wahjava.ml@gmail.com (Ashish SHUKLA) writes:

> Daiki Ueno writes:
>> wahjava.ml@gmail.com (Ashish SHUKLA) writes:
>
>>> #v+
>>> /usr/local/bin/gpg2 --no-tty --status-fd 1 --yes --use-agent --command-fd 0 --armor --textmode --output /tmp/epg-output62957uOj --detach-sign -u 1F2F8410762E5E74
>>> Warning: using insecure memory!
>>> gpg: skipped "1F2F8410762E5E74": Unusable secret key
>>> [GNUPG:] INV_SGNR 9 1F2F8410762E5E74
>>> gpg: signing failed: Unusable secret key
>>> #v-
>>> 
>>> The above mentioned key id belongs to my GPG key which I revoked, but it's
>>> still present in my system to decrypt old content encrypted with it.
>
>> It looks strange that mml2015 passes the expired key to gpg, since
>> `mml2015-epg-sign' is expected to reject such a key through
>> `mml2015-epg-find-usable-key'.
>
>> Do you see 1F2F8410762E5E74 key with:
>
>> (mml2015-epg-find-usable-key
>>  (epg-list-keys (epg-make-context 'OpenPGP) "1F2F8410762E5E74" t)
>>  'sign)
>
> Yes, I see that key. And, please note that it's not expired, it's revoked.

Hello,

mml2015-epg-find-usable-key should remove revoked keys.

Can you test the following for me?

#v+
(defun test-mml2015-epg-find-usable-key (signers)
  (let* ((context (epg-make-context))
	 (keys (epg-list-keys context signers))
	 (validities nil))
    (while keys
      (let ((pointer (epg-key-sub-key-list (car keys))))
	(while pointer
	  (setq validities (cons 
			    (cons (epg-sub-key-id (car pointer)) (symbol-name (epg-sub-key-validity (car pointer))))
			    validities))
	  (setq pointer (cdr pointer))))
      (setq keys (cdr keys)))
    validities))

(test-mml2015-epg-find-usable-key '("1F2F8410762E5E74"))
#v-

Thanks.
-- 
Daniel Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x6A2540D1