From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id eKH1ItmgzmPt3gAAbAwnHQ (envelope-from ) for ; Mon, 23 Jan 2023 15:59:37 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id kPoqItmgzmM/dQAAG6o9tA (envelope-from ) for ; Mon, 23 Jan 2023 15:59:37 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id BD30B12888 for ; Mon, 23 Jan 2023 15:59:36 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pJyHd-0006Ah-Ip; Mon, 23 Jan 2023 09:58:53 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pJyHR-00069K-8I for emacs-orgmode@gnu.org; Mon, 23 Jan 2023 09:58:47 -0500 Received: from ciao.gmane.io ([116.202.254.214]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pJyHO-0004Hw-9r for emacs-orgmode@gnu.org; Mon, 23 Jan 2023 09:58:39 -0500 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1pJyHK-0000Uw-QT for emacs-orgmode@gnu.org; Mon, 23 Jan 2023 15:58:34 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: emacs-orgmode@gnu.org From: Karl Voit Subject: Re: org-crypt fails if default key is expired while non-default key is to be used Date: Mon, 23 Jan 2023 15:58:28 +0100 Organization: www.karl-voit.at Message-ID: <2023-01-23T15-55-10@devnull.Karl-Voit.at> References: <2023-01-22T18-32-17@devnull.Karl-Voit.at> <875ycx7dzx.fsf@localhost> User-Agent: slrn/1.0.3 (Linux) X-GPG-Key: http://www.Karl-Voit.at/Karl_Voit_GnuPG_public_key.gpg X-Registered-Linux-User: 224337 X-Confession: Pastafarian http://www.venganza.org/ Received-SPF: pass client-ip=116.202.254.214; envelope-from=geo-emacs-orgmode@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Karl Voit Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1674485977; a=rsa-sha256; cv=none; b=ru+j4xhiBx1U3EXkAwKOGsh6brLmayDWmv8pFCbHrN0DK9/UgnbZOcnZWbFJNCOTIfN/bi 8xsiLnKek/XCWc+Mg7LJs26ZUsEEvjXGM+DJCMcCCK+Qijcil0ESe5TwR4xNc5r2AIPlTu EQg1im+od3e9PkmvK46x9xw0iAIRDr+gJHywU/MfN1O0hwrHpEgyqpcIkI631RbOJoEGZ2 Oyb17liWa6grjo3bceV/NJwqFokNrtWEqB0j460wamjFg8JLvF9Chf6yULGttstJ6QEp/Y 2IBDFsid80mVsBYAD4dJOGIsylWXc4YpwR4wcgD59ts/vM4hAvkHnDvpljiv2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1674485977; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:references:references:list-id: list-help:list-unsubscribe:list-subscribe:list-post; bh=Z35rk5ehKaQmhpMd9ovhuovq7dicYEIFfN/yCKgIW70=; b=gVCEpIJ6H1suYTdoyeuST0+Ynb2m27ArQ0D1l2Z01A5pCgz/ig6nbL9Xc37ooOUcmsOZL3 alteuUJ6LimuvjEnyWMgnjXUsBhj3a/hRf2SijbWGiwtkuIf+r3lsYrh8v4HjCpxnr15/c xYP8Gim5l5duE0JyuYPjeHupxSnRg5TzvROCi27C/mlMKrL7n+qWLZ4QDZcf3mTTthnIRO Ig0l3ROCvzztirie1RzB5JrZR1psP6wZjtFz8kRnOZC5rAJe5U4gqdi3Wa134CAOgzFwsB qwR3xP4PtASHqBFaPj9g8geqU4yhU/LXzBuOOl6OYhW1n+oX3Y8hLLVENe/AkQ== X-Spam-Score: -2.88 X-Migadu-Queue-Id: BD30B12888 X-Migadu-Scanner: scn0.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=none X-Migadu-Spam-Score: -2.88 X-TUID: 0iKj1apZdgW2 Hi Ihor, * Ihor Radchenko wrote: > Karl Voit writes: > >> When I invoked org-decrypt-entry, decrypting works like always. Then >> I modified something in this heading which is tagged with :crypt:. >> On saving that buffer, org-crypt issues an error message: >> >> | Error: (error "GPG error: \"Encrypt failed\", \"Unusable public key: >> | A1234567; Exit\"") >> >> This A1234567 key is my default key and not the org-openpgp-key. >> >> org-encrypt-entry is causing this error at: >> >> | ;; Text and key have to be identical, otherwise we >> | ;; re-crypt. >> | (if (and (equal crypt-key key) >> | (string= checksum (sha1 contents))) >> | (get-text-property 0 'org-crypt-text contents) >> | (epg-encrypt-string epg-context contents crypt-key))) >> >> After fixing the expiry date of A1234567, org-crypt was working >> properly, using the correct org-openpgp-key again. >> >> I do think this is wrong behavior: when the default key is expired >> but a specific secondary key is used, encryption should be possible. > > All we do here is calling `epg-encrypt-string' with crypt key obtained > using `org-crypt-key-for-heading', which see. > > May I know how exactly did you set `org-crypt-key'? Do you happen to > have CRYPTKEY properties somewhere in your buffer? Sure. My config is on https://github.com/novoid/dot-emacs/blob/master/config.org and I've set it with: (setq org-crypt-key "ABC12345") ;; I may have to mask this online as well ;-) : grep -i CRYPTKEY * ... is empty when applied to my Org-mode files. The only thing to fix my situation was to re-import a non-expired version of my default OpenPGP sec key. -- get mail|git|SVN|photos|postings|SMS|phonecalls|RSS|CSV|XML into Org-mode: > get Memacs from https://github.com/novoid/Memacs < Personal Information Management > http://Karl-Voit.at/tags/pim/ Emacs-related > http://Karl-Voit.at/tags/emacs/