[Pkg-gnupg-maint] Bug#514623: Cannot use revoked subkeys for decription using a smart card

Enrico Zini enrico at debian.org
Mon Feb 9 15:23:10 UTC 2009 

Package: gnupg
Version: 1.4.9-3
Severity: normal

Hello,

Thank you for maintaining gnupg.

I have a subkey on a smart card.  Since I have been without a card
reader for quite a long time, I revoked the card subkeys.  Now I have a
reader again, and I want to decode some old data.  However, if I try,
gpg will tell me "decryption failed: secret key not available", even if
gpg --card-status can see the keys on the card.

I tried with an old secring backup from before the revocation, and it
works.  I tried exporting the backup secring and importing it in my
backup, but to no avail:

 $ gpg --homedir ~/.gnupg/backup --decrypt testfile -> works
 $ gpg --homedir ~/.gnupg/backup/ --export-secret-key | gpg --import
 $ gpg --decrypt testfile -> decryption failed: secret key not available

It looks like since that key has been revoked in my new secring, gpg
doesn't want to use it.  This, at least for decryption, seems to be
wrong: I want to keep that subkey revoked, but I still want to be able
to use it for decrypting old data.


Ciao,

Enrico

-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gnupg depends on:
ii  gpgv                   1.4.9-3           GNU privacy guard - signature veri
ii  libbz2-1.0             1.0.5-1           high-quality block-sorting file co
ii  libc6                  2.7-18            GNU C Library: Shared libraries
ii  libreadline5           5.2-3.1           GNU readline and history libraries
ii  libusb-0.1-4           2:0.1.12-13       userspace USB programming library
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

Versions of packages gnupg recommends:
ii  libldap-2.4-2                 2.4.11-1   OpenLDAP libraries

Versions of packages gnupg suggests:
pn  gnupg-doc       <none>                   (no description available)
ii  imagemagick     7:6.3.7.9.dfsg1-3~lenny1 image manipulation programs
ii  libpcsclite1    1.4.102-1                Middleware to access a smart card 

-- no debconf information

More information about the Pkg-gnupg-maint mailing list