[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#8955: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg
|
From: |
Luca Capello |
|
Subject: |
bug#8955: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER` |
|
Date: |
Wed, 29 Jun 2011 16:18:31 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi there!
This is nothing more than #7797, but from the receiver POV:
<http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7797>
Anyway, I tried to send an encrypted email to multiple recipients,
leaving EasyPG/Gnus choosing the keys to be used in case of multiple
keys associated with the same email address, but I got the following
debug error, which already points out the problematic key:
=====
Debugger entered--Lisp error: (error "Sign failed: ((exit) (invalid-recipient
(reason . 0) (requested-recipient . \"F2B52A5D0A5FB687\")))")
signal(error ("Sign failed: ((exit) (invalid-recipient (reason . 0)
(requested-recipient . \"F2B52A5D0A5FB687\")))"))
byte-code("[REMOVED]" [mml1991-epg-secret-key-id-list error
password-cache-remove signal] 4)
mml1991-epg-encrypt((part (sign . "pgp") (encrypt . "pgp") (tag-location .
853) (contents . "[REMOVED]")) t)
mml1991-encrypt((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853)
(contents . "[REMOVED]")) t)
mml-pgp-encrypt-buffer((part (sign . "pgp") (encrypt . "pgp") (tag-location .
853) (contents . "[REMOVED]")) t)
mml-generate-mime-1((part (sign . "pgp") (encrypt . "pgp") (tag-location .
853) (contents . "[REMOVED]")))
mml-generate-mime()
message-encode-message-body()
message-send-mail(nil)
message-send-via-mail(nil)
message-send(nil)
message-send-and-exit(nil)
call-interactively(message-send-and-exit nil nil)
=====
Thanks to the ` *epg-debug*' buffer, the problem is clear:
=====
/usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \
--textmode --output /tmp/epg-output199236kn --encrypt --sign \
-r 220BC883330C4A75 -r F9935424B1DF9A57 -r C09E1D8995930EDE \
-r F2B52A5D0A5FB687 -r 7C8DFA5B0999548B -r D929F2992BEF0A33 \
-r 0924ED20A110DDD2 -r F66E3E419F84F4DE -r A430C6AA88BBB51E \
-r 116F5E3AB368A4EB
[GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca@pca.it>
[GNUPG:] NEED_PASSPHRASE D91D57A03BE9F36D 06EAA066E397832F 1 0
[GNUPG:] GET_HIDDEN passphrase.enter
[GNUPG:] GOT_IT
[GNUPG:] GOOD_PASSPHRASE
gpg: A6EC05C3: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
gpg: 8FDECE3A: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
gpg: 2CE2EC3D: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
gpg: BE3074DB: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
[GNUPG:] KEYEXPIRED 1280819613
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1243841410
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1280819613
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
[GNUPG:] KEYEXPIRED 1243841410
[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead
gpg: 6FCBFD6D: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
gpg: 4A470B3D: There is no assurance this key belongs to the named user
[GNUPG:] GET_BOOL untrusted_key.override
[GNUPG:] GOT_IT
gpg: F2B52A5D0A5FB687: skipped: unusable public key
[GNUPG:] INV_RECP 0 F2B52A5D0A5FB687
gpg: [stdin]: sign+encrypt failed: unusable public key
=====
Bingo, obviously key F2B52A5D0A5FB687 can not be used, but still it is
the first key associated with Gaudenz's email address:
=====
luca@gismo:~$ gpg --list-key F2B52A5D0A5FB687
pub 1024D/0A5FB687 2000-05-26 [revoked: 2004-01-19]
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin (POnG) <[REMOVED]>
uid Gaudenz Steinlin (Debian) <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
luca@gismo:~$ gpg --list-key gaudenz@debian.org
pub 1024D/0A5FB687 2000-05-26 [revoked: 2004-01-19]
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin (POnG) <[REMOVED]>
uid Gaudenz Steinlin (Debian) <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
