Bug 1236304 - Importing a secret key exported by gpg1 fails.
Summary: Importing a secret key exported by gpg1 fails.
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: gnupg2
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-06-27 14:57 UTC by Brian Lane
Modified: 2017-02-05 20:43 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-07-19 19:13:24 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Brian Lane 2015-06-27 14:57:57 UTC 
gnupg-1.4.19-1.fc22.x86_64
gnupg2-2.1.5-1.fc22.x86_64

While re-encrypting some things with my new gpg key I found that gpg2 was not decrypting while gpg1 works fine.

[test@lister ~]$ gpg2 --import s.key 
gpg: key 0F5017DE: "Brian C. Lane <coderpunk>" not changed
gpg: key 0F5017DE/0F5017DE: error sending to agent: No such file or directory
gpg: error building skey array: No such file or directory
gpg: Total number processed: 3
gpg:              unchanged: 1
gpg:       secret keys read: 3

The same error happens when importing ascii armor or binary export of the key from gpg1. Import of the public key works fine.
Comment 1 Brian Lane 2015-06-27 14:59:57 UTC 
Crap, hit submit too soon.

So while trying to figure out the decrypt problem I realized it didn't have any of my gpg1 secret keys. I tried importing from my ascii armor backups, and from a new binary export of the key. These same files are successfully re-imported to gpg1
Comment 2 Tomas Mraz 2015-06-30 08:00:38 UTC 
I am afraid there is some incompatibility between gnupg1 and gnupg2.1x in how it handles the keyrings. In some cases (not every time) the keyrings that can be used by gnupg1 are broken with gnupg2.
Does the workaround as described here work for you:
https://bugzilla.redhat.com/show_bug.cgi?id=1227072#c3
Comment 3 Brian Lane 2015-06-30 23:59:15 UTC 
(In reply to Tomas Mraz from comment #2)
> I am afraid there is some incompatibility between gnupg1 and gnupg2.1x in
> how it handles the keyrings. In some cases (not every time) the keyrings
> that can be used by gnupg1 are broken with gnupg2.
> Does the workaround as described here work for you:
> https://bugzilla.redhat.com/show_bug.cgi?id=1227072#c3

No, I was testing the import with a totally new user so that .gnupg was created by gpg2 and it didn't work.
Comment 4 Tomas Mraz 2015-07-01 15:37:36 UTC 
I'm trying to reproduce but I am unable to - a secret key exported from gpg is imported fine to gnupg-2.1.5 for me.

Perhaps there is some issue with the gpg-agent on your machine. The 'error sending to agent: No such file or directory' looks like that. Is there gpg-agent running? It should be autostarted by gpg2 if it is not running though.

Perhaps you could try stracing gpg2 to find out where the ENOENT happens?
Comment 5 Fedora End Of Life 2016-07-19 19:13:24 UTC 
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 6 M.Hanny Sabbagh 2017-02-05 20:43:06 UTC 
I am facing the exact same problem here on Fedora 25. I have exported the key and tried to import it on Ubuntu 16.10. But the same message appeared.

Also, it displays "[unknown]" in the place of the key when running gpg -k.
Note You need to log in before you can comment on or make changes to this bug.