GPG / GPGSM: Pinentry cancels lead to wrong error codes
Open, NormalPublic


This makes it hard for implementors to properly handle / show why a decryption failed. Especially the "No data" one from GnuPG 2.2 is bad, but the "No seckey" is also extremely bad because it can lead to error dialogs where i print. "You do not have the secret key to decrypt this message, it is decrypted to the following keys: ....." and then it shows the users keys.

To avoid that In GpgOL I have this code:

if (result.error ().isCanceled () ||
    result.error ().code () == GPG_ERR_NO_SECKEY)
     msg = _("Decryption canceled or timed out.");

Which of course is also wrong.

To test I created an S/MIME and OpenPGP Message and used run-decrypt from GPGME on them.

With GnuPG 2.2.x:

gpg: No data.
gpgsm: No secret key.

With GnuPG 2.3:

gpg: No secret key.
gpgsm: No secret key.

aheinecke created this task.Fri, Jun 7, 9:56 AM