From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Joerg Jaspert Newsgroups: gmane.emacs.bugs Subject: bug#49279: 26.1; mml-secure-secret-key-exists-p wrong assumption on subkeys with same fingerprint Date: Tue, 29 Jun 2021 22:29:41 +0200 Organization: Ganneff.de Message-ID: <87bl7omn2i.fsf@lennier.ganneff.de> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="23212"; mail-complaints-to="usenet@ciao.gmane.io" To: 49279@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Tue Jun 29 23:12:12 2021 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lyL1f-0005n8-T4 for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 29 Jun 2021 23:12:12 +0200 Original-Received: from localhost ([::1]:57346 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lyL1d-0008Im-V3 for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 29 Jun 2021 17:12:09 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:59310) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lyL1W-0008Hq-Rk for bug-gnu-emacs@gnu.org; Tue, 29 Jun 2021 17:12:03 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:44240) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lyL1W-0001Qo-Jw for bug-gnu-emacs@gnu.org; Tue, 29 Jun 2021 17:12:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lyL1W-0002Pa-Fq for bug-gnu-emacs@gnu.org; Tue, 29 Jun 2021 17:12:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Joerg Jaspert Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 29 Jun 2021 21:12:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 49279 X-GNU-PR-Package: emacs X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.16250010819210 (code B ref -1); Tue, 29 Jun 2021 21:12:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 29 Jun 2021 21:11:21 +0000 Original-Received: from localhost ([127.0.0.1]:55784 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lyL0q-0002OR-P5 for submit@debbugs.gnu.org; Tue, 29 Jun 2021 17:11:21 -0400 Original-Received: from lists.gnu.org ([209.51.188.17]:38260) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lyKMv-0001MO-Hr for submit@debbugs.gnu.org; Tue, 29 Jun 2021 16:30:06 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:46836) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lyKMv-0006z1-9X for bug-gnu-emacs@gnu.org; Tue, 29 Jun 2021 16:30:05 -0400 Original-Received: from mail.ganneff.de ([2a01:4f9:2b:ff49:143:993:25:465]:40205) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lyKMr-0005oS-Um for bug-gnu-emacs@gnu.org; Tue, 29 Jun 2021 16:30:04 -0400 Original-Received: from lennier.ganneff.de (android.vpn.ganneff.de [172.20.10.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-384) client-signature RSA-PSS (4096 bits)) (Client CN "lennier.ganneff.de", Issuer "Ganneff.de CA" (not verified)) by mail.ganneff.de (Postfix) with ESMTPS id 3FAB11953AA; Tue, 29 Jun 2021 20:29:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ganneff.de; s=2019_01; t=1624998588; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:content-id:content-description:organization:organization: user-agent:x-gpg-id:x-gpg-id:x-gpg-fp:x-gpg-fp; bh=64L9tLILAWJ2sffJaCKJlbDsOEG8kRuDM/CvrZ6b5z0=; b=CweSjG+UhoqoXDYA43f/JDIcBU80fqiBYzvACTH+/BmoWWaj33wufd02DjvWET0007kTgi T/0u0BxklVdSvXFMvP4KFxYBYICQzZC4OXEEgV0FRvp/khkTyaE3jtbPaSUaJNaGq9yntC FmOUsADdVL8BDnIFeMr9c9poqpENY1E= Original-Received: by lennier.ganneff.de (Postfix, from userid 1000) id 9557C601DF; Tue, 29 Jun 2021 22:29:47 +0200 (CEST) X-GPG-ID: 0xB12525C4 X-GPG-FP: FBFA BDB5 41B5 DC95 5BD9 BA6E DB16 CF5B B125 25C4 X-message-flag: Formating hard disk. please wait... 10%... 