Progress is tracked in the Gpg4win bug tracker at https://dev.gnupg.org/T8076 .