#53 new
Luke Le

GPG keeps decrypting even after the user cancelled a password request

Reported by Luke Le | July 20th, 2013 @ 01:28 AM

As it appears, if data is encrypted to multiple public keys of which secret keys
are in the users keyring, gpg will keep decrypting, even if the password request
was cancelled for one key. If the passphrase of another key is already cached in
the gpg-agent or the keychain, gpg will output the decrypted data.

While this might make sense, it's definitely not what the user expects to happen,
so Libmacgpg should make sure, that the decryption stops once the user cancels
a passphrase request.

Different thought, this might however break data encrypted to hidden recipients,
where cancelling the passphrase request to the wrong key, makes sure that
the user is prompted for a passphrase for every other key the message is encrypted to.
If they enter the passphrase for the wrong key however, gpg will use the same passphrase
for all other keys.


Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Shared Ticket Bins