Page MenuHome GnuPG
Create Task
Maniphest T1650

INV_RECP omits the reason for failing when encrypting to expired/revoked keys
Closed, ResolvedPublic
Actions

Description

Contrary to what one might expect reading doc/DETAILS [0], encrypting to an
expired or revoked key does not specify the reason for failing, always
defaulting to "0": "No specific reason given".

Tested on Debian sid with version 1.4.16 and 2.0.22.

Steps to reproduce:

  1. Create/find an expired or revoked key
  2. Encrypt to it: $ echo spam|gpg --status-fd 2 -aer $KEYID
  3. Read the output: gpg: $KEYID: skipped: Unusable public key [GNUPG:] INV_RECP 0 $KEYID gpg: [stdin]: encryption failed: Unusable public key

The output for the normal user ("Unusable public key")
is not very helpful, either.

[0]
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS:

The reasons codes currently in use are:
[...]
   -  0 :: No specific reason given
[...]
   -  4 :: Key revoked
   -  5 :: Key expired
[...]

Details

Version
1.4.16

Event Timeline

florianfieber added projects: gnupg, Bug Report.Jun 7 2014, 10:14 PM
florianfieber set Version to 1.4.16.
florianfieber added a subscriber: florianfieber.
werner added a subscriber: werner.Jun 10 2014, 3:00 PM

The reason codes have been introduced for gpgms and when adding them to gpg it
was not easy to get the required information (think subkeys and primary keys).

As a first take on this I just pushed some fixes to master and introduced two
new reason codes. At least this one should be easy to backport to 2.0.

werner added a project: In Progress.Jun 10 2014, 3:00 PM
werner added a comment.Jun 23 2014, 9:28 AM

Backported parts of the change to 1.4.

werner closed this task as Resolved.Jun 24 2014, 10:11 AM
werner claimed this task.
werner removed a project: In Progress.

Backported to 2.0