Tickets :: [#13190] import of large keyfiles fails

6.0.0-alpha14

6/30/25

Summary	import of large keyfiles fails
Queue	IMP
Queue Version	6.1.7
Type	Enhancement
State	Resolved
Priority	1. Low
Owners	jan (at) horde (dot) org
Requester	anon (at) systemausfall (dot) org
Created	05/17/2014 (4062 days ago)
Due
Updated	05/06/2018 (2612 days ago)
Assigned	05/19/2014 (4060 days ago)
Resolved	01/26/2016 (3443 days ago)
Milestone	7.0.0
Patch	No

01/27/2016 12:18:59 AM	anon (at) systemausfall (dot) org	Comment #12	Reply to this comment
[jan] Allow to import multiple PGP keys in a single PGP packet (~~Request #13190~~). Thanks a lot, Jan!

01/26/2016 09:47:07 PM	Jan Schneider	Assigned to Jan Schneider State ⇒ Resolved Milestone ⇒ 7.0.0

01/26/2016 09:46:55 PM	Git Commit	Comment #11	Reply to this comment
Changes have been made in Git (master): commit 3861e2252ad011f18360a31721907f0aa9473888 Author: Jan Schneider <jan@horde.org> Date: Tue Jan 26 22:46:00 2016 +0100 [jan] Allow to import multiple PGP keys in a single PGP packet (~~Request #13190~~). imp/docs/CHANGES \| 2 + imp/lib/Basic/Pgp.php \| 9 +++-- imp/lib/Pgp.php \| 85 +++++++++++++++++++++++++++++++++--------------- imp/package.xml \| 4 ++- 4 files changed, 69 insertions(+), 31 deletions(-) http://github.com/horde/horde/commit/3861e2252ad011f18360a31721907f0aa9473888

01/26/2016 09:46:47 PM	Git Commit	Comment #10	Reply to this comment
Changes have been made in Git (master): commit 718c4a789f2f0740e0defc97b46bae14bd853fe9 Author: Jan Schneider <jan@horde.org> Date: Tue Jan 26 22:44:36 2016 +0100 [jan] Add Horde_Crypt_Pgp::pgpPacketInformationMultiple() and Horde_Crypt_Pgp_Backend_Binary::packetInfoMultiple() (~~Request #13190~~). framework/Crypt/lib/Horde/Crypt/Pgp.php \| 31 ++++ framework/Crypt/lib/Horde/Crypt/Pgp/Backend.php \| 15 ++ .../Crypt/lib/Horde/Crypt/Pgp/Backend/Binary.php \| 191 ++++++++++++-------- framework/Crypt/package.xml \| 14 +- 4 files changed, 165 insertions(+), 86 deletions(-) http://github.com/horde/horde/commit/718c4a789f2f0740e0defc97b46bae14bd853fe9

01/26/2016 09:46:15 PM	Jan Schneider	Type ⇒ Enhancement State ⇒ Feedback Priority ⇒ 1. Low

06/02/2014 08:28:57 PM	anon (at) systemausfall (dot) org	Comment #9	Reply to this comment
Hi, this is a friendly ping. Any hints or thoughs to my last commend?

05/24/2014 08:40:21 PM	anon (at) systemausfall (dot) org	Comment #8	Reply to this comment
[Show Quoted Text - 11 lines][Hide Quoted Text] But IMP can't handle keyfiles that are exported by gpg command line. I exported my whole public keyring with "gpg -a --output $FILE --export". This file contains all public keys without a separator There's your problem. Horde/IMP only supports armored PGP data. From Horde_Crypt_Pgp_Parse: "Provides method to parse PGP armored text data." We don't support binary data. I know that Horde refuses to import a binary keyfile. As I wrote above I exported all the keys with "-a" - as armored data. Maybe I wasn't clear enough: gpg -a creates a keyfile that lists all the keys without separator - it looks like this: -----BEGIN PGP PUBLIC KEY BLOCK----- $KEY_1$KEY_2$KEY_3 -----END PGP PUBLIC KEY BLOCK----- That's how my keyfile looks like. There's no break between the keys and no separator. With those keyfiles the error described in this bugreport occurs. It seems that Horde need a key file like this: -----BEGIN PGP PUBLIC KEY BLOCK----- $KEY_1 -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK----- $KEY_2 -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK----- $KEY_3 -----END PGP PUBLIC KEY BLOCK----- With seahorse (a gui for key management) I created such a keyfile and had no problems with Horde import. For what it's worth, your gpg appears to be broken. "-a" means to output armored text. I used "-a" and the output is ASCI not binary. Tested with different Linux distros (Debian wheezy and Fedora 20) - same output: a keyfile without separators between the keys. Hope this helps to reproduce the error.

