[pkg-gnupg-maint] Bug#638619: Misleading "gpg: Ohhhh jeeee: no decrypt() for 17" message from gpg when trying to decrypt a file without the public key being imported

NIIBE Yutaka gniibe at fsij.org
Fri May 8 05:58:42 UTC 2015 

Hello,

This is reply to old bug report to GnuPG 1.4.  Sorry, it took so long
time to looking into detail.

I tried to reproduce the bug with recent implementations (GnuPG 1.4,
2.0, and 2.1), but I couldn't.  Since importing secret key
automatically creates corresponding public key, something strange had
happened, I think.  I also tried with old secret keyring and no public
key.  In this case, it simply failed like:

	gpg: key 39E94F90: secret key without public key - skipped
	gpg: encrypted with ELG-E key, ID 9541DC07
	gpg: decryption failed: secret key not available

The message "Ohhh jeeee" itself means some severe bug of GnuPG (and it
is not primarily to users), which should not occur.

Now, I'm going to implement better handling of this kind of error for
GnuPG 2.1; if something going badly, it should be detected earlier to
emit better message to user.  I mean, the point of this bug report is
taken.

Please let us know reproducible scenario if it still exists in current
gpg 1.4.  If it is not reproducible, I wonder if we can close this bug?

On Sat, 20 Aug 2011 11:21:01 +0200 Xavier Roche <roche at httrack.com> wrote:
> Package: gpgv
> Version: 1.4.10-4
> Severity: minor
> 
> Note: this is a minor problem, but which can greatly increase your blood pressure when reinstalling backuped files during a crash recovery :)
> 
> Attempting to decypher a gpg encrypted file with the private key imported (gpg --import < my_private_key) but without the public key actually imported leads to a misleading gpg error message suggesting that the encrypted file is somehow invalid because it was encrypted using an unsuitable (signing) algorithm:
> gpg: Ohhhh jeeee: no decrypt() for 17
> 
> Importing the public key solves this minor issue.
> 
> Maybe a message such as:
> gpg: Ohhhh jeeee: no decrypt() for 17: did you forget to import the public key ?
> 
> Would be better.
[...]
> Versions of packages gpgv suggests:
> ii  gnupg                         1.4.10-4   GNU privacy guard - a free PGP rep
--

More information about the pkg-gnupg-maint mailing list