Page MenuHome GnuPG
Create Task
Maniphest T4561

GPG / GPGSM: Pinentry cancels lead to wrong error codes
Closed, ResolvedPublic
Actions

Description

This makes it hard for implementors to properly handle / show why a decryption failed. Especially the "No data" one from GnuPG 2.2 is bad, but the "No seckey" is also extremely bad because it can lead to error dialogs where i print. "You do not have the secret key to decrypt this message, it is decrypted to the following keys: ....." and then it shows the users keys.

To avoid that In GpgOL I have this code:

if (result.error ().isCanceled () ||
    result.error ().code () == GPG_ERR_NO_SECKEY)
  {
     msg = _("Decryption canceled or timed out.");
  }

Which of course is also wrong.

To test I created an S/MIME and OpenPGP Message and used run-decrypt from GPGME on them.

With GnuPG 2.2.x:

gpg: No data.
gpgsm: No secret key.

With GnuPG 2.3:

gpg: No secret key.
gpgsm: No secret key.

Revisions and Commits

rG GnuPG
rG38b9da7de335 sm: Return the last error for pubkey decryption.
rG6cc4119ec03b gpg: Return the last error for pubkey decryption.

Related Objects

Event Timeline

aheinecke created this task.Jun 7 2019, 9:56 AM
gniibe added a commit: rG6cc4119ec03b: gpg: Return the last error for pubkey decryption..Jul 5 2019, 8:18 AM
gniibe added a commit: rG38b9da7de335: sm: Return the last error for pubkey decryption..Jul 5 2019, 8:53 AM
aheinecke merged a task: T3928: canceling password dialog for decrypting is not recognized correctling..Jul 5 2019, 9:33 AM
aheinecke mentioned this in T3928: canceling password dialog for decrypting is not recognized correctling..
aheinecke added a subscriber: hefee.
aheinecke closed this task as Resolved.Jul 5 2019, 9:44 AM

Works for me! :-)

Thank you very much.

I now get the results:

./run-decrypt --cms /tmp/test.p7m                
run-decrypt: decrypt failed: Operation cancelled
Original file name .: [none]
Wrong key usage ....: no
Legacy w/o MDC ... .: no
Compliance de-vs ...: no
MIME flag ..........: no
Unsupported algo ...: [none]
Session key ........: [none]
Symmetric algorithm : ?.?

And

 ./run-decrypt /tmp/test.gpg
run-decrypt: decrypt failed: Operation cancelled
Original file name .: [none]
Wrong key usage ....: no
Legacy w/o MDC ... .: no
Compliance de-vs ...: no
MIME flag ..........: no
Unsupported algo ...: [none]
Session key ........: [none]
Symmetric algorithm : ?.?
Recipient ...: 0
  status ....: No secret key
  keyid .....: E6850883703145C9
  algo ......: RSA
aheinecke mentioned this in T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.Jul 5 2019, 9:50 AM