Reported by: Luca Capello <luca <at> pca.it>
Date: Wed, 29 Jun 2011 14:20:03 UTC
Severity: normal
Found in version 24.0.50
Done: Luca Capello <luca <at> pca.it>
Bug is archived. No further changes may be made.
View this message in rfc822 format
From: help-debbugs <at> gnu.org (GNU bug Tracking System) To: Luca Capello <luca <at> pca.it> Cc: tracker <at> debbugs.gnu.org Subject: bug#8955: closed (24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER`) Date: Sun, 18 Sep 2011 09:56:01 +0000
[Message part 1 (text/plain, inline)]
Your message dated Sun, 18 Sep 2011 11:49:52 +0200 with message-id <87d3eyp4cf.fsf <at> gismo.pca.it> and subject line Re: bug#8955: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER` has caused the debbugs.gnu.org bug report #8955, regarding 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER` to be marked as done. (If you believe you have received this mail in error, please contact help-debbugs <at> gnu.org.) -- 8955: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8955 GNU Bug Tracking System Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
From: Luca Capello <luca <at> pca.it> To: bug-gnu-emacs <at> gnu.org Subject: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER` Date: Wed, 29 Jun 2011 16:18:31 +0200-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi there! This is nothing more than #7797, but from the receiver POV: <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7797> Anyway, I tried to send an encrypted email to multiple recipients, leaving EasyPG/Gnus choosing the keys to be used in case of multiple keys associated with the same email address, but I got the following debug error, which already points out the problematic key: ===== Debugger entered--Lisp error: (error "Sign failed: ((exit) (invalid-recipient (reason . 0) (requested-recipient . \"F2B52A5D0A5FB687\")))") signal(error ("Sign failed: ((exit) (invalid-recipient (reason . 0) (requested-recipient . \"F2B52A5D0A5FB687\")))")) byte-code("[REMOVED]" [mml1991-epg-secret-key-id-list error password-cache-remove signal] 4) mml1991-epg-encrypt((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853) (contents . "[REMOVED]")) t) mml1991-encrypt((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853) (contents . "[REMOVED]")) t) mml-pgp-encrypt-buffer((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853) (contents . "[REMOVED]")) t) mml-generate-mime-1((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853) (contents . "[REMOVED]"))) mml-generate-mime() message-encode-message-body() message-send-mail(nil) message-send-via-mail(nil) message-send(nil) message-send-and-exit(nil) call-interactively(message-send-and-exit nil nil) ===== Thanks to the ` *epg-debug*' buffer, the problem is clear: ===== /usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor \ --textmode --output /tmp/epg-output199236kn --encrypt --sign \ -r 220BC883330C4A75 -r F9935424B1DF9A57 -r C09E1D8995930EDE \ -r F2B52A5D0A5FB687 -r 7C8DFA5B0999548B -r D929F2992BEF0A33 \ -r 0924ED20A110DDD2 -r F66E3E419F84F4DE -r A430C6AA88BBB51E \ -r 116F5E3AB368A4EB [GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca <at> pca.it> [GNUPG:] NEED_PASSPHRASE D91D57A03BE9F36D 06EAA066E397832F 1 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE gpg: