1 bug in gpgme 0.4.0, 1 bug in gpg 1.2.1

Stéphane Corthésy stephane at sente.ch
Mon Apr 21 19:53:02 CEST 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Using gpgme 0.4.0 and gpg 1.2.1, I found 2 bugs.

If you have a key, in your keyring, that contains a special character 
in its userID that needs to be escaped when using the --with-colons 
option (for example, the colon character, see my own key), then gpgme 
will unescape this character correctly when returning the 
GPGME_ATTR_USERID attribute when using gpgme_key_get_string_attr(), but 
will not unescape this character when using attributes GPGME_ATTR_NAME, 
GPGME_ATTR_EMAIL or GPGME_ATTR_COMMENT. Problem is (still) in 
gpgme/key.c, _gpgme_key_append_name() where _gpgme_decode_c_string() is 
used for unescaping GPGME_ATTR_USERID attribute, but not for the other 
ones.

Second problem: searching for secret keys (I haven't tested for public 
keys) using gpgme_op_keylist_start() using an empty string pattern to 
get all keys will return keys that have no capabilities at all: calling 
gpgme_key_get_string_attr(... GPGME_ATTR_KEY_CAPS...) will return an 
empty strings. Whereas, if you list the same keys by using a pattern 
which contains (for example) the fingerprint of one of these keys, then 
capabilities are correctly returned.
Problem is located in gpg: using

 > gpg --with-fingerprint --with-colons --list-secret-keys
/Users/dave/.gnupg/secring.gpg
- ------------------------------
sec:u:1024:17:5467B616992020D4:2001-08-16::::Stéphane Corthésy 
(Sen\x3ate) <stephane at sente.ch>:::
fpr:::::::::A5BAB3D84F6CAE038B2276F25467B616992020D4:
uid:u::::::::Stéphane Corthésy (davelopper) 
<davelopper at users.sourceforge.net>:
uid:u::::::::Stéphane Corthésy (GPGMail) <gpgmail at sente.ch>:
ssb::1024:16:E8F57B1723FD62FC:2001-08-16:::::::

returns no key capabilities, but all secret key userIDs, whereas using

 > gpg --with-fingerprint --with-colons --list-secret-keys 
A5BAB3D84F6CAE038B2276F25467B616992020D4
sec:u:1024:17:5467B616992020D4:2001-08-16::::Stéphane Corthésy 
(davelopper) <davelopper at users.sourceforge.net>::scESC:
fpr:::::::::A5BAB3D84F6CAE038B2276F25467B616992020D4:
uid:u::::::::Stéphane Corthésy (Sen\x3ate) <stephane at sente.ch>:
ssb::1024:16:E8F57B1723FD62FC:2001-08-16::::::e:

returns capabilities, but displays _public_ key userIDs (which are 
different, in my case, from secret key's).

When can we hope to see gpgme 0.4.1 and gpg 1.2.2?

Regards,

Stéphane
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)

iD8DBQE+pCIeVGe2FpkgINQRAt+FAJwLK5QWPilzkLlYbXgk6fXS2XsZVACgmMmf
llGI2OtOlPw3z/I7+Zot+OQ=
=Paj2
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list