Gpg 2.1.10 - Invalid error with --encrypt-to

Patrick Brunschwig patrick at enigmail.net
Mon Dec 14 17:30:33 CET 2015 

On 14.12.15 12:00, Neal H. Walfield wrote:
> Hi Patrick,
> 
> Thanks for reporting this!
> 
> On Sat, 12 Dec 2015 18:27:18 +0100,
> Patrick Brunschwig wrote:
>> Using GnuPG 2.1.10 with --encrypt-to brings wrong error messages. An
>> example can be found here: https://bugs.gnupg.org/gnupg/issue2186
>>
>> Another example is this one:
>>
>> Using gpg2 --encrypt-to 0x4F9F89F5505AC1D1A260631CDB1187B9DD5F693B \
>>   -r someone - e
>>
>> Results in the following error message, which I consider wrong:
>>
>> gpg: key specification '0x4F9F89F5505AC1D1A260631CDB1187B9DD5F693B' is
>> ambiguous
>> gpg: (check argument of option '--encrypt-to')
>> gpg: '0x4F9F89F5505AC1D1A260631CDB1187B9DD5F693B' matches at least:
>> gpg:   4F9F89F5505AC1D1A260631CDB1187B9DD5F693B
>> gpg:   4F9F89F5505AC1D1A260631CDB1187B9DD5F693B
>>
>> Result of gpg2 --list-keys 0x4F9F89F5505AC1D1A260631CDB1187B9DD5F693B:
>>
>> pub   rsa4096/DD5F693B 2015-01-17 [expires: 2025-01-14]
>> uid         [  full  ] Patrick Brunschwig <patrick at enigmail.net>
>> uid         [  full  ] Patrick Brunschwig <patrick at brunschwig.net>
>> uid         [  full  ] [jpeg image of size 13251]
>> sub   rsa4096/4E4953D8 2015-01-17 [expires: 2018-01-16]
> 
> This error has been turned into a more exact warning in 6dc37c5f:
> 
>   gpg: Don't error out if a key occurs multiple times in the keyring.
> 
> This might suggest some keyring corruption.  Are you using a keyring
> or a keybox (try running gpg2 -k KEYID with --debug=lookup)?  Are you
> using multiple keyrings/keyboxes?

I'm using keybox, and it looks like my key is only once on the keyring.
On a side remark, using the key ID instead the fingerprint works correctly.

gpg: reading options from '/Users/pbr/enigmail/.gnupg/gpg.conf'
gpg: enabled debug flags: lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR20: '4F9F 89F5 505A C1D1 A260  631C DB11
87B9 4F9F  89F'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => Success
gpg: DBG: finish_lookup: checking key DD5F693B (all)(req_usage=0)
gpg: DBG: 	using key DD5F693B
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FPR20: '4F9F 89F5 505A C1D1 A260  631C DB11
87B9 4F9F  89F'
gpg: DBG: keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: secmem usage: 0/32768 bytes in 0 blocks
pub   rsa4096/DD5F693B 2015-01-17 [expires: 2025-01-14]
uid         [  full  ] Patrick Brunschwig <patrick at enigmail.net>
uid         [  full  ] Patrick Brunschwig <patrick at brunschwig.net>
uid         [  full  ] [jpeg image of size 13251]
sub   rsa4096/4E4953D8 2015-01-17 [expires: 2018-01-16]


By the way, could you add some parse-able error message for this
situation (if it is correctly determined), such that tools like Enigmail
can print a meaningful message to the user?

-Patrick

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20151214/ea88a617/attachment.sig>

More information about the Gnupg-devel mailing list