A6EC05C3: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT gpg: 8FDECE3A: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT gpg: 2CE2EC3D: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT gpg: BE3074DB: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT [GNUPG:] KEYEXPIRED 1280819613 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead [GNUPG:] KEYEXPIRED 1243841410 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead [GNUPG:] KEYEXPIRED 1280819613 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead [GNUPG:] KEYEXPIRED 1243841410 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: 6FCBFD6D: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT gpg: 4A470B3D: There is no assurance this key belongs to the named user [GNUPG:] GET_BOOL untrusted_key.override [GNUPG:] GOT_IT gpg: F2B52A5D0A5FB687: skipped: unusable public key [GNUPG:] INV_RECP 0 F2B52A5D0A5FB687 gpg: [stdin]: sign+encrypt failed: unusable public key ===== Bingo, obviously key F2B52A5D0A5FB687 can not be used, but still it is the first key associated with Gaudenz's email address: ===== luca <at> gismo:~$ gpg --list-key F2B52A5D0A5FB687 pub 1024D/0A5FB687 2000-05-26 [revoked: 2004-01-19] uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin (POnG) <[REMOVED]> uid Gaudenz Steinlin (Debian) <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> luca <at> gismo:~$ gpg --list-key gaudenz <at> debian.org pub 1024D/0A5FB687 2000-05-26 [revoked: 2004-01-19] uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin (POnG) <[REMOVED]> uid Gaudenz Steinlin (Debian) <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> pub 4096R/BAF91EF5 2009-07-25 uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid [jpeg image of size 10263] sub 4096R/A4CD5779 2010-04-16 [expires: 2012-04-15] sub 4096R/2842C44B 2010-04-16 [expires: 2012-04-15] pub 1024D/8C7740AF 2005-10-17 uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid Gaudenz Steinlin <[REMOVED]> uid [jpeg image of size 4160] sub 2048R/59B18732 2006-03-17 [expires: 2012-04-15] sub 2048R/936691BB 2006-04-20 [expires: 2012-04-15] luca <at> gismo:~$ ===== As in the past, I still do not understand why EasyPG wants to specify each key by itself instead of email addresses and thus relying on GnuPG, which (actually and again) does the Right Thing™: ===== luca <at> gismo:~$ echo "test" >test.txt luca <at> gismo:~$ gpg --encrypt -r gaudenz <at> debian.org test.txt gpg: 2842C44B: There is no assurance this key belongs to the named user pub 4096R/2842C44B 2010-04-16 Gaudenz Steinlin <gaudenz <at> debian.org> Primary key fingerprint: 836E 4F81 EFBB ADA7 0852 79BF A97A 7702 BAF9 1EF5 Subkey fingerprint: 4926 54F0 9523 00D0 610C ABB2 18A1 39A4 2842 C44B It is NOT certain that the key belongs to the person named in the user ID. If you *really* know what you are doing, you may answer the next question with yes. Use this key anyway? (y/N) y luca <at> gismo:~$ ls -l test.txt* - -rw-r--r-- 1 luca luca 5 Jun 29 13:13 test.txt - -rw-r--r-- 1 luca luca 1653 Jun 29 13:13 test.txt.gpg luca <at> gismo:~$ gpg --decrypt test.txt.gpg [various anonymous recipients tries...] gpg: anonymous recipient; trying secret key 3BE9F36D ... gpg: encrypted with RSA key, ID 00000000 gpg: encrypted with RSA key, ID 00000000 gpg: encrypted with 4096-bit