Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reimport extended keys #2369

Closed
elwerene opened this issue Sep 30, 2022 · 1 comment · Fixed by #2383
Closed

Reimport extended keys #2369

elwerene opened this issue Sep 30, 2022 · 1 comment · Fixed by #2383
Assignees
@dominikschulz
Labels
feature Enhancements and new features gpg GPG related
Milestone
1.14.10

Comments

@elwerene
Copy link

elwerene commented Sep 30, 2022
edited
Loading

Summary

If a gpg key is extended and the public key updated in .public-keys, gopass does not import the new key if the old(expired) key is already in gpg.

Steps To Reproduce

User A: Extend a expired gpg key lifetime with the expire command and update the public key.
If a new secret is added by another user(which already has the expired gpg key in the keychain), it will not load the new public key and not encrypt the new secret for user A.

Expected behavior

Public keys with new expiry dates will get automatically imported.
@dominikschulz
Copy link
Member

Yes, we don't support that today. We should.

But that needs some new logic to check for expired keys in there. Might be to expensive / annoying to do it all the time, but at least gopass recipients should give a hint. And maybe we can add something to check and update them to gopass fsck.

@dominikschulz dominikschulz added feature Enhancements and new features gpg GPG related labels Sep 30, 2022
@dominikschulz dominikschulz added this to the 1.x.x milestone Sep 30, 2022
@dominikschulz dominikschulz self-assigned this Oct 9, 2022
@dominikschulz dominikschulz modified the milestones: 1.x.x, 1.14.10 Oct 9, 2022
dominikschulz added a commit to dominikschulz/gopass that referenced this issue Oct 9, 2022
@dominikschulz
Export and import all recipient public keys during fsck
8c8dd90 
Fixes gopasspw#2369

RELEASE_NOTES=[ENHANCEMENT] Improve key expiration handling

Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
@dominikschulz dominikschulz mentioned this issue Oct 9, 2022
Merged
dominikschulz added a commit that referenced this issue Oct 17, 2022
@dominikschulz
Export and import all recipient public keys during fsck (#2383)
8926b34 
Fixes #2369

RELEASE_NOTES=[ENHANCEMENT] Improve key expiration handling

Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>

Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dominikschulz dominikschulz

Labels
feature Enhancements and new features gpg GPG related
Projects
None yet
Milestone
1.14.10
Development

Successfully merging a pull request may close this issue.

Export and import all recipient public keys during fsck dominikschulz/gopass
2 participants
@elwerene @dominikschulz