05/23/2014 09:16:52 PM	Michael Slusarz	Comment #7	Reply to this comment
But IMP can't handle keyfiles that are exported by gpg command line. I exported my whole public keyring with "gpg -a --output $FILE --export". This file contains all public keys without a separator There's your problem. Horde/IMP only supports armored PGP data. From Horde_Crypt_Pgp_Parse: "Provides method to parse PGP armored text data." We don't support binary data. For what it's worth, your gpg appears to be broken. "-a" means to output armored text. And it works here: slusarz@bigworm % gpg -a --export -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux) [snip]

05/23/2014 06:09:22 PM	anon (at) systemausfall (dot) org	Comment #6	Reply to this comment
Ok, i'm getting closer. This is not a problem with the size of the keyfile (the former error I got was a problem with our setup). But IMP can't handle keyfiles that are exported by gpg command line. I exported my whole public keyring with "gpg -a --output $FILE --export". This file contains all public keys without a separator - but IMP expects a separator (-----[END\|BEGIN] PGP PUBLIC KEY BLOCK-----) between every key. If you import such a file without single separators IMP creates new addressbook entries in which every single entry contains all keys - no matter if a key belongs to this entry or not. Turba goes crazy if you try to open such an entry- because it runs a lot of gpg processes to show the keys in the addressbook entry - but never comes to an end. In this case it only helps to kill the webserver. Gpg command is able to import a keyfile without the separators - so I assume this is an error with Horde's gpg implementation.

05/19/2014 06:16:00 PM	Michael Slusarz	Comment #5 Priority ⇒ 1. Low	Reply to this comment
Sounds like ~~#12961~~

05/19/2014 02:42:31 PM	Jan Schneider	Comment #4	Reply to this comment
Please follow the hints at http://wiki.horde.org/FAQ/Admin/Troubleshoot#wsod to generate and find a useful error message.

05/19/2014 02:23:25 PM	anon (at) systemausfall (dot) org	Comment #3	Reply to this comment
What does "fails in a gpg loop" mean? As far as I understand after importing the keyfile horde reads all mail addresses out of the keyfile and starts a gpg process for every single key: /usr/bin/gpg --no-tty --no-secmem-warning --no-options --no-default-keyring --yes --homedir /tmp/bto5pw3y --quiet --with-colons /tmp/bto5pw3y/horde-pgpeGazJY This command runs again and again with new PIDs For every mail address from the keyring an own adressbook entry wil be created. My keyfile ha a size of 1.2 MB. Importing fails after uploading the file with: "An internal server error occurred. Please try again later." After all gpg processes are finished there are some new address book entries, but not all. Opening an entry fails with a browser error page "Error code: ERR_INCOMPLETE_CHUNKED_ENCODING".

05/19/2014 08:08:41 AM	Jan Schneider	Comment #2 State ⇒ Feedback	Reply to this comment
What does "fails in a gpg loop" mean?

05/17/2014 08:12:15 AM	anon (at) systemausfall (dot) org	Comment #1 Priority ⇒ 2. Medium State ⇒ Unconfirmed Patch ⇒ No Milestone ⇒ Summary ⇒ import of large keyfiles fails Type ⇒ Bug Queue ⇒ IMP	Reply to this comment
I'm running installation on Debian wheezy with Horde packages from testing and postgres as connected database. Problem is that import of large GPG keyfiles with multiple keys inside fails in a gpg loop at the server. Tested with different keyfiles, at a size of at least 1.5 MB. Assuming that horde runs an own gpg process at the server for every key in that file.