I am pretty confused about a problem with gpg and gpgme. I am working on
an encryption program and for this I wrote some test sequences which now
give me a hard time. Every 1000 runs or so, the following steps produce
a weird error which even gpg itself messes up. :-/
I am on Debian unstable and use GPG 1.4.1 and gpgme 1.0.2.
My test runs these steps:
- Create some random XML data file
- gzip this file (as my application does using zlib) $ gzip -9 FILE_A
- encode it with a testkey $ echo "1234567890" | GNUPGHOME=./tests GPG_AGENT_INFO= gpg --no-tty --recipient="TESTKEY" --passphrase-fd 0 --armour --sign --encrypt --output="FILE_B" "FILE_A"
- run my application and see if it can decrypt the file and write the same data again
- compare the gpg file with my own file
The problem now is, that even gpg can't decrypt it's own file FILE_B. I tried this with several keys and it happens with all of my keys. :-(
I get these two errors:
- gpg reports: gpg: [don't know]: invalid packet (ctb=14)
- gpgme reports: Unexpected signature summary: 0x800
The problem has nothing to do with my application itself - the bug can be easily reproduced with the plain data files and gpg. The bug only occures when I encrypt AND sign the message. Just signing OR encrypting does not create this problem.
The weird thing is, that it seems to depend on the data which I create pretty randomly with a little perl script.
PS: Some of these buggy files are in the attached tar.gz file. PPS: I reported this bug already on the gpg-dev mailinglist but it's obviously not a GPGME bug but a GPG bug.
How To Repeat
I can create any number of files producing this bug and I could also provide the perl script which I use to create my test data.