difference in output between 1.4.x and 2.0.x when agent fails to sign -- causes enigmail to send broken messages

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Nov 10 21:52:57 CET 2014 

When creating a signed message (whether encrypted or not), if gpg-agent
fails to sign the message, gpg 2.1.0 emits the first part of the
message, but then terminates with a non-zero error code.

gpg 1.4.x (and i think 2.0.x, but haven't tested today) both terminate
with a non-zero error code but produce no output on stdout.

This change in behavior causes problems with enigmail in particular,
which appears to send the truncated results when producing a PGP/MIME
encrypted+signed message if the agent fails to sign.

I believe this is two distinct issues, and maybe we want to address them
both:

 * gnupg 2.1.x might want to buffer data before the signature is made,
   and decline to emit anything if the signature fails

 * enigmail probably should detect that its invocation of gpg returns a
   non-zero error code and raise an error in the message creation step.
   I note that it appears to do so properly for when generating non-encrypted
   PGP/MIME-signed messages, it's just failing at PGP/MIME
   encrypted+signed messages.

Below is a transcript showing the different behaviors between 1.4.18
(with --use-agent) and 2.1.0 when the agent fails to produce a
signature.

Regards,

   --dkg

0 dkg at alice:~$ gpg --version
gpg (GnuPG) 1.4.18
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
0 dkg at alice:~$ gpg2 --version
gpg (GnuPG) 2.1.0
libgcrypt 1.6.2
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
0 dkg at alice:~$ gpgconf --kill gpg-agent
0 dkg at alice:~$ gpgconf --launch gpg-agent
0 dkg at alice:~$ echo test | gpg --clearsign 

You need a passphrase to unlock the secret key for
user: "Daniel Kahn Gillmor <dkg at fifthhorseman.net>"
4096-bit RSA key, ID 0xA52401B11BFDFA5C, created 2013-03-12
         (subkey on main key ID 0xCCD2ED94D21739E9)

gpg: cancelled by user
gpg: no default secret key: bad passphrase
gpg: [stdin]: clearsign failed: bad passphrase
2 dkg at alice:~$ echo test | gpg2 --clearsign 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

test
gpg: signing failed: Operation cancelled
gpg: [stdin]: clearsign failed: Operation cancelled
2 dkg at alice:~$ echo test | gpg2 --sign --encrypt --armor -r $PGPID 
gpg: signing failed: Operation cancelled
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2

hQIMA8Yb0+whSEz/ARAAnJCOUKoXQu0T0JCX3VmHzGW0HL5kvoZgrzYNzqfl2+0k
HxKxZzic6sOuiXQ7GcZ6v6OuZy79brPU4vnpzy5DeeaVBE/6UKGhLVRQbaqFD74t
PBVnwRdVKY7MHLeOn3H5H/CJRAqwXfYPBPTLEVb4HoJxtwR8GQcToqXTme42OHkd
Vttfg6tUbfzwaqGuUHLVH12JP1g5Usq1RzhSbdrPBdB5bs4RNFkXYSW4hL2BWbvX
ZoujMTXC+JwQJh5Edjav79rPXpCNuXZr6QS05FaDOfmDYRCSv+t1F1Yh0dIXwXcd
h+TwJFGP27T/d2mE3o2uA1P1iZOh1V5czcNa2EwsE/My4/ou3kvSHMt8QhNIBJvB
qENaQWM0hZKmPzlItc/J1oQW4BHvoOz5qNJxfxDw6aZrL7qP5+vgXD24JpR2DHzd
8/fi2QHsVnA7upMtfzaZ3x1jwbYxgM+/A3N8PdsKbyXu4SQwcvTmbRKgMx0L8DOJ
hgsM/LrpuEJvpYAU7YSy2h5jANlNebhjGwfCDDmyR97BjXMcVt6BuJOS6JjN5plS
RF6vrvdUD0NpJsPUkyVGD7RP6ofOScQ7oD8UfpegOldpK89U/3yJfk7yw2AYA0AI
FZicmDyzWb/aKFbHzIMCi14u3x8BPSANfqnWv+/5yDsGkrydLWRMZeaeDZ9mgpg: [stdin]: sign+encrypt failed: Operation cancelled
2 dkg at alice:~$ echo test | gpg --sign --encrypt --armor -r $PGPID 

You need a passphrase to unlock the secret key for
user: "Daniel Kahn Gillmor <dkg at fifthhorseman.net>"
4096-bit RSA key, ID 0xA52401B11BFDFA5C, created 2013-03-12
         (subkey on main key ID 0xCCD2ED94D21739E9)

gpg: cancelled by user
gpg: no default secret key: bad passphrase
gpg: [stdin]: sign+encrypt failed: bad passphrase
2 dkg at alice:~$ 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20141110/65847c6b/attachment.sig>

More information about the Gnupg-devel mailing list