Daniel Dehennin writes: > wahjava.ml@gmail.com (Ashish SHUKLA) writes: >> Daiki Ueno writes: >>> wahjava.ml@gmail.com (Ashish SHUKLA) writes: >> >>>> #v+ >>>> /usr/local/bin/gpg2 --no-tty --status-fd 1 --yes --use-agent --command-fd 0 --armor --textmode --output /tmp/epg-output62957uOj --detach-sign -u 1F2F8410762E5E74 >>>> Warning: using insecure memory! >>>> gpg: skipped "1F2F8410762E5E74": Unusable secret key >>>> [GNUPG:] INV_SGNR 9 1F2F8410762E5E74 >>>> gpg: signing failed: Unusable secret key >>>> #v- >>>> >>>> The above mentioned key id belongs to my GPG key which I revoked, but it's >>>> still present in my system to decrypt old content encrypted with it. >> >>> It looks strange that mml2015 passes the expired key to gpg, since >>> `mml2015-epg-sign' is expected to reject such a key through >>> `mml2015-epg-find-usable-key'. >> >>> Do you see 1F2F8410762E5E74 key with: >> >>> (mml2015-epg-find-usable-key >>> (epg-list-keys (epg-make-context 'OpenPGP) "1F2F8410762E5E74" t) >>> 'sign) >> >> Yes, I see that key. And, please note that it's not expired, it's revoked. > Hello, > mml2015-epg-find-usable-key should remove revoked keys. > Can you test the following for me? > #v+ > (defun test-mml2015-epg-find-usable-key (signers) > (let* ((context (epg-make-context)) > (keys (epg-list-keys context signers)) > (validities nil)) > (while keys > (let ((pointer (epg-key-sub-key-list (car keys)))) > (while pointer > (setq validities (cons > (cons (epg-sub-key-id (car pointer)) (symbol-name (epg-sub-key-validity (car pointer)))) > validities)) > (setq pointer (cdr pointer)))) > (setq keys (cdr keys))) > validities)) > (test-mml2015-epg-find-usable-key '("1F2F8410762E5E74")) > #v- This is what I get: (("F80D89FB7B05E99F" . "revoked") ("1F2F8410762E5E74" . "revoked")) HTH -- Ashish SHUKLA “It's good to be wrong. Don't feel shamed. Wear past mistakes as a badge of honor because growth is everything. To stop learning is to decay.” ("apokalyptik", "in a conversation to abbe", 2010)