gpgme fails encrypting on 64bit debian

Werner Koch wk at
Thu Apr 18 16:40:37 CEST 2013

On Thu, 18 Apr 2013 09:33, simone.pagangriso at said:

> from the debug info is that the encryption is successful but then there's
> an error right after(?). Thanks for your help, it's really appreciated!

Here is the interesing part (I removed the hex parts):

  _gpgme_io_read (fd=0x4): enter: buffer=0xea2980, count=1024
  _gpgme_io_read (fd=0x4): check: [...] [GNUPG:] INV_REC
  _gpgme_io_read (fd=0x4): check: [...] P 10 CD6029E7DD3
  _gpgme_io_read (fd=0x4): check: [...] 4991240FCFEE7D94
  _gpgme_io_read (fd=0x4): check: [...] 1FEB9C37DBF71.
  _gpgme_io_read (fd=0x4): leave: result=62

Or as one line:

  [GNUPG:] INV_RECP 10 CD6029E7DD34991240FCFEE7D941FEB9C37DBF71

Now if you look into GnuPG's doc/DETAILS:

    The two similar status codes:

    - INV_RECP <reason> <requested_recipient>
    - INV_SGNR <reason> <requested_sender>

    are issued for each unusable recipient/sender. The reasons codes
    currently in use are:

       -  0 :: No specific reason given
       -  1 :: Not Found
       -  2 :: Ambigious specification
       -  3 :: Wrong key usage
       -  4 :: Key revoked
       -  5 :: Key expired
       -  6 :: No CRL known
       -  7 :: CRL too old
       -  8 :: Policy mismatch
       -  9 :: Not a secret key
       - 10 :: Key not trusted
       - 11 :: Missing certificate
       - 12 :: Missing issuer certificate

Thus the key CD6029E7DD34991240FCFEE7D941FEB9C37DBF71 is not trusted.
You may either sign it locally using gpg, or use the encryption flags 

  err = gpgme_op_encrypt(ceofcontext, key, flags, source, dest);

To avoid checking the debnug log each time, you may want to add code

  err = gpgme_op_encrypt (ctx, key, GPGME_ENCRYPT_ALWAYS_TRUST, in, out);
  fail_if_err (err);
  result = gpgme_op_encrypt_result (ctx);
  if (result->invalid_recipients)
      fprintf (stderr, "Invalid recipient encountered: %s\n",
      exit (1);

You may use gpgme_op_encrypt_result even if an error is return,ed but in
this case you first need to check that the returned value is not NULL.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list