[pkg-gnupg-maint] Bug#850708: Bug#850708: gpg: decryption failed: No secret key
Vincent Lefevre
vincent at vinc17.net
Tue Jan 10 03:08:09 UTC 2017
On 2017-01-09 18:00:14 -0500, Daniel Kahn Gillmor wrote:
> On Mon 2017-01-09 10:02:20 -0500, Vincent Lefevre wrote:
> > Since the latest upgrade:
> >
> > * When I open a .gpg file with Emacs:
> >
> > * With "gpg -d note.gpg", same errors:
> >
> > gpg: AES encrypted data
> > gpg: cancelled by user
> > gpg: encrypted with 1 passphrase
> > gpg: decryption failed: No secret key
> >
> > The errors are immediate and 100% reproducible.
>
> is this with a symmetrically-encrypted file, or with a file that is
> encrypted with a public key?
note.gpg: GPG symmetrically encrypted data (AES cipher)
> I'm unable to reproduce this problem.
>
> what pinentry are you using?
pinentry-gtk-2
No problems with pinentry-curses.
> how is your pinentry launched or managed?
I don't know. I suppose that's gpg-agent that starts it.
> what happens if you do:
>
> gpg-connect-agent 'get_passphrase cacheval123 errorrmsg leadprompt description' /bye
>
> this *should* throw up a password prompt in your graphical display.
Most of the time:
zira:~> gpg-connect-agent 'get_passphrase cacheval123 errorrmsg leadprompt description' /bye
ERR 83886179 Operation cancelled <Pinentry>
Sometimes a pinentry window appears.
> you can clear the same cached passphrase with:
>
> gpg-connect-agent 'clear_passphrase cacheval123' /bye
If I do that first, I get the same error.
Same problem if I use a wrapper:
#!/bin/sh
exec /usr/bin/pinentry-gtk-2 "$@"
but if I use strace:
#!/bin/sh
exec strace -f -tt -o /home/vinc17/str.out /usr/bin/pinentry-gtk-2 "$@"
I can't reproduce the problem. :(
If I use
#!/bin/sh
exec /usr/bin/pinentry-gtk-2 "$@" 2> /tmp/stderr
I get in /tmp/stderr:
** (pinentry-gtk-2:2711): WARNING **: it took 16 tries to grab the keyboard
** (pinentry-gtk-2:2711): CRITICAL **: could not grab pointer: already grabbed (1)
Perhaps the problem. Couldn't gpg-agent capture pinentry's standard
error to give it back to the user in case of error?
If I add strace to make it work, then /tmp/stderr is empty.
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the pkg-gnupg-maint
mailing list