pub 4096R/BAF91EF5 2009-07-25
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid [jpeg image of size 10263]
sub 4096R/A4CD5779 2010-04-16 [expires: 2012-04-15]
sub 4096R/2842C44B 2010-04-16 [expires: 2012-04-15]
pub 1024D/8C7740AF 2005-10-17
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid Gaudenz Steinlin <[REMOVED]>
uid [jpeg image of size 4160]
sub 2048R/59B18732 2006-03-17 [expires: 2012-04-15]
sub 2048R/936691BB 2006-04-20 [expires: 2012-04-15]
luca@gismo:~$
=====
As in the past, I still do not understand why EasyPG wants to specify
each key by itself instead of email addresses and thus relying on GnuPG,
which (actually and again) does the Right Thing™:
=====
luca@gismo:~$ echo "test" >test.txt
luca@gismo:~$ gpg --encrypt -r gaudenz@debian.org test.txt
gpg: 2842C44B: There is no assurance this key belongs to the named user
pub 4096R/2842C44B 2010-04-16 Gaudenz Steinlin <gaudenz@debian.org>
Primary key fingerprint: 836E 4F81 EFBB ADA7 0852 79BF A97A 7702 BAF9 1EF5
Subkey fingerprint: 4926 54F0 9523 00D0 610C ABB2 18A1 39A4 2842 C44B
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) y
luca@gismo:~$ ls -l test.txt*
- -rw-r--r-- 1 luca luca 5 Jun 29 13:13 test.txt
- -rw-r--r-- 1 luca luca 1653 Jun 29 13:13 test.txt.gpg
luca@gismo:~$ gpg --decrypt test.txt.gpg
[various anonymous recipients tries...]
gpg: anonymous recipient; trying secret key 3BE9F36D ...
gpg: encrypted with RSA key, ID 00000000
gpg: encrypted with RSA key, ID 00000000
gpg: encrypted with 4096-bit RSA key, ID 2842C44B, created 2010-04-16
"Gaudenz Steinlin <gaudenz.steinlin@soziologie.ch>"
gpg: decryption failed: secret key not available
luca@gismo:~$
=====
BTW1, the workaround is quite simple, I removed the revoked key from my
GnuPG keyring and everything was OK...
BTW2, I know I still use and old version of emacs-snapshot, but given
that I have another grave IMAP bug to report, I have not updated
yet my Debian sid. Nevertheless, I tried the latest package as
well, with no success:
In GNU Emacs 24.0.50.1 (x86_64-pc-linux-gnu, GTK+ Version 2.24.4)
of 2011-06-28 on keller, modified by Debian
(emacs-snapshot package, version 1:20110628-1)
Thx, bye,
Gismo / Luca
In GNU Emacs 24.0.50.1 (x86_64-pc-linux-gnu, GTK+ Version 2.24.3)
of 2011-04-08 on cigue, modified by Debian
(emacs-snapshot package, version 1:20110408-1)
configured using `configure '--build' 'x86_64-linux-gnu' '--host'
'x86_64-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib'
'--libexecdir=/usr/lib' '--localstatedir=/var' '--infodir=/usr/share/info'
'--mandir=/usr/share/man' '--with-pop=yes'
'--enable-locallisppath=/etc/emacs-snapshot:/etc/emacs:/usr/local/share/emacs/24.0.50/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.0.50/site-lisp:/usr/share/emacs/site-lisp'
'--without-compress-info' '--with-x=yes' '--with-x-toolkit=gtk'
'--with-imagemagick=yes' 'build_alias=x86_64-linux-gnu'
'host_alias=x86_64-linux-gnu' 'CFLAGS=-DDEBIAN -DSITELOAD_PURESIZE_EXTRA=5000
-g -O2' 'LDFLAGS=-g -Wl,--as-needed' 'CPPFLAGS=''
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: nil
value of $LC_CTYPE: nil
value of $LC_MESSAGES: en_US.UTF-8
value of $LC_MONETARY: nil
value of $LC_NUMERIC: en_US.UTF-8
value of $LC_TIME: nil
value of $LANG: en_US.UTF-8
value of $XMODIFIERS: nil
locale-coding-system: utf-8-unix
default enable-multibyte-characters: t
Major mode: Message
Minor modes in effect:
epa-mail-mode: t
gnus-message-citation-mode: t
footnote-mode: t
gpm-mouse-mode: t
display-battery-mode: t
display-time-mode: t
show-paren-mode: t
mml-mode: t
mouse-wheel-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
column-number-mode: t
line-number-mode: t
transient-mark-mode: t
abbrev-mode: t
Recent input:
RET y y y y y y ESC [ A ESC [ A ESC [ A ESC [ A ESC
[ A ESC [ A ESC [ A q ESC x r e p o r t - e m TAB b
u TAB RET
Recent messages:
Entering debugger...
