[pkg-gnupg-maint] Bug#878812: Bug#878812: hits bug_at when encrypting to 1A6F3E639A4467E8C3476525DF6D76C44D696F6B

NIIBE Yutaka gniibe at fsij.org
Tue Oct 17 07:51:34 UTC 2017 

Thanks Guido for the log.

Now, I managed to replicate the problem.

I created /tmp/0xDF6D76C44D696F6B from debian-keyring.  The key is expired.

And then, I get the key from keyserver.

Now, we have two keyrings.  In this situation, it hits bug_at.

==========================
$ /usr/bin/gpg --no-default-keyring --keyring /tmp/k.gpg --recv-key 1A6F3E639A4467E8C3476525DF6D76C44D696F6B
gpg: keybox '/tmp/k.gpg' created
key DF6D76C44D696F6B:
39 signatures not checked due to missing keys
gpg: key DF6D76C44D696F6B: public key "Sven Bartscher <sven.bartscher at weltraumschlangen.de>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1
$ /usr/bin/gpg --no-default-keyring --keyring /tmp/k.gpg --list-key
/tmp/k.gpg
----------
pub   rsa4096 2014-08-15 [SC] [expires: 2018-06-08]
      1A6F3E639A4467E8C3476525DF6D76C44D696F6B
uid           [ unknown] Sven Bartscher <sven.bartscher at weltraumschlangen.de>
uid           [ unknown] Sven Bartscher <kritzefitz at gmail.com>
uid           [ unknown] Sven Bartscher <kritzefitz at debian.org>
uid           [ unknown] Sven Bartscher <sven.bartscher at credativ.de>
sub   rsa4096 2014-08-15 [E]
sub   rsa4096 2016-06-14 [S]

$ /usr/bin/gpg --no-default-keyring --keyring /tmp/0xDF6D76C44D696F6B --keyring /tmp/k.gpg --list-key
/tmp/0xDF6D76C44D696F6B
-----------------------
pub   rsa4096 2014-08-15 [SC] [expired: 2017-06-03]
      1A6F3E639A4467E8C3476525DF6D76C44D696F6B
uid           [ expired] Sven Bartscher <sven.bartscher at weltraumschlangen.de>
uid           [ expired] Sven Bartscher <svenbartscher at yahoo.de>
uid           [ expired] Sven Bartscher <kritzefitz at debian.org>

/tmp/k.gpg
----------
pub   rsa4096 2014-08-15 [SC] [expires: 2018-06-08]
      1A6F3E639A4467E8C3476525DF6D76C44D696F6B
uid           [ unknown] Sven Bartscher <sven.bartscher at weltraumschlangen.de>
uid           [ unknown] Sven Bartscher <kritzefitz at gmail.com>
uid           [ unknown] Sven Bartscher <kritzefitz at debian.org>
uid           [ unknown] Sven Bartscher <sven.bartscher at credativ.de>
sub   rsa4096 2014-08-15 [E]
sub   rsa4096 2016-06-14 [S]

$ /usr/bin/gpg --no-default-keyring --keyring /tmp/0xDF6D76C44D696F6B --keyring /tmp/k.gpg --debug=8192 --encrypt --armor --always-trust -r 1A6F3E639A4467E8C3476525DF6D76C44D696F6B
gpg: enabled debug flags: lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR20: '1A6F 3E63 9A44 67E8 C347  6525 DF6D 76C4 4D69 6F6B'
gpg: DBG: keydb_search: searching keyring (resource 0 of 2)
gpg: DBG: keyring_search: need_uid = 0; need_words = 0; need_keyid = 0; need_fpr = 1; any_skip = 0
gpg: DBG: keyring_search: initializing offset table. (need_keyid: 0 => 1)
gpg: DBG: keyring_search: searching from start of resource.
gpg: DBG: keyring_search: packet starting at offset 0 matched descriptor 0
gpg: DBG: keyring_search: returning success
gpg: DBG: keydb_search: searched keyring (resource 0 of 2) => Success
gpg: DBG: finish_lookup: checking key 4D696F6B (all)(req_usage=2)
gpg: DBG: 	checking subkey ED764C3A
gpg: DBG: 	subkey has expired
gpg: DBG: 	checking subkey 217028C2
gpg: DBG: 	usage does not match: want=2 have=1
gpg: DBG: 	no suitable subkeys found - trying primary
gpg: DBG: 	primary key usage does not match: want=2 have=5
gpg: DBG: 	no suitable key found -  giving up
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR20: '1A6F 3E63 9A44 67E8 C347  6525 DF6D 76C4 4D69 6F6B'
gpg: DBG: keydb_search: searching keyring (resource 0 of 2)
gpg: DBG: keyring_search: need_uid = 0; need_words = 0; need_keyid = 0; need_fpr = 1; any_skip = 0
gpg: DBG: keyring_search: initializing offset table. (need_keyid: 0 => 1)
gpg: DBG: keyring_search: not searching from start of resource.
gpg: DBG: keyring_search: no matches (EOF)
gpg: DBG: keydb_search: searched keyring (resource 0 of 2) => EOF
gpg: DBG: keydb_search: searching keybox (resource 1 of 2)
gpg: DBG: keydb_search: searched keybox (resource 1 of 2) => Success
gpg: DBG: finish_lookup: checking key 4D696F6B (all)(req_usage=2)
gpg: DBG: 	checking subkey ED764C3A
gpg: DBG: 	subkey might be fine
gpg: DBG: 	checking subkey 217028C2
gpg: DBG: 	usage does not match: want=2 have=1
gpg: DBG: 	using key ED764C3A
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: LONG_KID: 'DF6D76C44D696F6B'
gpg: DBG: keydb_search: searching keyring (resource 0 of 2)
gpg: DBG: keyring_search: need_uid = 0; need_words = 0; need_keyid = 1; need_fpr = 0; any_skip = 0
gpg: DBG: keyring_search: initializing offset table. (need_keyid: 1 => 1)
gpg: DBG: keyring_search: searching from start of resource.
gpg: DBG: keyring_search: packet starting at offset 0 matched descriptor 0
gpg: DBG: keyring_search: returning success
gpg: DBG: keydb_search: searched keyring (resource 0 of 2) => Success
gpg: DBG: finish_lookup: checking key 4D696F6B (one)(req_usage=0)
gpg: DBG: 	using key 4D696F6B
gpg: Ohhhh jeeee: ... this is a bug (../../g10/pkclist.c:417:do_we_trust)
Aborted
$ 
--

More information about the pkg-gnupg-maint mailing list