RSA key, ID 2842C44B, created 2010-04-16 "Gaudenz Steinlin <gaudenz.steinlin <at> soziologie.ch>" gpg: decryption failed: secret key not available luca <at> gismo:~$ ===== BTW1, the workaround is quite simple, I removed the revoked key from my GnuPG keyring and everything was OK... BTW2, I know I still use and old version of emacs-snapshot, but given that I have another grave IMAP bug to report, I have not updated yet my Debian sid. Nevertheless, I tried the latest package as well, with no success: In GNU Emacs 24.0.50.1 (x86_64-pc-linux-gnu, GTK+ Version 2.24.4) of 2011-06-28 on keller, modified by Debian (emacs-snapshot package, version 1:20110628-1) Thx, bye, Gismo / Luca In GNU Emacs 24.0.50.1 (x86_64-pc-linux-gnu, GTK+ Version 2.24.3) of 2011-04-08 on cigue, modified by Debian (emacs-snapshot package, version 1:20110408-1) configured using `configure '--build' 'x86_64-linux-gnu' '--host' 'x86_64-linux-gnu' '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib' '--localstatedir=/var' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--with-pop=yes' '--enable-locallisppath=/etc/emacs-snapshot:/etc/emacs:/usr/local/share/emacs/24.0.50/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.0.50/site-lisp:/usr/share/emacs/site-lisp' '--without-compress-info' '--with-x=yes' '--with-x-toolkit=gtk' '--with-imagemagick=yes' 'build_alias=x86_64-linux-gnu' 'host_alias=x86_64-linux-gnu' 'CFLAGS=-DDEBIAN -DSITELOAD_PURESIZE_EXTRA=5000 -g -O2' 'LDFLAGS=-g -Wl,--as-needed' 'CPPFLAGS='' Important settings: value of $LC_ALL: nil value of $LC_COLLATE: nil value of $LC_CTYPE: nil value of $LC_MESSAGES: en_US.UTF-8 value of $LC_MONETARY: nil value of $LC_NUMERIC: en_US.UTF-8 value of $LC_TIME: nil value of $LANG: en_US.UTF-8 value of $XMODIFIERS: nil locale-coding-system: utf-8-unix default enable-multibyte-characters: t Major mode: Message Minor modes in effect: epa-mail-mode: t gnus-message-citation-mode: t footnote-mode: t gpm-mouse-mode: t display-battery-mode: t display-time-mode: t show-paren-mode: t mml-mode: t mouse-wheel-mode: t file-name-shadow-mode: t global-font-lock-mode: t font-lock-mode: t auto-composition-mode: t auto-encryption-mode: t auto-compression-mode: t column-number-mode: t line-number-mode: t transient-mark-mode: t abbrev-mode: t Recent input: RET y y y y y y ESC [ A ESC [ A ESC [ A ESC [ A ESC [ A ESC [ A ESC [ A q ESC x r e p o r t - e m TAB b u TAB RET Recent messages: Entering debugger... Back to top level. Mark set [3 times] Sending... Entering debugger... Back to top level. Sending... Use untrusted key anyway? (y or n) y [6 times] Entering debugger... Back to top level. Load-path shadows: /usr/share/emacs/24.0.50/site-lisp/auctex/context-en hides /usr/share/emacs/site-lisp/auctex/context-en /usr/share/emacs/24.0.50/site-lisp/auctex/tex-style hides /usr/share/emacs/site-lisp/auctex/tex-style /usr/share/emacs/24.0.50/site-lisp/auctex/texmathp hides /usr/share/emacs/site-lisp/auctex/texmathp /usr/share/emacs/24.0.50/site-lisp/auctex/tex-jp hides /usr/share/emacs/site-lisp/auctex/tex-jp /usr/share/emacs/24.0.50/site-lisp/auctex/font-latex hides /usr/share/emacs/site-lisp/auctex/font-latex /usr/share/emacs/24.0.50/site-lisp/auctex/latex hides /usr/share/emacs/site-lisp/auctex/latex /usr/share/emacs/24.0.50/site-lisp/auctex/tex-buf