* bug#22359: 24.5; EasyPG selects wrong key when revoked key is present
@ 2016-01-12 23:22 a.richiardi.work
2020-12-03 9:54 ` Lars Ingebrigtsen
0 siblings, 1 reply; 4+ messages in thread
From: a.richiardi.work @ 2016-01-12 23:22 UTC (permalink / raw)
To: 22359
[-- Attachment #1: Type: text/plain, Size: 1332 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The package EasyPG does not filter revoked keys.
I have two keys in my keyring with the same email address. One is
revoked and one is not. I expect EasyPG not to even consider the revoked
one. Instead, it tries to use it and errors with:
Opening output file: Encrypt failed, Unusable public key:
REVOKED-KEY-ID; Exit
In GNU Emacs 24.5.1 (x86_64-pc-linux-gnu, GTK+ Version 3.10.8)
of 2015-08-20 on lgw01-16, modified by Debian
Windowing system distributor `The X.Org Foundation
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWlYrPAAoJENH77NBbtQL2g+sP/1jVPDtpchZI/x9UprnwdenB
mw8OOOisWzM6l8Z1tqcsNwKBLsU1nlRuB/7ApBc+3I1Ksw8n7U9fjXtE02FOrdcM
hKoCVi17hENq6J5NKgwytsIgzG1Zb36L1PCuEbbuDLxk4x0qDY84IOyxH0kRFe6i
TkPL64fKaxoGLHmGJU3JdOrb14iB3ZfkqdlXrD5ePLs6t2mqIMsNTAHhtbpCCRDY
/UvZm7m0l9FjOwmYyg+JCxNhJq9SLMCbi8B7U2B1XRr0ugZNDQtQn9zBtPSHVI3Z
5OY3Zz9U6VJKXsyux/mMs0/64rxRHZTgwVYPl1CDZVBFzlfuSqpIQsLZ7ICWNloq
0SrmVvuNoUUm0JFXBjDPH1ilXHw9KmTdwNtGo0QDPWZ6WQrktw9Ff9TaldqLqPdf
0ZCSqslrVIhOhLVn5qU5zOvQjl9cfv1Rl4cg88jk9HjQw47IkxMRRCufnDPVTCiI
03pCSd9iX936rONcCqNbP67x7sS+aLMKTFUgnvDSPL8l2Gjc7hznDbxDub/CPemY
4u6qaCirkHPdFEYqwefRXsw0BkkHRpRLRsXz8ZYkYAbbcpF01rSt0PSvgTcDNZug
y5LshCZdHoPwsguG6/Tckfrczt2gtckkgeakTOgFpOzBZB1q+BlnFbEbdzMdpL7V
4Jk11EwhAkPgMkiB0/3i
=EHGd
-----END PGP SIGNATURE-----
[-- Attachment #2: Type: text/html, Size: 1755 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#22359: 24.5; EasyPG selects wrong key when revoked key is present
2016-01-12 23:22 bug#22359: 24.5; EasyPG selects wrong key when revoked key is present a.richiardi.work
@ 2020-12-03 9:54 ` Lars Ingebrigtsen
2020-12-07 23:26 ` Andrea Richiardi
0 siblings, 1 reply; 4+ messages in thread
From: Lars Ingebrigtsen @ 2020-12-03 9:54 UTC (permalink / raw)
To: a.richiardi.work; +Cc: 22359
"a.richiardi.work" <a.richiardi.work@gmail.com> writes:
> The package EasyPG does not filter revoked keys.
>
> I have two keys in my keyring with the same email address. One is
> revoked and one is not. I expect EasyPG not to even consider the revoked
> one. Instead, it tries to use it and errors with:
>
> Opening output file: Encrypt failed, Unusable public key: REVOKED-KEY-ID; Exit
(This bug report unfortunately got no response at the time.)
Do you have a recipe to reproduce this problem, starting from "emacs -Q"?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#22359: 24.5; EasyPG selects wrong key when revoked key is present
2020-12-03 9:54 ` Lars Ingebrigtsen
@ 2020-12-07 23:26 ` Andrea Richiardi
2020-12-09 12:17 ` Lars Ingebrigtsen
0 siblings, 1 reply; 4+ messages in thread
From: Andrea Richiardi @ 2020-12-07 23:26 UTC (permalink / raw)
To: Lars Ingebrigtsen, 22359
[-- Attachment #1: Type: text/plain, Size: 661 bytes --]
On Thu, Dec 3, 2020 at 1:55 AM Lars Ingebrigtsen <larsi@gnus.org> wrote:
> "a.richiardi.work" <a.richiardi.work@gmail.com> writes:
>
> Do you have a recipe to reproduce this problem, starting from "emacs -Q"?
