gpgme decryptverify indicating wrongly an error.
Open, NormalPublic

Description

Hey,

if I create a file simply via "gpg -d " and than afterwards parse this via DecryptVerify method I get:

log_gpgme_backend:
log_gpgme_backend: End no plainText. Error:  true

and the DecryptionResult/Verify Result:

GpgME::DecryptionResult(
 error:                GpgME::Error(117440570 (No data))
 fileName:             <null>
 unsupportedAlgorithm: <null>
 isWrongKeyUsage:      0
 recipients:
GpgME::DecryptionResult::Recipient(
 keyID:              0CCE435AA7CCDA3B
 shortKeyID:         A7CCDA3B
 publicKeyAlgorithm: RSA
 status:             GpgME::Error(0 (Success)))
)

GpgME::VerificationResult(
 error:      GpgME::Error(117440570 (No data))
 fileName:
 signatures:
)

Ican understand, that the VerificationResult returns with an error, because the data wasn't signed. But why DecryptionResult indication an error? Because the data could be encrypted successfully for 0CCE435AA7CCDA3B. And I get succesfully the decrypted data in the signal.

Details

Version
2.1.11
hefee created this task.Oct 27 2017, 2:16 PM
werner added a subscriber: werner.Oct 27 2017, 11:02 PM

"gpg -d" decrypts data why do you think you can decrypt or verify it again?

hefee added a comment.Oct 29 2017, 3:04 PM

Oh sorry i mixed my explanation. I create a normal encrypted file with gpg --encrypt and this file can be decrypted successfully with "gpg -d".
But if I give that encrypted file to gpgme i get the described error, instead of GpgME::Error(0 (Success))).

These are the testdata, you find in https://phabricator.kde.org/D8521 (keep in mind, that the gpgdata is base64 encoded), the keys to decrypt you find under messagecore/autotests/gnupg_home/ in the same repo.

I tried to reproduce this simply by creating an encrypted file with gpgme/test/run-encrypt and then running kleopatra on it "kleopatra /tmp/foo.gpg" kleopatra prints in debug output the decrypt / verify result from GpgMEpp. No error for me.

Also if I take one of the example mails and decrypt the content with Kleopatra it also shows no error and works fine.

Maybe GnuPG 2.1.11 breakage? This was a very broken version.

Can you please post an example msg + key here where you get the error?

hefee added a comment.Nov 17 2017, 6:12 PM

data.gpg is fine and data2.gpg shows this wired behaviour. The difference is at the end of file last two bytes : 0040 vs. 0a40.
Initally i took data.gpg to create the base64 encoded version for the message.

% GNUPGHOME=T3471/gnupg_home  gpg-agent --daemon gpg -d T3471/data.gpg
gpg: WARNING: unsafe permissions on homedir '/T3471/gnupg_home'
gpg: encrypted with 2048-bit RSA key, ID 0CCE435AA7CCDA3B, created 2009-11-13
      "unittest key (no password) <test@kolab.org>"
qwertzuiopü

% GNUPGHOME=T3471/gnupg_home  gpg-agent --daemon gpg -d T3471/data2.gpg
gpg: WARNING: unsafe permissions on homedir 'T3471/gnupg_home'
gpg: encrypted with 2048-bit RSA key, ID 0CCE435AA7CCDA3B, created 2009-11-13
      "unittest key (no password) <test@kolab.org>"
qwertzuiopü
gpg: [don't know]: invalid packet (ctb=0a)
werner triaged this task as Normal priority.Apr 17 2018, 10:43 AM
hefee added a comment.Apr 27 2018, 8:24 PM

@aheinecke maybe recheck with GNUPG 2.2.6 or 2.2.7.