Back to top level.
Mark set [3 times]
Sending...
Entering debugger...
Back to top level.
Sending...
Use untrusted key anyway? (y or n) y [6 times]
Entering debugger...
Back to top level.
Load-path shadows:
/usr/share/emacs/24.0.50/site-lisp/auctex/context-en hides
/usr/share/emacs/site-lisp/auctex/context-en
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-style hides
/usr/share/emacs/site-lisp/auctex/tex-style
/usr/share/emacs/24.0.50/site-lisp/auctex/texmathp hides
/usr/share/emacs/site-lisp/auctex/texmathp
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-jp hides
/usr/share/emacs/site-lisp/auctex/tex-jp
/usr/share/emacs/24.0.50/site-lisp/auctex/font-latex hides
/usr/share/emacs/site-lisp/auctex/font-latex
/usr/share/emacs/24.0.50/site-lisp/auctex/latex hides
/usr/share/emacs/site-lisp/auctex/latex
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-buf hides
/usr/share/emacs/site-lisp/auctex/tex-buf
/usr/share/emacs/24.0.50/site-lisp/auctex/context-nl hides
/usr/share/emacs/site-lisp/auctex/context-nl
/usr/share/emacs/24.0.50/site-lisp/auctex/toolbar-x hides
/usr/share/emacs/site-lisp/auctex/toolbar-x
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-fold hides
/usr/share/emacs/site-lisp/auctex/tex-fold
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-info hides
/usr/share/emacs/site-lisp/auctex/tex-info
/usr/share/emacs/24.0.50/site-lisp/auctex/tex hides
/usr/share/emacs/site-lisp/auctex/tex
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-font hides
/usr/share/emacs/site-lisp/auctex/tex-font
/usr/share/emacs/24.0.50/site-lisp/auctex/context hides
/usr/share/emacs/site-lisp/auctex/context
/usr/share/emacs/24.0.50/site-lisp/auctex/multi-prompt hides
/usr/share/emacs/site-lisp/auctex/multi-prompt
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-fptex hides
/usr/share/emacs/site-lisp/auctex/tex-fptex
/usr/share/emacs/24.0.50/site-lisp/auctex/bib-cite hides
/usr/share/emacs/site-lisp/auctex/bib-cite
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-bar hides
/usr/share/emacs/site-lisp/auctex/tex-bar
/usr/share/emacs/24.0.50/site-lisp/auctex/tex-mik hides
/usr/share/emacs/site-lisp/auctex/tex-mik
/usr/share/emacs/24.0.50/site-lisp/debian-startup hides
/usr/share/emacs/site-lisp/debian-startup
~/.emacs.d/elisp/fortune hides /usr/share/emacs/24.0.50/lisp/play/fortune
Features:
(shadow emacsbug mml1991 debug mail-extr sort help-mode time-stamp
gnus-bcklg bbdb-hooks epa-mail gnus-cite footnote gnus-draft gnus-ml
gnus-topic nndraft nnmh nndoc utf-7 rot13 disp-table network-stream
starttls nnimap parse-time tls utf7 netrc nnml nnfolder nnnil gnus-agent
gnus-srvr gnus-score score-mode nnvirtual gnus-cache ielm comint ring
t-mouse server gismo-full-emacs ratpoison ratpoisonrc-mode generic
generic-x gismo-emacs gismo-modes battery time ido paren eldoc gismo-w3m
w3m-search w3m-session gismo-popup gismo-planner bbdb-anniv timeclock
view cal-china lunar solar cal-dst cal-bahai cal-islam cal-hebrew
holidays hol-loaddefs appt diary-lib diary-loaddefs icalendar cal-menu
calendar cal-loaddefs gismo-keybindings nroff-mode under dictionary link