hides /usr/share/emacs/site-lisp/auctex/tex-buf /usr/share/emacs/24.0.50/site-lisp/auctex/context-nl hides /usr/share/emacs/site-lisp/auctex/context-nl /usr/share/emacs/24.0.50/site-lisp/auctex/toolbar-x hides /usr/share/emacs/site-lisp/auctex/toolbar-x /usr/share/emacs/24.0.50/site-lisp/auctex/tex-fold hides /usr/share/emacs/site-lisp/auctex/tex-fold /usr/share/emacs/24.0.50/site-lisp/auctex/tex-info hides /usr/share/emacs/site-lisp/auctex/tex-info /usr/share/emacs/24.0.50/site-lisp/auctex/tex hides /usr/share/emacs/site-lisp/auctex/tex /usr/share/emacs/24.0.50/site-lisp/auctex/tex-font hides /usr/share/emacs/site-lisp/auctex/tex-font /usr/share/emacs/24.0.50/site-lisp/auctex/context hides /usr/share/emacs/site-lisp/auctex/context /usr/share/emacs/24.0.50/site-lisp/auctex/multi-prompt hides /usr/share/emacs/site-lisp/auctex/multi-prompt /usr/share/emacs/24.0.50/site-lisp/auctex/tex-fptex hides /usr/share/emacs/site-lisp/auctex/tex-fptex /usr/share/emacs/24.0.50/site-lisp/auctex/bib-cite hides /usr/share/emacs/site-lisp/auctex/bib-cite /usr/share/emacs/24.0.50/site-lisp/auctex/tex-bar hides /usr/share/emacs/site-lisp/auctex/tex-bar /usr/share/emacs/24.0.50/site-lisp/auctex/tex-mik hides /usr/share/emacs/site-lisp/auctex/tex-mik /usr/share/emacs/24.0.50/site-lisp/debian-startup hides /usr/share/emacs/site-lisp/debian-startup ~/.emacs.d/elisp/fortune hides /usr/share/emacs/24.0.50/lisp/play/fortune Features: (shadow emacsbug mml1991 debug mail-extr sort help-mode time-stamp gnus-bcklg bbdb-hooks epa-mail gnus-cite footnote gnus-draft gnus-ml gnus-topic nndraft nnmh nndoc utf-7 rot13 disp-table network-stream starttls nnimap parse-time tls utf7 netrc nnml nnfolder nnnil gnus-agent gnus-srvr gnus-score score-mode nnvirtual gnus-cache ielm comint ring t-mouse server gismo-full-emacs ratpoison ratpoisonrc-mode generic generic-x gismo-emacs gismo-modes battery time ido paren eldoc gismo-w3m w3m-search w3m-session gismo-popup gismo-planner bbdb-anniv timeclock view cal-china lunar solar cal-dst cal-bahai cal-islam cal-hebrew holidays hol-loaddefs appt diary-lib diary-loaddefs icalendar cal-menu calendar cal-loaddefs gismo-keybindings nroff-mode under dictionary link connection w3m doc-view jka-compr image-mode w3m-hist w3m-fb bookmark-w3m w3m-ems w3m-ccl ccl w3m-favicon w3m-image w3m-proc w3m-util dired gismo-gnus gnus-demon nntp spam spam-stat gnus-uu yenc gnus-msg gnus-art mm-uu mml2015 mm-view mml-smime smime dig nnir gnus-sum gnus-group gnus-undo gnus-start gnus-spec gnus-win browse-url nnrss xml mm-url url url-proxy url-privacy url-expand url-methods url-history url-cookie url-util url-parse auth-source eieio byte-opt bytecomp byte-compile cconv macroexp assoc password-cache url-vars mailcap nnmail gnus-int gnus-range mail-source message sendmail rfc822 mml mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 gmm-utils mailheader nnoo gnus gnus-ems nnheader gnus-util time-date mail-utils gnus-BTS gismo-files gismo-eudc eudcb-ldap eudcb-bbdb bbdb-com mailabbrev cl eudc eudc-options-file cus-edit cus-start cus-load eudc-vars wid-edit ldap gismo-eshell gismo-erc erc-stamp erc-log erc-dcc erc-goodies erc erc-backend erc-compat format-spec thingatpt pp gismo-easypg epa derived epg epg-config gismo-dired gismo-debian debian-bug rfc2047 rfc2045 