Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test loading separated subkeys #77

Open
Commod0re opened this issue Jul 21, 2014 · 2 comments
Open

Test loading separated subkeys #77

Commod0re opened this issue Jul 21, 2014 · 2 comments
Labels
testing
Milestone
0.6.0

Comments

@Commod0re
Copy link
Contributor

It should be possible to load subkeys that have been separated from their primary key, so we should split a subkey from its primary using gpgsplit and then test loading them.
@Commod0re Commod0re added this to the 0.3.0 milestone Jul 21, 2014
@Commod0re Commod0re changed the title Test loading split keys Test loading separated subkeys Aug 22, 2014
@Commod0re Commod0re modified the milestones: 0.3.0, 0.4.0 Sep 3, 2014
@Commod0re Commod0re modified the milestones: 0.4.0, 0.5.0 Apr 22, 2016
@altsalt
Copy link

altsalt commented Aug 5, 2021

This does not appear to be working in 0.5.4 and while exploring issues to see whether I've missed something this one popped up. Unsure whether I'll be bumping all related issues, but as this one is extremely relevant, I figured it was worth a message. Below is a MWE that demonstrates the error. Happy to share the keys I'm testing with if that would help. This is an ECC Curve25519 key generated with GnuPG 2.2.27 then split into three separate subkeys for each function.

>>> import  os
>>> import  sys
>>> import  pgpy
>>> privkey_passphrase = "example subkey passphrase"
>>> privkey, _ = pgpy.PGPKey.from_file('./rootless_subkey.asc')
>>> privkey.is_protected
True
>>> privkey.is_unlocked
False
>>> with privkey.unlock(privkey_passphrase):
...   privkey.is_unlocked
... 
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3.9/contextlib.py", line 117, in __enter__
    return next(self.gen)
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/pgp.py", line 1795, in unlock
    sk._key.unprotect(passphrase)
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/packet/packets.py", line 940, in unprotect
    self.keymaterial.decrypt_keyblob(passphrase)
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/packet/fields.py", line 1557, in decrypt_keyblob
    kb = super(EdDSAPriv, self).decrypt_keyblob(passphrase)
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/packet/fields.py", line 1252, in decrypt_keyblob
    sessionkey = self.s2k.derive_key(passphrase)
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/packet/fields.py", line 1019, in derive_key
    keylen = self.encalg.key_size
  File "/home/salt/.local/lib/python3.9/site-packages/pgpy/constants.py", line 236, in key_size
    raise NotImplementedError(repr(self))
NotImplementedError: <SymmetricKeyAlgorithm.Plaintext: 0>

@altsalt
Copy link

altsalt commented Aug 5, 2021

Ah, figured this particular issue out. Since there was no longer a root key, there was nothing to unlock at that level. Instead, I have to loop through the subkeys, unlocking each. MWE:

import os
import sys
import pgpy
subkey_passphrase = "example subkey passphrase"
privkey, _ = pgpy.PGPKey.from_file('./rootless_subkey.asc')
privkey.is_protected
privkey.is_unlocked
for subkey, value in privkey._children.items():
  print('subkey id', subkey)
  value.is_protected
  value.is_unlocked
  with value.unlock(subkey_passphrase):
    value.is_protected
    value.is_unlocked

@altsalt altsalt mentioned this issue Aug 5, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
testing
Projects
None yet
Milestone
0.6.0
Development

No branches or pull requests
2 participants
@altsalt @Commod0re