GNU bug report logs - #37230
EasyPG selects revoked key, rather than the obvious current one as recipient on file save

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 37230 in the body.
You can then email your comments to 37230 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Beto HydroxyButyrate <beto <at> zepherin.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Re: EasyPG selects revoked key, rather than the obvious current one
 as recipient on file save
Date: Fri, 30 Aug 2019 15:16:23 +1000

Hi.  Actually, I had a closer look at the key, and all I had was the
revoked public key, not the private bit.
So I deleted it.

I still maintain that EasyPG should act the same as gpg when it comes to
specifying recipients.

On 8/30/19 3:10 PM, Beto HydroxyButyrate wrote:
>
> I have a test file named Test1.gpg with the following at the top:
> ;; -*- epa-file-encrypt-to: ("beto <at> zepherin.com") -*-
>
> I write out the file. It throws this error:
>
> Debugger entered--Lisp error: (file-error "Opening output file" "Encrypt
> failed" "Unusable public key: 4253BDD3FF52DC13; Exit")
> signal(file-error ("Opening output file" "Encrypt failed" "Unusable
> public key: 4253BDD3FF52DC13; Exit"))
> epa-file-write-region(nil nil "/home/user/Documents/Auth/Test1.gpg" nil
> t "~/Documents/Auth/Test1.gpg" nil)
> apply(epa-file-write-region (nil nil
> "/home/user/Documents/Auth/Test1.gpg" nil t "~/Documents/Auth/Test1.gpg"
> nil))
> epa-file-handler(write-region nil nil
> "/home/user/Documents/Auth/Test1.gpg" nil t "~/Documents/Auth/Test1.gpg"
> nil)
> write-region(nil nil "/home/user/Documents/Auth/Test1.gpg" nil t
> "~/Documents/Auth/Test1.gpg")
> basic-save-buffer-2()
> basic-save-buffer-1()
> basic-save-buffer(t)
> save-buffer(1)
> funcall-interactively(save-buffer 1)
> call-interactively(save-buffer nil nil)
> command-execute(save-buffer)
>
> The problem is that EasyPG selects the revoked key. The solution is
> *not* to delete the revoked key from my keyring. I need the revoked key
> to be able to decode email previously sent encrypted using this revoked
> key.
> I did some googling and saw that there have been at least two other
> reports of this issue, but someone hacked up a kluge specifically for
> email, rather than fixing the general case.
>
>
>
> In GNU Emacs 26.1 (build 1, x86_64-redhat-linux-gnu, GTK+ Version 3.23.2)
> of 2018-08-13 built on buildvm-13.phx2.fedoraproject.org
> Windowing system distributor 'Fedora Project', version 11.0.12004000
> System Description: Fedora release 29 (Twenty Nine)
>
> Recent messages:
> <<< Type SPC or RET to bury the buffer list >>>
> Saving file /home/user/Documents/Auth/Test1.gpg...
> epa-file-write-region: Opening output file: Encrypt failed, Unusable
> public key: 4253BDD3FF52DC13; Exit
> <<< Type SPC or RET to bury the buffer list >>>
> Mark set
> t [2 times]
> <<< Type SPC or RET to bury the buffer list >>>
> Saving file /home/user/Documents/Auth/Test1.gpg...
> Entering debugger...
> <<< Type SPC or RET to bury the buffer list >>>
>
> Configured using:
> 'configure --build=x86_64-redhat-linux-gnu
> --host=x86_64-redhat-linux-gnu --program-prefix=
> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
> --libexecdir=/usr/libexec --localstatedir=/var
> --sharedstatedir=/var/lib --mandir=/usr/share/man
> --infodir=/usr/share/info --with-dbus --with-gif --with-jpeg --with-png
> --with-rsvg --with-tiff --with-xft --with-xpm --with-x-toolkit=gtk3
> --with-gpm=no --with-xwidgets --with-modules
> build_alias=x86_64-redhat-linux-gnu host_alias=x86_64-redhat-linux-gnu