ietf-drums mm-util mail-prsvr gismo-broken gismo-bbdb bbdb timezone gismo-auctex latex tex-style tex regexp-opt advice help-fns advice-preload easymenu gismo-functions-insert gismo-functions unicode-helper edmacro kmacro debian-el debian-el-loaddefs w3m-load emacs-goodies-el emacs-goodies-custom emacs-goodies-loaddefs easy-mmode dpkg-dev-el dpkg-dev-el-loaddefs bbdb-autoloads preview-latex tex-site auto-loads tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd tool-bar dnd fontset image fringe lisp-mode register page menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock font-lock syntax facemenu font-core frame cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew greek romanian slovak czech european ethiopic indian cyrillic chinese case-table epa-hook jka-cmpr-hook help simple abbrev minibuffer loaddefs button faces cus-face files text-properties overlay md5 base64 format env code-pages mule custom widget hashtable-print-readable backquote make-network-process dbusbind dynamic-setting font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCgAGBQJOCzQ4AAoJENkdV6A76fNt5esP/07cj92BYjl+AphdoyE4NP4f rSWUgfvnRnsZeF5qyHx0CeDkWf7dV63+OLU+wEovgp1x8zHakxfgEpPu/IaRtruF k92whzcqbrA4CiFvWhd5iw5dTyweJ33j2JXQop0lu5GSnTPgYy/KbjdMJF1mZTJ+ uArQxYF7SMYvU1fgHOs4O4Mbgy65PjripPMTYXbBBRR++QBzsnV9C6CGH7DmAmsD Lg/TqTeVW5jlkhdg0pGlm7BjWv6cdE1DxZt+X+5qqUQQXW1C83WRFBBifMMBx+VK UX8lym2DaDX1hrx67aVe+Z0aAN74utXnpaLzFL6f/TQf+wlnAmFG0Sll/6vgXc7m ZBEvPBnmeU4MHZjE3AHnQssPBqPVfX1z/u8ujYvCL050LxJkvFKWcMr1TmjWtPQW B+bgQ2/uC/p/7kjFAP/Liy4ysaWawMGOQbJlJzzNksrJauyfq8PC1igTaqRxAwgl hFaGV+5lOrMPBvEEvSFtSs5ATiK/fOdbaaBGZ0rW4QDaOuv12Xb41XODL448lH1Q yQNb0cb7g5ISgECvffWKB+k1MPW2CT0yFfJChVvgy+KQ8uEDlod2UJUocNY2HONi R+bp0wlEihsqJ9d4fkkckJVcOeb5MIJD6/iF0KAITtbg1tlL+M1bA2qKnzQ4tXr3 AlaUQt33dLr5nSZqUjfD =pxIk -----END PGP SIGNATURE-----
[Message part 3 (message/rfc822, inline)]
From: Luca Capello <luca <at> pca.it> To: 8955-done <at> debbugs.gnu.org Cc: Daiki Ueno <ueno <at> unixuser.org> Subject: Re: bug#8955: 24.0.50; [EasyPG/Gnus] always pick up the first key from `gpg --list-key $RECEIVER` Date: Sun, 18 Sep 2011 11:49:52 +0200[Message part 4 (text/plain, inline)]Hi there! On Thu, 04 Aug 2011 09:01:35 +0200, Daiki Ueno wrote: > Luca Capello <luca <at> pca.it> writes: > >> This is nothing more than #7797, but from the receiver POV: >> >> <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7797> > >> Debugger entered--Lisp error: (error "Sign failed: ((exit) (invalid-recipient (reason . 0) (requested-recipient . \"F2B52A5D0A5FB687\")))") >> mml1991-epg-encrypt((part (sign . "pgp") (encrypt . "pgp") (tag-location . 853) (contents . "[REMOVED]")) t) > > mml1991.el (for non-MIME messages) is not updated well as mml2015.el > (for MIME message). I've just checked in a fix: > > http://bzr.savannah.gnu.org/lh/emacs/trunk/revision/105399 > > Could you test it? Here I am, with "some" delay. How I tested it: 1) check that `gpg --list-key gaudenz <at> debian.org` outputs keys in the same order as when I reported the bug 2) enable `epg-debug' 2) send a `mml-secure-message-encrypt-pgpmime' email Everything works as expected, thus closing this bug. Thank you! Thx, bye, Gismo / Luca[Message part 5 (application/pgp-signature, inline)]
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.