20%... Received-SPF: pass client-ip=2a01:4f9:2b:ff49:143:993:25:465; envelope-from=joerg@ganneff.de; helo=mail.ganneff.de X-Spam_score_int: -70 X-Spam_score: -7.1 X-Spam_bar: ------- X-Spam_report: (-7.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 29 Jun 2021 17:11:19 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:209124 Archived-At: --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Hi Task: Send signed mail from within emacs (notmuch) using message mode=20 and mml-sign. Problem: the function mml-secure-secret-key-exists-p breaks. It says it=20 found multiple secret keys with the same fingerprint, and refuses to=20 work. I *guess* the way gpg outputs things changed / got adopted. Likely when=20 they did away with secret keyrings. Now, setup: I have the following entries in my ~/.gnupg/gpg.conf: =2D-8<---------------cut here---------------start------------->8--- primary-keyring ~/.gnupg/pubring.gpg=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20 keyring /usr/share/keyrings/debian-keyring.gpg=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 =2D-8<---------------cut here---------------end--------------->8--- I have *ONE* secret key (with that fingerprint) in my gpg store. I have my public key in my pubring.gpg, and it *also* exists in the=20 debian-keyring.gpg. Now trying to send mail, mml dies, debugger output pasted below. I *suspect* it is from gpg changes to their output, but wherever it is=20 from, I also think the error call shouldn't be there inside mml. As soon as I comment the second *public* keyring, sending signed mail=20 works fine. Debugger entered--Lisp error: (error "Found 2 secret keys with same=20 fingerprint FBFABDB541B5DC955BD9BA6EDB16CF5BB12525C4") signal(error ("Found 2 secret keys with same fingerprint=20 FBFABDB541B5DC955BD9BA6EDB16CF5BB12525C4")) error("Found %d secret keys with same fingerprint %s" 2=20 "FBFABDB541B5DC955BD9BA6EDB16CF5BB12525C4") mml-secure-secret-key-exists-p(#s(epg-context :protocol OpenPGP=20 :program "/bin/gpg2" :home-directory nil :armor nil :textmode nil=20 :include-certs nil :cipher-algorithm nil :digest-algorithm nil=20 :compress-algorithm nil :passphrase-callback=20 (epg-passphrase-callback-function) :progress-callback nil=20 :edit-callback nil :signers nil :sig-notations nil :process nil=20 :output-file nil :result nil :operation nil :pinentry-mode nil=20 :error-output "" :error-buffer nil) #s(epg-sub-key :validity ultimate=20 :capability (sign certify) :secret-p nil :algorithm 1 :length 4096 :id=20 "DB16CF5BB12525C4" :creation-time (18951 . 16192) :expiration-time nil=20 :fingerprint "FBFABDB541B5DC955BD9BA6EDB16CF5BB12525C4")) mml-secure-check-sub-key(#s(epg-context :protocol OpenPGP :program=20 "/bin/gpg2" :home-directory nil :armor nil :textmode nil=20 :include-certs nil :cipher-algorithm nil :digest-algorithm nil=20 :compress-algorithm nil :passphrase-callback=20 (epg-passphrase-callback-function) :progress-callback nil=20 :edit-callback nil :signers nil :sig-notations nil :process nil=20 :output-file nil :result nil :operation nil :pinentry-mode nil=20 :error-output "" :error-buffer nil) #s(epg-key :owner-trust ultimate=20 :sub-key-list (#s(epg-sub-key :validity ultimate :capability (sign=20 certify) :secret-p nil :algorithm 1 :length 4096 :id=20 "DB16CF5BB12525C4" :creation-time (18951 . 