>
Hi Lars thanks for answering but no sorry I have just got steps:
- Create GPG identity for address your@email.address
- Revoke it (for instance):
gpg -a --gen-revoke BF3B5AFCD4480E60 > BF3B5AFCD4480E60.rev
gpg --import BF3B5AFCD4480E60.rev
- Create another GPG identity for address your@email.address
- Encrypt a file to that email address ( -*- epa-file-encrypt-to: (
"your@email.address") -*-) and use extension .gpg
- Open that file in Emacs
[-- Attachment #2: Type: text/html, Size: 1459 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#22359: 24.5; EasyPG selects wrong key when revoked key is present
2020-12-07 23:26 ` Andrea Richiardi
@ 2020-12-09 12:17 ` Lars Ingebrigtsen
0 siblings, 0 replies; 4+ messages in thread
From: Lars Ingebrigtsen @ 2020-12-09 12:17 UTC (permalink / raw)
To: Andrea Richiardi; +Cc: 22359
[-- Attachment #1: Type: text/plain, Size: 639 bytes --]
Andrea Richiardi <a.richiardi.work@gmail.com> writes:
> - Create GPG identity for address your@email.address
> - Revoke it (for instance):
> gpg -a --gen-revoke BF3B5AFCD4480E60 > BF3B5AFCD4480E60.rev
> gpg --import BF3B5AFCD4480E60.rev
> - Create another GPG identity for address your@email.address
Thanks -- I've now done this (with test@gnus.org).
> - Encrypt a file to that email address ( -*- epa-file-encrypt-to:
> ("your@email.address") -*-) and use extension .gpg
> - Open that file in Emacs
OK, I made this file, test.el.gpg:
------
;; -*- epa-file-encrypt-to: ("test@gnus.org") -*-
(defun test ())
------
And saved it...
[-- Attachment #2: Type: image/png, Size: 27970 bytes --]
[-- Attachment #3: Type: text/plain, Size: 2424 bytes --]
And chose the unrevoked key... And then I killed the buffer and
reloaded it, and then upon saving I got the error you're seeing:
----
Debugger entered--Lisp error: (file-error "Opening output file" "Encrypt failed" "Unusable public key: 68122531AABEE4EF; Exit")
signal(file-error ("Opening output file" "Encrypt failed" "Unusable public
epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg"
apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
epa-file-handler(write-region nil nil "/tmp/test.el.gpg" nil t "/tmp/test.
write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
basic-save-buffer-2()
basic-save-buffer-1()
basic-save-buffer(t)
save-buffer(1)
funcall-interactively(save-buffer 1)
call-interactively(save-buffer nil nil)
command-execute(save-buffer)
recursive-edit()
epa--select-keys("Select recipients for encr..." (#s(epg-key :owner-trust
epa-select-keys(#s(epg-context :protocol OpenPGP :program "/usr/bin/gpg2"
epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg"
apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
basic-save-buffer-2()
basic-save-buffer-1()
basic-save-buffer(t)
save-buffer(1)
funcall-interactively(save-buffer 1)
call-interactively(save-buffer nil nil)
command-execute(save-buffer)
recursive-edit()
epa--select-keys("Select recipients for encr..." (#s(epg-key :owner-trust
epa-select-keys(#s(epg-context :protocol OpenPGP :program "/usr/bin/gpg2"
epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg"
apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
epa-file-handler(write-region nil nil "/tmp/test.el.gpg" nil t "/tmp/test.
write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
basic-save-buffer-2()
basic-save-buffer-1()
basic-save-buffer(nil)
save-buffer()
write-file("/tmp/test.el.gpg" t)
funcall-interactively(write-file "/tmp/test.el.gpg" t)
call-interactively(write-file nil nil)
command-execute(write-file)
----
Phew!
And it is indeed choosing the first (and revoked key).
And... filtering the revoked keys seems simple enough, so I've now done
this in Emacs 28.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-12-09 12:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-01-12 23:22 bug#22359: 24.5; EasyPG selects wrong key when revoked key is present a.richiardi.work
2020-12-03 9:54 ` Lars Ingebrigtsen
2020-12-07 23:26 ` Andrea Richiardi
2020-12-09 12:17 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).