> 'CFLAGS=-DMAIL_USE_LOCKF -O2 -g -pipe -Wall -Werror=format-security
> -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions
> -fstack-protector-strong -grecord-gcc-switches
> -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
> -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
> -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection'
> LDFLAGS=-Wl,-z,relro
> PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
>
> Configured features:
> XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND DBUS GSETTINGS NOTIFY ACL
> LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB
> TOOLKIT_SCROLL_BARS GTK3 X11 MODULES THREADS XWIDGETS LCMS2
>
> Important settings:
> value of $LANG: C.UTF-8
> locale-coding-system: utf-8-unix
>
> Major mode: Debugger
>
> Minor modes in effect:
> shell-dirtrack-mode: t
> show-paren-mode: t
> display-time-mode: t
> minibuffer-electric-default-mode: t
> tooltip-mode: t
> global-eldoc-mode: t
> electric-indent-mode: t
> mouse-wheel-mode: t
> file-name-shadow-mode: t
> global-font-lock-mode: t
> font-lock-mode: t
> blink-cursor-mode: t
> auto-composition-mode: t
> auto-encryption-mode: t
> auto-compression-mode: t
> buffer-read-only: t
> line-number-mode: t
> transient-mark-mode: t
>
> Load-path shadows:
> None found.
>
> Features:
> (shadow sort mail-extr emacsbug message rmc puny format-spec rfc822 mml
> mml-sec password-cache gnus-util rmail rmail-loaddefs mm-decode
> mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader
> sendmail rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils
> cl-print debug cl-extra help-fns radix-tree help-mode misearch
> multi-isearch shell pcomplete epa-file epa derived epg epg-config
> image-mode rng-xsd xsd-regexp rng-cmpct rng-nxml rng-valid rng-loc
> rng-uri rng-parse nxml-parse rng-match rng-dt rng-util rng-pttrn nxml-ns
> nxml-mode nxml-outln nxml-rap sgml-mode seq byte-opt gv bytecomp
> byte-compile cconv dom nxml-util nxml-enc xmltok view dired
> dired-loaddefs elec-pair cus-edit cus-start cus-load wid-edit paren time
> minibuf-eldef ruby-mode smie cc-mode cc-fonts cc-guess cc-menus cc-cmds
> cc-styles cc-align cc-engine cc-vars cc-defs compile info easymenu ehelp
> echistory chistory ebuff-menu hippie-exp comint ansi-color ring edmacro
> kmacro cl-loaddefs cl-lib ls-lisp time-date mule-util tooltip eldoc
> electric uniquify ediff-hook vc-hooks lisp-float-type mwheel term/x-win
> x-win term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe
> tabulated-list replace newcomment text-mode elisp-mode lisp-mode
> prog-mode register page menu-bar rfn-eshadow isearch timer select
> scroll-bar mouse jit-lock font-lock syntax facemenu font-core
> term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
> vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
> hebrew greek romanian slovak czech european ethiopic indian cyrillic
> chinese composite charscript charprop case-table epa-hook jka-cmpr-hook
> help simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs
> button faces cus-face macroexp files text-properties overlay sha1 md5
> base64 format env code-pages mule custom widget hashtable-print-readable
> backquote dbusbind inotify lcms2 dynamic-setting system-font-setting
> font-render-setting xwidget-internal move-toolbar gtk x-toolkit x
> multi-tty make-network-process emacs)
>
> Memory information:
> ((conses 16 174725 10251)
> (symbols 48 27705 1)
> (miscs 40 367 292)
> (strings 32 50902 1271)
> (string-bytes 1 1474559)
> (vectors 16 22946)
> (vector-slots 8 584471 13322)
> (floats 8 112 656)
> (intervals 56 1481 164)
> (buffers 992 27))
>
>

