Bug#1009890: libqca-qt5: QCA::startDecrypt() doesn't ask for a pass phrase

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1009890: libqca-qt5: QCA::startDecrypt() doesn't ask for a pass phrase
From: Ron Murray <rjmx@rjmx.net>
Date: Tue, 19 Apr 2022 18:43:39 -0400
Message-id: <[🔎] 165040821909.4174465.14578745041644464054.reportbug@khufu.rjmx.net>
Reply-to: Ron Murray <rjmx@rjmx.net>, 1009890@bugs.debian.org

Package: libqca-qt5-2
Version: 2.3.4-1
Severity: normal
File: libqca-qt5

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear Maintainer,

   I'm writing an app that can use PGP/GPG to encrypt entries, and,
since the rest of the app is written in Qt5, I chose to use QCA for
that part.

   My code (the relevant part, anyway) looks like this:

    QByteArray message = content.toLocal8Bit();

    QCA::OpenPGP gpg;
    QCA::SecureMessage msg(&gpg);

    msg.startDecrypt();
    msg.update(message);
    msg.end();
    msg.waitForFinished(-1);

   When I try to decrypt a GPG entry with this code, it returns
"ErrorUnknown", which I take to indicate that it doesn't have a
passphrase for the secret key. It certainly didn't ask for one.

   It is interesting, however, that if I use the command-line gpg to
decrypt a file using the same secret key (and get asked for a
pass phrase), I can go back to my app, try to decrypt the same PGP
entry again, and it works, because gpg-agent still contains the pass
phrase until it times out.

   So it seems that QCA can access pass phrases in gpg-agent, but it's
unable to request a pinentry from gpg-agent to collect a pass phrase
otherwise. I did manage to catch an invocation of gpg while my app was
decrypting a largish file, and perhaps that's relevant. It's

/usr/bin/gpg --no-tty --pinentry-mode loopback --fixed-list-mode \
- --with-colons --with-fingerprint --with-fingerprint --list-public-keys

   Looking through the documentation, I don't see anything related to
collecting pass phrases for secret keys, but it's possible that I
missed it. Please let me know if that's the case.

 .....Ron

- -- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.17.3.khufu (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libqca-qt5-2:amd64 depends on:
ii  libc6         2.33-7
ii  libgcc-s1     12-20220319-1
ii  libqt5core5a  5.15.2+dfsg-16
ii  libstdc++6    12-20220319-1

Versions of packages libqca-qt5-2:amd64 recommends:
ii  ca-certificates       20211016
ii  libqca-qt5-2-plugins  2.3.4-1

libqca-qt5-2:amd64 suggests no packages.

- -- no debconf information

-----BEGIN PGP SIGNATURE-----

iQJCBAEBCgAsFiEETZlw4yMXM0sUHntjEvfoZbXi52EFAmJfOwcOHHJqbXhAcmpt
eC5uZXQACgkQEvfoZbXi52G3Ow//a+u92Kix9NZ17BhIvi86d3U076pDxMi+zMql
2T1UixZqTerckymfWiP63KYgV8FLFEZihdby2bgNYvgc17bmAcG6AL7/pAFwaQc2
6S2f+90nxggOCfyW+6BggkttIBZ5uJPVmdrjQnonk7cgpPn+NFHhpBMFcP1J0bFv
x7uvG/Q/NTjB+cpMvdyn1EuHDtxL+qimnCdPEvzUjmz1tVe0DlP0sXdRG2Wr+HwS
KKB5IzsDE2b2Ysa2N4alfYcQ0ioraD1Y9Xt1IU1jd0aRTEwwUmM655PMqNg6pCv7
mcBZH3Jf0+sPkxjR2NT+NyF7hbGg2JbMaxIINex9rWRXMG6TJDVDBvw6tWuzxnat
RJYPNWS82Y1ZOjNmkqAbVMmpaD7bT+s1wyd5I/NZE6Roviu+ubvohw2XI2PETwJy
XAds4jr96Oxy6VYvSWqdUoVYvy96EvnoMFLsYTy+nRjwva3qJbkKe0eWNknKs99s
CHsIvHQC6fqnFkuNRQsowVCDJAPHLz6M39f2Pw/RqvEH28qwFkguE2+rWjy6MP93
WTthn0aIVjrxw702qsf2s1eG9/BnY4RbHOhYpV3m4D5QYhg6D67MEuygnS+xJly8
mbG1XT52mnjCexqWU5kt9S7KhjPo7sj29P+/T3nvLdi+tZQAzxg31b62pmcNm+j8
eVgw0xE=
=ZfLf
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: qt6-declarative fails to build on s390x
Next by Date: Bug#1008849: shiboken2 - Needs tighter dependency on python3
Previous by thread: qt6-declarative fails to build on s390x
Next by thread: ktp-accounts-kcm is marked for autoremoval from testing
Index(es):
- Date
- Thread