Open kron4eg opened 5 years ago
seems like duplicate of https://github.com/mssun/passforios/issues/285 should I close this issue?
Hi @kron4eg, does the app crash in the latest TestFlight? In recent several PRs, we can support subkey.
@mssun sorry, I don't have passforios in my TestFlight, I think I need a link or direct invitation.
OK, sent you an email.
@mssun nope, seems like it got even worse. App crashes instantly after I'm trying to open Settings.
Steps to repro:
gpg --armor --export testuser | qrencode -o public.png
gpg --armor --export-secret-subkeys testuser | qrencode -o private.png
Import GPG keys (without master secret). App starts to crash. Sent TestFlight report.
Thanks @kron4eg, this is very helpful. Our PGP library is still not reliable, which is very disappointed.
I have a somewhat similar problem I expect. I have added subkeys, but when I try to open a password the app just crashes without any information.
I will ask to be invited to the testflight beta.
Have exactly the same problem. Reinstalling the app didn't work. The database is empty now, but it keeps crashing every time I enter settings. This includes the TestFlight version.
On a side note, is there any way to clear the data, so I can try setting it up again?
EDIT: Had to completely wipe the phone so Pass works again (removing the copy in the iCloud didn't help for some reason). It seems that the problem is not in the missing primary secret key, but in the smartcard subkeys. I have tried to upload the complete key (from the offline backup) and got the same crashing behavior.
@Vintodrimmer, we have tests for RSA2048, RSA2048_SUB, RSA4096, RSA4096_SUB, ED25519, ED25519_SUB (https://github.com/mssun/passforios/blob/master/passKitTests/Crypto/CryptoFrameworkTest.swift#L38). All works now. Can you tell me your key information? How can I generate the key which can make the app crash or something.
In continuation of https://github.com/mssun/passforios/issues/205#issuecomment-519277716 I'll describe what happened there.
A bit fancy key (Curve25519) look like this:
Then, we export only secrets for subkeys:
This removes master private key out of the equation (master private key is not required for encryption/decryption to work, its only role is to
Certify
). In GPG it looks like this:Notice the
sec#
. It means that there is no master private key.Next, import resulted files via iTunes to Passforios.
Once opened in the app, app instantly crashes 1 time and on restart proceed to complain about "please setup your key".
But when I import whole key, including master's private key — everything suddenly works.
Summary: It's very recommended to keep your master's private key OFFLINE, but not possible in pass for ios currently.