Bug 223062 - Not prompting for gpg key passphrase
Summary: Not prompting for gpg key passphrase
Status: RESOLVED FIXED
Alias: None
Product: kmymoney
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: unspecified Unspecified
: NOR normal
Target Milestone: ---
Assignee: KMyMoney Devel Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-01-17 02:15 UTC by David Houlden
Modified: 2010-11-14 10:23 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description David Houlden 2010-01-17 02:15:32 UTC
Version:            (using KDE 4.3.4)

I have been trying to get gpg encryption working. I can save an encrypted file and verify it is correct by running gpg --decrypt against it which asks for the passphrase and decrypts it successfully. However, when I try to open the same file in kmymoney I don't get asked for a passphrase and I just get an error dialog saying the file was not found. Looking at an strace of kmymoney I can see that the file is being found but gpg is complaining about an invalid passphrase.
Using gnupg 1.4.9.
Comment 1 Alvaro Soliverez 2010-01-17 13:08:08 UTC
This is usually because gpg-agent is running in the background, and perhaps it was set the wrong key. Can you verify that?
Comment 2 David Houlden 2010-01-17 13:44:32 UTC
Checked and gpg-agent is not running.
Comment 3 Cristian Oneț 2010-01-17 14:12:23 UTC
I think that the problem is that you don't have pinetry installed. That package contains the dialog used to request your gpg password to decrypt the file. I remember somewhere a request that we should display more useful error messages from gpg in such cases.
Comment 4 David Houlden 2010-01-17 14:36:54 UTC
Pinentry was not installed. I installed it but kmymoney still doesn't ask for the passphrase.
Comment 5 David Houlden 2010-01-18 22:15:48 UTC
Is there anything I can do to help debug this? Maybe by putting some debug code in and recompiling? I would need some pointers as to where to look but am willing to give it a try?
Comment 6 Cristian Oneț 2010-01-20 10:21:06 UTC
(In reply to comment #4)
> Pinentry was not installed. I installed it but kmymoney still doesn't ask for
> the passphrase.
Please check the '~/.gnupg/gpg-agent.conf' configuration file. Look for the entry
'pinentry-program' and check if it's value points to a program that is actually installed.
Comment 7 David Houlden 2010-01-20 18:44:24 UTC
I do not use gpg-agent. It is not even installed on my system. Anyway, I created the file ~/.gnupg/gpg-agent.conf containing the following line but I am still not being asked for the passphrase.
pinentry-program /usr/bin/pinentry-qt
Comment 8 Thomas Baumgart 2010-01-22 17:10:01 UTC
I analyzed this a bit. GpgME requires gpg-agent to be present. I will further investigate what we can do from the application side to specify a better error message.
Comment 9 David Houlden 2010-01-22 22:08:36 UTC
Just confirming that this has been solved by installing gpg-agent.
Comment 10 Cristian Oneț 2010-01-23 01:18:37 UTC
SVN commit 1078845 by conet:

BUG: 223062
Display the error message from the GPG engine when the problem is in the GPG engine.

 M  +6 -1      kmymoney/views/kmymoneyview.cpp  
 M  +12 -7     libkgpgfile/kgpgfile.cpp  
 M  +5 -0      libkgpgfile/kgpgfile.h  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1078845
Comment 11 thatonefilmguy 2010-11-13 16:53:37 UTC
Just to clarify steps to work around this (in Ubuntu 10.10 at least) after running into this defect myself:

1. install gnupg-agent and pinentry:
  $ sudo apt-get install pinentry-qt gnupg-agent
2. Reboot (restarting gpg or some other service may work but I didn't know what exactly to restart)

I did not have to modify or create the '~/.gnupg/gpg-agent.conf' file. It does not exist at all on my system and kMyMoney now works fine after the above 2 steps.


That being said, this defect is marked fixed even though it still occurs.  Shouldn't gnupg-agent and pinentry-qt be added as dependencies to kMyMoney if they are required for loading the encrypted files?  Given that the encrypted files cannot be recovered if the user deletes their original file, this could be a very big problem for a user if they delete their original file before finding they cannot open the encrypted one and they may not be savvy enough to discover the solution.  This is bad behavior on the user's part of course, but people don't always follow logic and in any case they will still be confused and/or frustrated that they are unable to open the encrypted file.

I am running kMyMoney 4.5.0 from the Ubuntu repositories.
Comment 12 Thomas Baumgart 2010-11-14 10:23:07 UTC
The proposed dependencies should be handled upstream by the packagers.

Once you google for 'recover encrypted kmymoney file' you will be pointed to the solution at https://bugs.kde.org/show_bug.cgi?id=229047.