Message #10 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Beto HydroxyButyrate <beto <at> zepherin.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Re: EasyPG selects revoked key, rather than the obvious current one
 as recipient on file save
Date: Fri, 30 Aug 2019 16:14:32 +1000

[Message part 1 (text/plain, inline)]

Hi.  I transferred the file in question to the machine which does have
the pub/sec key on the keyring.
I do not wish to delete the key on that machine as I definitely do have
a lot of email which was sent encrypted with the pub key and which I
need the sec key to read.

So, I withdraw my withdrawal of the bug report.  It makes it pretty much
useless for me on that machine, unless I were to encode the keyid
explicitly.

I tried deleting just the public key, but alas, no such luck.

/    /lust% gpg --delete-key 4253BDD3FF52DC13
    gpg (GnuPG/MacGPG2) 2.2.17; Copyright (C) 2019 Free Software
Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.

    gpg: there is a secret key for public key "4253BDD3FF52DC13"!
    gpg: use option "--delete-secret-keys" to delete it first.


On 8/30/19 3:16 PM, Beto HydroxyButyrate wrote:
> Hi.  Actually, I had a closer look at the key, and all I had was the
> revoked public key, not the private bit.
> So I deleted it.
>
> I still maintain that EasyPG should act the same as gpg when it comes to
> specifying recipients.
>
> On 8/30/19 3:10 PM, Beto HydroxyButyrate wrote:
>> I have a test file named Test1.gpg with the following at the top:
>> ;; -*- epa-file-encrypt-to: ("beto <at> zepherin.com") -*-
>>
>> I write out the file. It throws this error:
>>
>> Debugger entered--Lisp error: (file-error "Opening output file" "Encrypt
>> failed" "Unusable public key: 4253BDD3FF52DC13; Exit")
>> signal(file-error ("Opening output file" "Encrypt failed" "Unusable
>> public key: 4253BDD3FF52DC13; Exit"))
>> epa-file-write-region(nil nil "/home/user/Documents/Auth/Test1.gpg" nil
>> t "~/Documents/Auth/Test1.gpg" nil)
>> apply(epa-file-write-region (nil nil
>> "/home/user/Documents/Auth/Test1.gpg" nil t "~/Documents/Auth/Test1.gpg"
>> nil))
>> epa-file-handler(write-region nil nil
>> "/home/user/Documents/Auth/Test1.gpg" nil t "~/Documents/Auth/Test1.gpg"
>> nil)
>> write-region(nil nil "/home/user/Documents/Auth/Test1.gpg" nil t
>> "~/Documents/Auth/Test1.gpg")
>> basic-save-buffer-2()
>> basic-save-buffer-1()
>> basic-save-buffer(t)
>> save-buffer(1)
>> funcall-interactively(save-buffer 1)
>> call-interactively(save-buffer nil nil)
>> command-execute(save-buffer)
>>
>> The problem is that EasyPG selects the revoked key. The solution is
>> *not* to delete the revoked key from my keyring. I need the revoked key
>> to be able to decode email previously sent encrypted using this revoked
>> key.
>> I did some googling and saw that there have been at least two other
>> reports of this issue, but someone hacked up a kluge specifically for
>> email, rather than fixing the general case.
>>
>>
>>
>> In GNU Emacs 26.1 (build 1, x86_64-redhat-linux-gnu, GTK+ Version 3.23.2)
>> of 2018-08-13 built on buildvm-13.phx2.fedoraproject.org
>> Windowing system distributor 'Fedora Project', version 11.0.12004000
>> System Description: Fedora release 29 (Twenty Nine)
>>
>> Recent messages:
>> <<< Type SPC or RET to bury the buffer list >>>
>> Saving file /home/user/Documents/Auth/Test1.gpg...
>> epa-file-write-region: Opening output file: Encrypt failed, Unusable
>> public key: 4253BDD3FF52DC13; Exit
>> <<< Type SPC or RET to bury the buffer list >>>
>> Mark set
>> t [2 times]
>> <<< Type SPC or RET to bury the buffer list >>>
>> Saving file /home/user/Documents/Auth/Test1.gpg...
>> Entering debugger...
>> <<< Type SPC or RET to bury the buffer list >>>
>>
>> Configured using:
>> 'configure --build=x86_64-redhat-linux-gnu
>> --host=x86_64-redhat-linux-gnu --program-prefix=
>> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
>> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
>> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
>> --libexecdir=/usr/libexec --localstatedir=/var
