Page MenuHome GnuPG
Create Task
Maniphest T3983

GPGME: Improve handling of MDC errors (wrong error code)
Closed, ResolvedPublic
Actions

Description

To reproduce encrypt a file with --disable-mdc and then decrypt it with GPGME's run-decrypt test.

For files that are encrypted only to your own (sec key available) key it will return: Decryption Failed.

For files that are also encrypted to someone elses key it will return: No seckey

Especially the NO_SECKEY is a bug and confusing. With the current prominence of MDC I would give this high priority.

Related: T3714

> gpg --decrypt /tmp/test.txt.gpg > /dev/null ||  ./run-decrypt --status --verbose /tmp/test.txt.gpg
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: encrypted with 3072-bit RSA key, ID 8CC999BDAA45C71F, created 2015-12-08
      "Andre Heinecke <aheinecke@intevation.de>"
gpg: WARNING: message was not integrity protected
status_cb: ENC_TO 8CC999BDAA45C71F 1 0
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: DECRYPTION_KEY E18955A9626007093BDC2ED28CC999BDAA45C71F 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 u
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: BEGIN_DECRYPTION 
status_cb: DECRYPTION_COMPLIANCE_MODE 23
status_cb: DECRYPTION_INFO 0 9
status_cb: PLAINTEXT 62 1526381790 test.txt
status_cb: PLAINTEXT_LENGTH 2735904
status_cb: DECRYPTION_FAILED 
status_cb: END_DECRYPTION 
status_cb:  
run-decrypt: decrypt failed: Decryption failed
> gpg --disable-mdc -r test2@testkolab.intevation.de -o /tmp/test2.txt.gpg -e /tmp/test.txt
> gpg --decrypt /tmp/test2.txt.gpg > /dev/null ||  ./run-decrypt --status --verbose /tmp/test2.txt.gpg
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: encrypted with 2048-bit RSA key, ID F973DE938392D6A4, created 2017-01-12
      "Testuser 2 <test2@testkolab.intevation.de>"
gpg: encrypted with 3072-bit RSA key, ID 8CC999BDAA45C71F, created 2015-12-08
      "Andre Heinecke <aheinecke@intevation.de>"
gpg: WARNING: message was not integrity protected
status_cb: ENC_TO F973DE938392D6A4 1 0
status_cb: ENC_TO 8CC999BDAA45C71F 1 0
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: DECRYPTION_KEY E18955A9626007093BDC2ED28CC999BDAA45C71F 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 u
status_cb: KEY_CONSIDERED 7CF58740B82E0CCEE43BD6AA30D84817E01C25A1 0
status_cb: NO_SECKEY F973DE938392D6A4
status_cb: KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1 0
status_cb: BEGIN_DECRYPTION 
status_cb: DECRYPTION_COMPLIANCE_MODE 23
status_cb: DECRYPTION_INFO 0 9
status_cb: PLAINTEXT 62 1526382267 test.txt
status_cb: PLAINTEXT_LENGTH 2735904
status_cb: DECRYPTION_FAILED 
status_cb: END_DECRYPTION 
status_cb:  
run-decrypt: decrypt failed: No secret key

Details

Version
master

Revisions and Commits

rM GPGME
rM2c4c5692472f core: Return a better error code on certain decryption failures.

Related Objects

Event Timeline

aheinecke created this task.May 15 2018, 1:06 PM
werner renamed this task from GPGME: Improve handling of MDC errors to GPGME: Improve handling of MDC errors (wrong error code).May 31 2018, 1:27 PM
werner added a commit: rM2c4c5692472f: core: Return a better error code on certain decryption failures..Jun 6 2018, 4:29 PM
werner closed this task as Resolved.Jun 6 2018, 4:33 PM
werner claimed this task.

With recent versions of gpg you will now get Bad Data etc. This is implemented by giving an ERROR status line a higher precedence than the NO_SECKEY status.