rnpgp / rnp

RNP: high performance C++ OpenPGP library used by Mozilla Thunderbird
https://www.rnpgp.org
Other
201 stars 55 forks source link

Cannot import secret key with more than one comment line #1141

Closed kaie closed 4 years ago

kaie commented 4 years ago

RNP fails to import the secret keys from https://gitlab.com/openpgp-wg/openpgp-samples

Apparently RNP doesn't accept more than one comment line, as in those example secret keys.

-----BEGIN PGP PRIVATE KEY BLOCK-----
Comment: Alice's OpenPGP Transferable Secret Key
Comment: https://www.ietf.org/id/draft-bre-openpgp-samples-01.html

I don't know if multiple comment lines are allowed. After editing the key file and removing the second comment line, importing was possible.

ni4 commented 4 years ago

@kaie thanks for reporting! Needs to think what we should do with this case (just ignore next comments, or change structure which stores armor headers).

dewyatt commented 4 years ago

@kaie thanks for reporting! Needs to think what we should do with this case (just ignore next comments, or change structure which stores armor headers).

I think the second option makes sense, maybe use a vector<string> for comments, that seems better than losing information.

ni4 commented 4 years ago

As per RFC the recommended handling of this is as following: Care should be taken that the Armor Headers are short enough to survive transport. One way to do this is to repeat an Armor Header Key multiple times with different values for each so that no one line is overly long. Actually, this fail is not because of double comment line but because one of those is too long. Will be fixed together with #1208