>> --sharedstatedir=/var/lib --mandir=/usr/share/man
>> --infodir=/usr/share/info --with-dbus --with-gif --with-jpeg --with-png
>> --with-rsvg --with-tiff --with-xft --with-xpm --with-x-toolkit=gtk3
>> --with-gpm=no --with-xwidgets --with-modules
>> build_alias=x86_64-redhat-linux-gnu host_alias=x86_64-redhat-linux-gnu
>> 'CFLAGS=-DMAIL_USE_LOCKF -O2 -g -pipe -Wall -Werror=format-security
>> -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions
>> -fstack-protector-strong -grecord-gcc-switches
>> -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
>> -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
>> -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection'
>> LDFLAGS=-Wl,-z,relro
>> PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
>>
>> Configured features:
>> XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND DBUS GSETTINGS NOTIFY ACL
>> LIBSELINUX GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB
>> TOOLKIT_SCROLL_BARS GTK3 X11 MODULES THREADS XWIDGETS LCMS2
>>
>> Important settings:
>> value of $LANG: C.UTF-8
>> locale-coding-system: utf-8-unix
>>
>> Major mode: Debugger
>>
>> Minor modes in effect:
>> shell-dirtrack-mode: t
>> show-paren-mode: t
>> display-time-mode: t
>> minibuffer-electric-default-mode: t
>> tooltip-mode: t
>> global-eldoc-mode: t
>> electric-indent-mode: t
>> mouse-wheel-mode: t
>> file-name-shadow-mode: t
>> global-font-lock-mode: t
>> font-lock-mode: t
>> blink-cursor-mode: t
>> auto-composition-mode: t
>> auto-encryption-mode: t
>> auto-compression-mode: t
>> buffer-read-only: t
>> line-number-mode: t
>> transient-mark-mode: t
>>
>> Load-path shadows:
>> None found.
>>
>> Features:
>> (shadow sort mail-extr emacsbug message rmc puny format-spec rfc822 mml
>> mml-sec password-cache gnus-util rmail rmail-loaddefs mm-decode
>> mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader
>> sendmail rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils
>> cl-print debug cl-extra help-fns radix-tree help-mode misearch
>> multi-isearch shell pcomplete epa-file epa derived epg epg-config
>> image-mode rng-xsd xsd-regexp rng-cmpct rng-nxml rng-valid rng-loc
>> rng-uri rng-parse nxml-parse rng-match rng-dt rng-util rng-pttrn nxml-ns
>> nxml-mode nxml-outln nxml-rap sgml-mode seq byte-opt gv bytecomp
>> byte-compile cconv dom nxml-util nxml-enc xmltok view dired
>> dired-loaddefs elec-pair cus-edit cus-start cus-load wid-edit paren time
>> minibuf-eldef ruby-mode smie cc-mode cc-fonts cc-guess cc-menus cc-cmds
>> cc-styles cc-align cc-engine cc-vars cc-defs compile info easymenu ehelp
>> echistory chistory ebuff-menu hippie-exp comint ansi-color ring edmacro
>> kmacro cl-loaddefs cl-lib ls-lisp time-date mule-util tooltip eldoc
>> electric uniquify ediff-hook vc-hooks lisp-float-type mwheel term/x-win
>> x-win term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe
>> tabulated-list replace newcomment text-mode elisp-mode lisp-mode
>> prog-mode register page menu-bar rfn-eshadow isearch timer select
>> scroll-bar mouse jit-lock font-lock syntax facemenu font-core
>> term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
>> vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
>> hebrew greek romanian slovak czech european ethiopic indian cyrillic
>> chinese composite charscript charprop case-table epa-hook jka-cmpr-hook
>> help simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs
>> button faces cus-face macroexp files text-properties overlay sha1 md5
>> base64 format env code-pages mule custom widget hashtable-print-readable
>> backquote dbusbind inotify lcms2 dynamic-setting system-font-setting
>> font-render-setting xwidget-internal move-toolbar gtk x-toolkit x
>> multi-tty make-network-process emacs)
>>
>> Memory information:
>> ((conses 16 174725 10251)
>> (symbols 48 27705 1)
>> (miscs 40 367 292)
>> (strings 32 50902 1271)
>> (string-bytes 1 1474559)
>> (vectors 16 22946)
>> (vector-slots 8 584471 13322)
>> (floats 8 112 656)
>> (intervals 56 1481 164)
>> (buffers 992 27))
>>
>>

[Message part 2 (text/html, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.