From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id aGtCIdI9UmS6XwAASxT56A (envelope-from ) for ; Wed, 03 May 2023 12:56:18 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id 6GI5IdI9UmQVWAAA9RJhRA (envelope-from ) for ; Wed, 03 May 2023 12:56:18 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1F9DD2DB2B for ; Wed, 3 May 2023 12:56:18 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1puA91-0003nh-P9; Wed, 03 May 2023 06:55:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1puA90-0003nZ-Sm for emacs-orgmode@gnu.org; Wed, 03 May 2023 06:55:34 -0400 Received: from [39.171.215.100] (helo=Mac-mini.local) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1puA8y-0005Pn-Lv for emacs-orgmode@gnu.org; Wed, 03 May 2023 06:55:34 -0400 Received: by Mac-mini.local (Postfix, from userid 501) id B47698AE9986; Wed, 3 May 2023 18:55:24 +0800 (CST) References: <87pm7lyvdd.fsf@localhost> <87jzxsqyme.fsf@localhost> <874jow8eaf.fsf@localhost> <871qk08bwi.fsf@localhost> <87jzxrdjyn.fsf@localhost> <87354esdhk.fsf@localhost> User-agent: mu4e 1.10.3; emacs 30.0.50 From: "Christopher M. Miles" To: Ihor Radchenko Cc: "Christopher M. Miles" , emacs-orgmode@gnu.org, Karl Voit Subject: Re: [EasyPG (epa)] Emacs can't save modified encrypted file Date: Wed, 03 May 2023 18:40:15 +0800 In-reply-to: <87354esdhk.fsf@localhost> Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Host-Lookup-Failed: Reverse DNS lookup failed for 39.171.215.100 (deferred) Received-SPF: softfail client-ip=39.171.215.100; envelope-from=numbchild@gmail.com; helo=Mac-mini.local X-Spam_score_int: 58 X-Spam_score: 5.8 X-Spam_bar: +++++ X-Spam_report: (5.8 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, MSGID_MULTIPLE_AT=1, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_PBL=3.335, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, SPOOFED_FREEMAIL_NO_RDNS=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: reject X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: numbchild@gmail.com Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1683111378; a=rsa-sha256; cv=none; b=eAIRkHzEmQdlPpBbJeBgeCzEIcz3KM5aGReTPZG5CpEgJ5UAL+HTM4AyMhjtCrYoky620i Z6TOzSi3L2/CdJtvZMq7UzGN6okQCCAlBkCZYcPt10h5zM4AsmsCTL+GFwqNVaAMGygssi xf5rOmhuqQB1lsh4Unfyp5Z9NDPdcWOebN0hHJBVDex6ltu+ZYe6N7OTGiqlF56rPQ3wR5 5FkcJVM8Yr2ip623z5JCszMsXf7LaQQbt3hL8ucQq0wIrG9YdnTNr6rJqa77KbfKol/NDy C6mYVwB9a3LFlN+gbxkT2lxOuMs+q9ZuI0LO0bgl6tRYSEZp6/I/cm8Pan6IaA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1683111378; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=fjc6BRM+fiJFzlX2ovKFQG1PZZwXoTbuN4vP50c5Y/w=; b=Um9e224dVd7ui6QADr13OhAWutVaLKNynLKyvh900GCKrU6uiJMpjd/TLYLwda1VY+1jQl VoVdM78Yf2B1Neh+xtNpfQGpcfFnSOQ5nfYM027JUldPPS+E6lxGtXsPOI56V7KlEN+MjQ zoyetIBMEQNzKW5xvUNwpdXYfBI52SlJ9aY9/JVsYGbJeigYW/R2L+3UZyK/Fs855pCkJV oFxWCc+uJpqsiD9f7WxdFOld5RLhobmGI0A04ttCRdFb6VyYg8sD42COn4Tf9Xm9N028pt Cw8aGZhb02kdY1j2oxoXBZE7vZgEpb0pnDmNa0rGYbUxqy5gi2uEpqY5EYdHFQ== X-Migadu-Spam-Score: -4.00 X-Spam-Score: -4.00 X-Migadu-Queue-Id: 1F9DD2DB2B X-Migadu-Scanner: scn0.