EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Changing secret key passphrase

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 08/04/2008 11:11:08
by Orri Eiriksson (Basic support level)
Joined: 07/23/2008
Posts: 9

Hello all,

I am attempting to change the passphrase of a secret key, which I then store in a remote keystore.

I'm getting a very annoying error, which I reproduce with these steps (see also code below):

1. Get my secret key from keystore.

2. Change the passphrase of my secret key.

3. Upload the secret key to the keystore (I've verified many times that the key has actually changed).

4. Encrypt something.

5. Download my (new) secret key and decrypt.

At this stage, I always get "No appropriate OpenPGP secret key for decryption found"

Examining my keyring at that instant reveals I have exactly one secret key in it (the one I just downloaded), and I've verified that it is the same key I uploaded after my change.

Now for the weird part. If I change the passphrase back, and then try to decrypt, it works perfectly! So I get the sneaking suspicion that somehow my public key must also have changed.

Is this the case (that would be a big deal...I know GnuPG only alters the private key in this instance, and doing it otherwise creates a serious obsoletion of public keys problem)? Or did I screw up somehow?

Here is how I alter the key:

            TElPGPSecretKey tempSecKey = keyring.get_SecretKeys(keyring.FindSecretKeyIndexByEmail(email, 0));
            tempSecKey.Passphrase = oldPassword;
            if (tempSecKey.PassphraseValid())
                tempSecKey.ChangePassphrase( newPassword, SBPGPConstants.TSBPGPProtectionType.ptHigh);
                tempSecKey.Passphrase = newPassword;
            //Followed by uploading of the secret key

And my decryption is pretty much straight out of the samples.

Anyone have any ideas?

Thanks in advance,

Posted: 08/04/2008 11:31:52
by Eugene Mayevski (EldoS Corp.)

Moved to HelpDesk for investigation and fixing.

Sincerely yours
Eugene Mayevski
Posted: 08/05/2008 08:33:13
by Orri Eiriksson (Basic support level)
Joined: 07/23/2008
Posts: 9

Problem was solved thanks to the EldoS helpdesk!

All I needed to do was to change the passphrase on the subkeys as well as the main key.



Topic viewed 1547 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!