gpgv error messages are confusing
Open, NormalPublic

Description

Here's the typical output of a run of "gpgv" over a signature that i made myself:

gpgv: unknown type of key resource 'trustedkeys.kbx'
gpgv: keyblock resource '/home/dkg/.gnupg/trustedkeys.kbx': General error
gpgv: Signature made Tue 24 Jan 2017 06:13:54 PM EST
gpgv: using RSA key 38276051EA477FA3E49539321498ADC6C1923237
gpgv: Can't check signature: No public key

I've got nothing in trustedkeys.kbx:

0 dkg@alice:~$ ls -la ~/.gnupg/trustedkeys.kbx
ls: cannot access '/home/dkg/.gnupg/trustedkeys.kbx': No such file or directory
2 dkg@alice:~$

So i think the first two files are actually trying to tell me "I have no list of
trusted keys; if you wanted me to use the default, you should place them in
trustedkeys.kbx" but it seems unlikely any normal human would understand that
idea from the messages provided.

Also, "no public key" seems like a strange message. that's my key! (of course,
i know that gpgv isn't looking in my pubring.kbx, but again to non-expert users
that seems like a confusing message).

Please see https://bugs.debian.org/852019 for examples of this confusion.

It would be good to have clearer error messages from gpgv, especially in this
common case where gpgv has no access to a trusted, curated keyring at all.

Details

Version
2.1.18
dkg set Version to 2.1.18.Jan 25 2017, 12:19 AM
dkg added projects: gpgv, gnupg, Bug Report.
dkg added a subscriber: dkg.
werner added a subscriber: werner.Jan 25 2017, 9:13 AM

I agree on the first part. This needs to be fixed.

I do not understand wht you think "no public key" is the wrong message. We have
always used this message if the public key is not available for verification.
Do you think the text should be changed to "public key not found" ? That would
be a simple change in libgpg-error.

Libgpg-error has a GPG_ERR_MISSING_KEY but that code indicates wrong usage of
functions or bad data structures.

dkg added a comment.Feb 4 2017, 8:01 AM

the reason "no public key" is confusing is because gpgv already knows that there
can be no public key. So the message that the naive user needs to see in this
case is "no keyring available".

If there is at least one keyring available, then saying something like "no
public key found in keyrings X and Y and Z" is reasonable. but if there are no
keyrings at all, the message should just be something like "no keyring found to
validate signature against".

I understand, So this is another special case like the one when a keyring has
permissions which don't allow it to be read.