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-TUID: EdNwqMj1xfSf --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Ihor Radchenko writes: > "Christopher M. Miles" writes: > >>> Do you have any issues decrypting and encrypting files from command >>> line? If no, what about from M-x shell? If yet no, what if you call gpg >>> via `start-process'? >>> >> >> - [X] test decrypt & encrypt in terminal with gpg command. -> works fine. >> >> - [X] test decrypt & encrypt in Emacs =3D[M-x shell]=3D with gpg command= . -> works fine. >> ... >> - [X] test decrypt & encrypt in Emacs with ~start-process~ -> works fine > > Ok. The further step we can try is following what epg does. > I am now looking into `epg--start' source code and I note > `epg-debug' variable, which might provide some more info to think about. > Also, note the `make-process' call in `epg--start' - you may try to run > it manually, similar to `start-process' and check if it fails. (For me, > :connection-type 'pipe part is a bit fishy - I recall there were some > quirks related to it; > https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D44824 ... but it was the > opposite to having 'pipe AFAIR). Ok, I followed your suggestions, did following steps. =2D [X] toggle option ~epg-debug~ #+begin_src emacs-lisp (setq epg-debug t) #+end_src #+begin_example :file "*epg-debug*" GPG_AGENT_INFO is not set /opt/homebrew/bin/gpg --no-tty --status-fd 1 --yes --enable-progress-filt= er --command-fd 0 --output /var/folders/ym/f3v5_yk1279g5ls70x3hzblh0000gn/T= /epg-outputMMP3Zp --pinentry-mode loopback --decrypt -- /Users/stardiviner/= .config/emacs/secrets/authinfo.gpg [GNUPG:] PROGRESS /Users/stardiviner/. ? 0 1204 B [GNUPG:] ENC_TO AEDA8A17BB08B786 1 0 [GNUPG:] ENC_TO 0251FA6886EB6B77 1 0 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 [GNUPG:] KEY_CONSIDERED 9BAA92BCCDDDB9EF3B36CB99B8C4B8E547C32433 0 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 [GNUPG:] DECRYPTION_KEY 32A8581A6E137ABD26DA2F570251FA6886EB6B77 F09F650D= 7D674819892591401B5DF1C95AE89AC3 u [GNUPG:] NO_SECKEY AEDA8A17BB08B786 [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_INFO 2 7 0 [GNUPG:] PROGRESS /Users/stardiviner/. ? 1204 1204 B [GNUPG:] PLAINTEXT 62 1682998161=20 [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION GPG_AGENT_INFO is not set /opt/homebrew/bin/gpg --no-tty --status-fd 1 --yes --enable-progress-filt= er --command-fd 0 --output /var/folders/ym/f3v5_yk1279g5ls70x3hzblh0000gn/T= /epg-outputE3zoeh --pinentry-mode loopback --encrypt -r 1B5DF1C95AE89AC3 -r= B8C4B8E547C32433 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 [GNUPG:] KEY_CONSIDERED 9BAA92BCCDDDB9EF3B36CB99B8C4B8E547C32433 0 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 GPG_AGENT_INFO is not set /opt/homebrew/bin/gpg --no-tty --status-fd 1 --yes --enable-progress-filt= er --command-fd 0 --output /var/folders/ym/f3v5_yk1279g5ls70x3hzblh0000gn/T= /epg-outputxPZRrb --pinentry-mode loopback --encrypt -r 1B5DF1C95AE89AC3 -r= B8C4B8E547C32433 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 [GNUPG:] KEY_CONSIDERED 9BAA92BCCDDDB9EF3B36CB99B8C4B8E547C32433 