Thunderbird error when importing gpg key
I am using the latest version of thunderbird and trying to import a PGP key.
I forgot my master password and so reset it using chrome://pippki/content/resetpassword.xhtml (from the official support page: ).
I then tried to reimport my secret gpg key, which was previously working in thunderbird. I dumped it in a file using gpg --export-secret-keys -a. When I try to import it using the OpenPGP Key Manager, I get an error. These are the errors displayed in the console: CryptoAPI.sync() failed result: Error: unexpected null/undefined OpenPGP password
_importKeyBlockWithAutoAccept chrome://openpgp/content/modules/RNP.jsm:1772 sync chrome://openpgp/content/modules/cryptoAPI/interface.js:56 importKeyFromFile chrome://openpgp/content/modules/keyRing.jsm:360 openPgpImportStart chrome://openpgp/content/ui/keyWizard.js:914 wizardNextStep chrome://openpgp/content/ui/keyWizard.js:269 wizardContinue chrome://openpgp/content/ui/keyWizard.js:216 _fireButtonEvent chrome://global/content/elements/dialog.js:495 _doButtonCommand chrome://global/content/elements/dialog.js:474 _handleButtonCommand chrome://global/content/elements/dialog.js:468 openKeyWizard chrome://openpgp/content/ui/enigmailKeyManager.js:1257 oncommand chrome://openpgp/content/ui/enigmailKeyManager.xhtml:1
masterpass.jsm: caught exception: NS_ERROR_FAILURE
Message: 'Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISecretDecoderRing.decryptString]'
File: undefined
Line: 208
Stack: _readPasswordFromFile@chrome://openpgp/content/modules/masterpass.jsm:208:22
retrieveOpenPGPPassword@chrome://openpgp/content/modules/masterpass.jsm:197:17
_importKeyBlockWithAutoAccept@chrome://openpgp/content/modules/RNP.jsm:1768:43
importKeyBlockImpl@chrome://openpgp/content/modules/RNP.jsm:1723:17
importKeyFromFileAPI@chrome://openpgp/content/modules/cryptoAPI/RNPCryptoAPI.jsm:158:16 importKeyFromFile@chrome://openpgp/content/modules/keyRing.jsm:361:16 openPgpImportStart@chrome://openpgp/content/ui/keyWizard.js:914:36 wizardNextStep@chrome://openpgp/content/ui/keyWizard.js:269:13 wizardContinue@chrome://openpgp/content/ui/keyWizard.js:216:5 _fireButtonEvent@chrome://global/content/elements/dialog.js:495:19 _doButtonCommand@chrome://global/content/elements/dialog.js:474:29 _handleButtonCommand@chrome://global/content/elements/dialog.js:468:19 openKeyWizard@chrome://openpgp/content/ui/enigmailKeyManager.js:1257:5 oncommand@chrome://openpgp/content/ui/enigmailKeyManager.xhtml:1:14Can I please get some help to fix this ?
Thanks
1 Answer
So far as I know, PGP keys and "Master Password" for Firefox and Thunderbird --re-named to "Primary Password" according to this link-- are separate and unrelated concepts (but that might not be entirely true; see below). Further, so far as I know, the "Primary Password" is not shared between Firefox and Thunderbird. The instructions that you linked for resetting the Primary Password look like they are for Firefox.
All that being said, I'm going to assume that you had a Primary Password set inside Thunderbird, and reset it inside Thunderbird via running this command inside the Error Console (Tools > Developer Tools > Error Console):
openDialog("chrome://pippki/content/resetpassword.xhtml")
(this triggers a dialog box with a "Reset" button that, when pressed, resets the Primary Password).
After which, you cannot use the OpenPGP Key Manager to import secret keys. Rather than being prompted for the passphrase/password to the key, you get an error message:
Import failed. The key you are trying to import might be corrupt or use unknown attributes. Would you like to attempt to import the parts that are correct? This might result in the import of incomplete and unusable keys.
and the aforementioned stack trace in the Error Console.
I'm able to replicate this behaviour with clean Thunderbird profiles from version 91.7.0, and judging by the stacktrace, it looks like there might actually be some unintentional coupling between Primary Password and the OpenPGP Key Manager. Even setting a new Primary Password for the profile, closing the profile, re-opening the profile, and trying again to import the secret key in the OpenPGP Key Manager still results in the above error.
I would file a bug with the Thunderbird team.
EDIT: A potential workaround
I only tested this with a throwaway Thunderbird profile, but it worked for getting the import secret key dialog working again.
- Determine the filesystem location of the profile that's having the problem (e.g.
~/.thunderbird/). - There should be a file named
encrypted-openpgp-passphrase.txtin that directory. - Close Thunderbird.
- Rename that file to something like
backup-encrypted-openpgp-passphrase.txt. - Re-open Thunderbird.
- Attempt to import a secret key from the OpenPGP Key Manager.
After following those steps, I was able to import the secret key and not hit that error dialog and stack trace in the Error Console.