connection w3m doc-view jka-compr image-mode w3m-hist w3m-fb
bookmark-w3m w3m-ems w3m-ccl ccl w3m-favicon w3m-image w3m-proc w3m-util
dired gismo-gnus gnus-demon nntp spam spam-stat gnus-uu yenc gnus-msg
gnus-art mm-uu mml2015 mm-view mml-smime smime dig nnir gnus-sum
gnus-group gnus-undo gnus-start gnus-spec gnus-win browse-url nnrss xml
mm-url url url-proxy url-privacy url-expand url-methods url-history
url-cookie url-util url-parse auth-source eieio byte-opt bytecomp
byte-compile cconv macroexp assoc password-cache url-vars mailcap nnmail
gnus-int gnus-range mail-source message sendmail rfc822 mml mml-sec
mm-decode mm-bodies mm-encode mail-parse rfc2231 gmm-utils mailheader
nnoo gnus gnus-ems nnheader gnus-util time-date mail-utils gnus-BTS
gismo-files gismo-eudc eudcb-ldap eudcb-bbdb bbdb-com mailabbrev cl eudc
eudc-options-file cus-edit cus-start cus-load eudc-vars wid-edit ldap
gismo-eshell gismo-erc erc-stamp erc-log erc-dcc erc-goodies erc
erc-backend erc-compat format-spec thingatpt pp gismo-easypg epa derived
epg epg-config gismo-dired gismo-debian debian-bug rfc2047 rfc2045
ietf-drums mm-util mail-prsvr gismo-broken gismo-bbdb bbdb timezone
gismo-auctex latex tex-style tex regexp-opt advice help-fns
advice-preload easymenu gismo-functions-insert gismo-functions
unicode-helper edmacro kmacro debian-el debian-el-loaddefs w3m-load
emacs-goodies-el emacs-goodies-custom emacs-goodies-loaddefs easy-mmode
dpkg-dev-el dpkg-dev-el-loaddefs bbdb-autoloads preview-latex tex-site
auto-loads tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win
x-dnd tool-bar dnd fontset image fringe lisp-mode register page menu-bar
rfn-eshadow timer select scroll-bar mouse jit-lock font-lock syntax
facemenu font-core frame cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese hebrew greek romanian slovak
czech european ethiopic indian cyrillic chinese case-table epa-hook
jka-cmpr-hook help simple abbrev minibuffer loaddefs button faces
cus-face files text-properties overlay md5 base64 format env code-pages
mule custom widget hashtable-print-readable backquote
make-network-process dbusbind dynamic-setting font-render-setting
move-toolbar gtk x-toolkit x multi-tty emacs)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJOCzQ4AAoJENkdV6A76fNt5esP/07cj92BYjl+AphdoyE4NP4f
rSWUgfvnRnsZeF5qyHx0CeDkWf7dV63+OLU+wEovgp1x8zHakxfgEpPu/IaRtruF
k92whzcqbrA4CiFvWhd5iw5dTyweJ33j2JXQop0lu5GSnTPgYy/KbjdMJF1mZTJ+
uArQxYF7SMYvU1fgHOs4O4Mbgy65PjripPMTYXbBBRR++QBzsnV9C6CGH7DmAmsD
Lg/TqTeVW5jlkhdg0pGlm7BjWv6cdE1DxZt+X+5qqUQQXW1C83WRFBBifMMBx+VK
UX8lym2DaDX1hrx67aVe+Z0aAN74utXnpaLzFL6f/TQf+wlnAmFG0Sll/6vgXc7m
ZBEvPBnmeU4MHZjE3AHnQssPBqPVfX1z/u8ujYvCL050LxJkvFKWcMr1TmjWtPQW
B+bgQ2/uC/p/7kjFAP/Liy4ysaWawMGOQbJlJzzNksrJauyfq8PC1igTaqRxAwgl
hFaGV+5lOrMPBvEEvSFtSs5ATiK/fOdbaaBGZ0rW4QDaOuv12Xb41XODL448lH1Q
yQNb0cb7g5ISgECvffWKB+k1MPW2CT0yFfJChVvgy+KQ8uEDlod2UJUocNY2HONi
R+bp0wlEihsqJ9d4fkkckJVcOeb5MIJD6/iF0KAITtbg1tlL+M1bA2qKnzQ4tXr3
AlaUQt33dLr5nSZqUjfD
=pxIk
-----END PGP SIGNATURE-----
- bug#8955: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER`,
Luca Capello <=