0 [GNUPG:] KEY_CONSIDERED F09F650D7D674819892591401B5DF1C95AE89AC3 0 #+end_example =2D [X] test the debug output buffer printed full command in terminal. (rem= ove =3D--output=3D option to see the output) #+begin_src sh :eval no gpg --no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 = --pinentry-mode loopback --decrypt -- /Users/stardiviner/.config/emacs/secr= ets/authinfo.gpg # after input password, it decrypted success #+end_src =20=20=20=20 The encrypt command seems missing input file. #+begin_src sh :eval no gpg --no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 = --pinentry-mode loopback --encrypt -r 1B5DF1C95AE89AC3 -r B8C4B8E547C32433 #+end_src =2D [X] I look into ~epg--start~ source code. note the ~make-process~ call = in ~epg--start~ - you may try to run it manually, similar to ~start-process~ and check if it fails. (For m= e, ~:connection-type 'pipe~ part is a bit fishy.) #+begin_src emacs-lisp :eval no ;;; `epg-start-encrypt' -> `epg--start' (let ((context #s(epg-context :protocol OpenPGP :program "/opt/homebrew/bin/gpg" = :home-directory nil :armor nil :textmode nil :include-certs nil :cipher-alg= orithm nil :digest-algorithm nil :compress-algorithm nil :passphrase-callba= ck (epa-file-passphrase-callback-function . "/Users/stardiviner/.config/ema= cs/secrets/authinfo.gpg") :progress-callback (epa-progress-callback-functio= n . "Encrypting /Users/stardiviner/.config/emacs/secrets/authinfo.gpg") :ed= it-callback nil :signers nil :sender nil :sig-notations nil :process nil :o= utput-file "/var/folders/ym/f3v5_yk1279g5ls70x3hzblh0000gn/T/epg-outputsyLC= Lb" :result nil :operation encrypt :pinentry-mode loopback :error-output ""= :error-buffer nil)) (args '("--encrypt" #1=3D"-r" "1B5DF1C95AE89AC3" #1# "B8C4B8E547C32= 433")) (error-process (make-pipe-process :name "epg-error" :buffer (generate-new-buffer " *e= pg-error*") ;; Suppress "XXX finished" line. :sentinel #'ignore :noquery t))) (make-process :name "epg" :buffer (generate-new-buffer " *epg*") :command (cons (epg-context-program context) args) :connection-type 'pipe :coding 'raw-text :filter #'epg--process-filter :stderr error-process :noquery t)) #+end_src =2D [X] record screen record for edebug process (430M), then compress big r= ecorded video (~170M). I uploaded to here: https://file.io/5fvOAbW5DPi6 =2D-=20 [ stardiviner ] I try to make every word tell the meaning that I want to express without mi= sunderstanding. Blog: https://stardiviner.github.io/ IRC(libera.chat, freenode): stardiviner, Matrix: stardiviner GPG: F09F650D7D674819892591401B5DF1C95AE89AC3 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE8J9lDX1nSBmJJZFAG13xyVromsMFAmRSPZwACgkQG13xyVro msNBdQf/WeYplnadDCfk80h+3mprsBCD1r/38f5iR4mhm+nO6vTGmYI3nL9EPiun t0QXeQ74PrkiSImeZfN+FwMXpLJQ/8R92tB7HqPiIolPW6qRMsOObZiTKnBt7NZJ H1bJh6R6vBmDhsUSutrLFTA3tphBsEDcH/lQJU3eiStG0tKbag3p5wwSEPJ+c1lf nU40PXQxw0YHUWQ+hM4I0kiZLzaRLrFSJ0CjxHpQV6o36+3djwiphXrle0/UUImH tmbfpwOX/g91xCDcmMRxI86p2POCdWWX1HyswBI9xW+XE0+zyDsaGmD8qtmaoIQZ 9Es2t0gXtYjEVPCE1Fm+RVgW38+6QA== =g63s -----END PGP SIGNATURE----- --=-=-=--