[go: up one dir, main page]
Skip to content

GPG key reuse detection breaks valid subkey workflow

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Summary

I have two GitLab accounts, work and personal (more by accident because the social login workflow will create one even if you didn't intend to). I have a master GPG key with separate identities, one for work and one for personal. I have separate subkeys for my work laptop and for my personal laptop. They of course have the same public key because that is at the master key level. The private subkeys only exist on the separate laptops.

Steps to reproduce

  1. Create two GitLab accounts with two different email addresses.
  2. Create a master GPG key
  3. Add two identities, one for each email address
  4. Create two subkeys (actually you don't need this to reproduce the bug but you would if the bug didn't exist)
  5. Add the public key to both accounts.

Example Project

N/A

What is the current bug behavior?

Adding the public key to the second account fails as it detects that it is already in use. It also incorrectly complains about the master key even though that should never be used in this workflow.

What is the expected correct behavior?

Adding the same public key across multiple accounts should be valid. It should also not assume that the master key is the one that is used.

Relevant logs and/or screenshots

I forgot to take a screenshot...

Output of checks

his bug happens on GitLab.com

Results of GitLab environment info

Expand for output related to GitLab environment info 

(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)


(we will only investigate if the tests are passing)

Possible fixes

Edited by 🤖 GitLab Bot 🤖