16192) :expiration-time nil=20 :fingerprint "FBFABDB541B5DC955BD9BA6EDB16CF5BB12525C4")=20 #s(epg-sub-key :validity ultimate :capability (encrypt) :secret-p nil=20 :algorithm 1 :length 4096 :id "A258CB3FE075ECFF" :creation-time (18951=20 . 16333) :expiration-time nil :fingerprint=20 "684795DC5F511A7E647B0238A258CB3FE075ECFF") #s(epg-sub-key :validity=20 ultimate :capability (sign) :secret-p nil :algorithm 1 :length 4096=20 :id "C7B01D35AB0F24B9" :creation-time (20902 . 23882) :expiration-time=20 (26587 . 18565) :fingerprint=20 "9630CE701E2ADEC3200CE0EEC7B01D35AB0F24B9") #s(epg-sub-key :validity=20 ultimate :capability (encrypt) :secret-p nil :algorithm 1 :length 4096=20 :id "80816AE630EC8D38" :creation-time (20902 . 24081) :expiration-time=20 (26587 . 18565) :fingerprint=20 "56776C422F34E07911E9767980816AE630EC8D38") #s(epg-sub-key :validity=20 ultimate :capability (authentication) :secret-p nil :algorithm 1=20 :length 4096 :id "C58ADA645E749E7B" :creation-time (22845 . 13953)=20 :expiration-time (26587 . 18565) :fingerprint=20 "E052D610BA150904F4274EDEC58ADA645E749E7B") #s(epg-sub-key :validity=20 ultimate :capability (sign) :secret-p nil :algorithm 1 :length 4096=20 :id "F35578BF98805660" :creation-time (22845 . 13910) :expiration-time=20 (26587 . 18565) :fingerprint=20 "72DCBECE755A9FDD14838015F35578BF98805660") #s(epg-sub-key :validity=20 ultimate :capability (encrypt) :secret-p nil :algorithm 1 :length 4096=20 :id "12AFA0F1A51A254B" :creation-time (22845 . 13930) :expiration-time=20 (26587 . 18565) :fingerprint=20 "0FD59ABE3286179ED6103BBF12AFA0F1A51A254B") #s(epg-sub-key :validity=20 expired :capability (authentication) :secret-p nil :algorithm 1=20 :length 4096 :id "70E69D7B90479E6D" :creation-time (21978 . 52225)=20 :expiration-time (22723 . 43905) :fingerprint=20 "419DB01F85B3E1ED1207715270E69D7B90479E6D")) :user-id-list=20 (#s(epg-user-id :validity ultimate :string "Joerg Jaspert=20 " :signature-list nil) #s(epg-user-id :validity=20 ultimate :string "Joerg Jaspert " :signature-list=20 nil) #s(epg-user-id :validity ultimate :string "Joerg Jaspert=20 " :signature-list nil) #s(epg-user-id :validity=20 ultimate :string "Joerg Jaspert " :signature-list=20 nil))) sign nil) mml-secure-find-usable-keys(#s(epg-context :protocol OpenPGP :program=20 "/bin/gpg2" :home-directory nil :armor nil :textmode nil=20 :include-certs nil :cipher-algorithm nil :digest-algorithm nil=20 :compress-algorithm nil :passphrase-callback=20 (epg-passphrase-callback-function) :progress-callback nil=20 :edit-callback nil :signers nil :sig-notations nil :process nil=20 :output-file nil :result nil :operation nil :pinentry-mode nil=20 :error-output "" :error-buffer nil) "" sign) #f(compiled-function (name) #)("") mapcar(#f(compiled-function (name) #)=20 ("")) mml-secure-select-preferred-keys(#s(epg-context :protocol OpenPGP=20 :program "/bin/gpg2" :home-directory nil :armor nil :textmode nil=20 :include-certs nil :cipher-algorithm nil :digest-algorithm nil=20 :compress-algorithm nil :passphrase-callback=20 (epg-passphrase-callback-function) :progress-callback nil=20 :edit-callback nil :signers nil :sig-notations nil :process nil=20 :output-file nil :result nil :operation nil :pinentry-mode nil=20 :error-output "" :error-buffer nil) ("") sign) mml-secure-signers(#s(epg-context :protocol OpenPGP :program=20 "/bin/gpg2" :home-directory nil :armor nil :textmode nil=20 :include-certs nil :cipher-algorithm nil :digest-algorithm nil=20 :compress-algorithm nil :passphrase-callback=20 (epg-passphrase-callback-function) :progress-callback nil=20 :edit-callback nil :signers nil :sig-notations nil :process nil=20 :output-file nil :result nil :operation nil :pinentry-mode nil=20 :error-output "" :error-buffer nil) ("")) mml-secure-epg-sign(OpenPGP t) mml2015-epg-sign((part (sign . "pgpmime") (tag-location . 405)=20 (contents . #("test, sending signed mail\n-- \nbye, Joerg\n" 25 26=20 (hard t display "=E2=8F=8E\n") 29 30 (hard t display "=E2=8F=8E\n") 40 41= (hard t=20 display "=E2=8F=8E\n"))))) mml2015-sign((part (sign . "pgpmime") (tag-location . 405) (contents .=20 #("test, sending signed mail\n-- \nbye, Joerg\n" 25 26 (hard t display=20 "=E2=8F=8E\n") 29 30 (hard t display "=E2=8F=8E\n") 40 41 (hard t display= "=E2=8F=8E\n"))))) mml-pgpmime-sign-buffer((part (sign . "pgpmime") (tag-location . 405)=20 (contents . #("test, sending signed mail\n-- \nbye, Joerg\n" 25 26=20 (hard t display "=E2=8F=8E\n") 29 30 (hard t display "=E2=8F=8E\n") 40 41= (hard t=20 display "=E2=8F=8E\n"))))) mml-generate-mime-1((part (sign . "pgpmime") (tag-location . 405)=20 (contents . #("test, sending signed mail\n-- \nbye, Joerg\n" 25 26=20 (hard t display "=E2=8F=8E\n") 29 30 (hard t display "=E2=8F=8E\n") 40 41= (hard t=20 display "=E2=8F=8E\n"))))) mml-generate-mime() message-encode-message-body() message-send-mail(nil) message-send-via-mail(nil) message-send(nil) message-send-and-exit(nil) notmuch-mua-send-common(nil t) notmuch-mua-send-and-exit(nil) funcall-interactively(notmuch-mua-send-and-exit nil) call-interactively(notmuch-mua-send-and-exit nil nil) command-execute(notmuch-mua-send-and-exit) In GNU Emacs 26.1 (build 2, x86_64-pc-linux-gnu, GTK+ Version 3.24.5) of 2021-01-31, modified by Debian built on x86-csail-01 Windowing system distributor 'The X.Org Foundation', version=20 11.0.12004000 System Description: Debian GNU/Linux 10 (buster) =2D-=20 bye, Joerg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcty+znVan90Ug4AV81V4v5iAVmAFAmDbgrYACgkQ81V4v5iA VmCggxAAkhDrTkyXtg6XhXgD1J53NFcmTeAcNDzZS0RTFTk9bpSwoqxLpXEdzGEY 0K0NY+l/VldqqvlWfcvCJ31cLWUSgxUzFoBwWUPoITTqEJOtfgzmXZHgb/S6fmMP +bPJZTHUZX3+Ceca7LMcElsyEgkJcpFkuDsVVvwkTo0HfihU10qc7HMhLp30mkzJ R9GAZ09HVuoG/+YidkJqXnAGELbYFHhqhNhjH3YUpp0uzdmjsXUGQTv5gleKdH15 uOSXPAsS13gx3MHn6cLQrlhAi5saTD4Av/Rq5MWuA+o2acAKTZwbRPhUWqf2UN1v xNqgJwzn2AWnUtw3RptStyb0GFb4hctT9YeiSFxk3Ci6FdIEAs4ePx8tWX1TaPlT HzrTBOBnKgCGSnmLgE6lYk+CkfZED58DpRPeCX4m8tOViFoRMIVOAztCzRkyHxed Hq9hS3ZmYDbUnNJA6Gzp4IOIt78r5zSZzzkRa2XiKO+Mi4jkdZ6UA2RawiRYCD75 gwnsq8NdpFqkGJ8vn950fQIVLIDuPivRtDXd3K2p8hxCE2KgZ4/5Mj5ptByTa8Ad xCRNNNKlBfo6pkVzOPw/QJIsqO4x2fEVWzt9UeIIWo5v/wNawMF2sAXxiPBXaKqc 37N6Fh86VxezkH8tFQsWFnr0AWxVakv0jiwVE4dyJHxhlUB6qMc= =uybK -----END PGP SIGNATURE----- --=-=-=--