[Gpg4win-users-en] Uses recent subkey even if missing secret part

Juan Miguel Navarro Martínez juanmi.3000 at gmail.com
Thu Dec 24 19:33:02 CET 2015 

First of all, thanks for publishing Gpg4Win 3.0 beta.

OS: Windows 10 64-bit
Gpg4Win: 3.0.0

My master key has multiple subkeys, and when trying to sign a message,
it will try to use the most recent signing subkey even if it's missing
its secret part, instead of using one which has it as it did with
Gpg4Win 2.2.x-2.3.0.

I can force GnuPG to use the correct subkey by using the specific subkey
ID and adding '!' at the end of it or by deleting the public parts of
the other subkeys using gpg prompt. Only the last workaround makes
Enigmail work as intented.

Attached is the output of the command line showing the public keys, the
missing secret keys, the error and the first workaround.

I haven't tried on a Linux workstation, so I don't know if it simply
affects GnuPG 2.1.x in general.

-- 
Juan Miguel Navarro Martínez

GPG Keyfingerprint:
5A91 90D4 CF27 9D52 D62A
BC58 88E2 947F 9BC6 B3CF
-------------- next part --------------
C:\Users\Juanmi>gpg -k 0x88E2947F9BC6B3CF
pub   rsa4096/0x88E2947F9BC6B3CF 2014-11-17 [expires: 2016-11-16]
      Key fingerprint = 5A91 90D4 CF27 9D52 D62A  BC58 88E2 947F 9BC6 B3CF
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi_3000 at hotmail.com>
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi.3000 at gmail.com>
uid                   [ultimate] Juan Miguel Navarro Martínez <starkythefox at keybase.io>
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi_3000 at protonmail.com>
sub   rsa4096/0xF48F3C472370A536 2014-11-17 [expires: 2016-11-16]
sub   rsa2048/0x42DF3EE44F24807B 2014-11-18 [expires: 2016-11-16]
sub   rsa2048/0x20DE2571C85B35D0 2014-11-18 [expires: 2016-11-16]
sub   rsa2048/0xFF7C68BE6BEEB141 2014-12-10 [expires: 2016-11-16]


C:\Users\Juanmi>gpg -K 0x88E2947F9BC6B3CF
sec#  rsa4096/0x88E2947F9BC6B3CF 2014-11-17 [expires: 2016-11-16]
      Key fingerprint = 5A91 90D4 CF27 9D52 D62A  BC58 88E2 947F 9BC6 B3CF
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi_3000 at hotmail.com>
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi.3000 at gmail.com>
uid                   [ultimate] Juan Miguel Navarro Martínez <starkythefox at keybase.io>
uid                   [ultimate] Juan Miguel Navarro Martínez <juanmi_3000 at protonmail.com>
ssb   rsa4096/0xF48F3C472370A536 2014-11-17 [expires: 2016-11-16]
ssb   rsa2048/0x42DF3EE44F24807B 2014-11-18 [expires: 2016-11-16]
ssb#  rsa2048/0x20DE2571C85B35D0 2014-11-18 [expires: 2016-11-16]
ssb#  rsa2048/0xFF7C68BE6BEEB141 2014-12-10 [expires: 2016-11-16]


C:\Users\Juanmi>echo Test | gpg -vv -a --sign -u 0x88E2947F9BC6B3CF
gpg: using subkey 0xFF7C68BE6BEEB141 instead of primary key 0x88E2947F9BC6B3CF
gpg: writing to stdout
gpg: signing failed: No secret key
-----BEGIN PGP MESSAGE-----

gpg: signing failed: No secret key

C:\Users\Juanmi>echo Test | gpg -vv -a --sign -u 0x42DF3EE44F24807B!
gpg: using subkey 0x42DF3EE44F24807B instead of primary key 0x88E2947F9BC6B3CF
gpg: writing to stdout
gpg: RSA/SHA512 signature from: "0x42DF3EE44F24807B Juan Miguel Navarro Martínez <juanmi_3000 at hotmail.com>"
-----BEGIN PGP MESSAGE-----

owEBPQHC/pANAwAKAULfPuRPJIB7AcsNYgBWfC+TVGVzdCANCokBHAQAAQoABgUC
VnwvkwAKCRBC3z7kTySAezHECACMtWnBMtez4lUJr8j7KBGwx1VTnyCblrKAf8pk
y3p9pH3Wr8Vs887oRPTgaBrdKTNAK4VSHIOk0d8nUAkSOe7dEOkcIqwRN1j4ph6P
9FvJBUOlm+RqzPa3nQDb1C0xFg5aDnWyc/SYv+E9IHwl+RpjDYSuVka3Ezuju/Py
GK05kr7PY/wi5SA5URrhvzqXjsosINJqH0BPIkw85v4eM6w5V05KELQkXSsgEFP9
M+XxKrkQT51Spd7ZTjVwPfRj0cxZYl07hY0cZ2Hcg1B8STitUsqxOXP24U6Sr+58
7iMmPN61ZNW+Uvx0MO5eOB5zbvNfwCeRKZGchOI5V4KER8jn
=P77h
-----END PGP MESSAGE-----

C:\Users\Juanmi>

More information about the Gpg4win-users-en mailing list