pgg doesn't seem to like me

pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Attempt to decrypt gives

  Signaling: (void-function string-as-unibyte)
    string-as-unibyte("-----BEGIN PGP MESSAGE-----\nVersion: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>\n\nqANQR1DBwE4DYFY3dE/BJa0QA/4tU57r4OgXhPfZr6DSsNAB8wotOTPIXMF5OPnZ\n6QThF0W/Jo0Xbv2GodV3rNB3e5lheJOl5p7OiTIIBQlPc60GURfc9SWF22sutGqA\n+/n8Fi/DvnKtUUzxefEaEFPxF3FX9pRbAS1xxhtiml9XdFTMRqr0T+K0ncIj463/\nads3TwQAmw/KHKsDZrl3VCul+sN3nHFd8TMRhLphsBAKwBAWRxo/Q7y8BMnQlWNn\nwnfZPfRkuWMiWrsdzm2GAiXl1fbR9ovO4Uo9Tk8lfcLrh8cUyWXgijHhhq9gXhWQ\nE+7khvB5QjQDTtM9W9bqQeZYu7gymFDVlunltmm0FobKVWA4UbfJwAtma0Q9BVrI\nRnts2U+VMKun85Gi2UmR+p5lSk/fCjRb6TOTnSSvioOtQ1Eb6FbZuRCgaIA8jiHX\nNecqAxlyNeKAqJ1Zmx40xj7v10ZwXNbaYSgiKLQpvqg9UgRFRmnCFNLEKXNYErOv\nXjQMaQJee+NKs6V2vs+vWcd8KiWYrGUAAS092FCICyxSEwkVICLdydV9l0X4nS0R\nGEkYAuj5BihllifFFh/u11/uolG0M6qXEEgzHwyW7a6Xy2sU+S7shkJHpyzbpkpu\nqh93oA==\n=TBpC\n-----END PGP MESSAGE-----\n")
    pgg-parse-armor-region(1 792)
    pgg-decrypt-region(1 792)
    mml2015-pgg-clear-decrypt()
    mm-uu-pgp-encrypted-extract-1(nil ("multipart/encrypted"))
    mm-uu-pgp-encrypted-extract()
    mm-uu-dissect()
    gnus-display-mime()
    gnus-article-prepare-display()
    gnus-article-prepare(4 nil)
    gnus-summary-display-article(4 nil)
    gnus-summary-select-article(nil nil pseudo)
    gnus-summary-scroll-up(1)
    call-interactively(gnus-summary-scroll-up)

The message is in-line armor

        MIME-version: 1.0
        Content-type: text/plain; charset=us-ascii
        Content-transfer-encoding: 7BIT

Using cvs pgnus of about 1500 GMT 2002-10-01 atop XEmacs
(/xemacs21-nomule_21.4.6-8_i386.deb).

I don't know how to spell _unibyte_, nor even whether I should want to
know how.

Inline PGP signed (gpg) seem to verify OK.  Neither pgp/mime signature
verification nor decryption seem to work for me.

        jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9mdrmUEvv1b/iXy8RAlMcAJ4i1qXbFEi/Mv+Hmrx/AwlhMg+LmQCfbThg
I4xDHCB3lmHcZNmSfYLdrr0=
=/i+2
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Encrypting a mail addressed to myself with C-c C-m c p produces a mail
that cannot be decrypted easily.  MML2015 Result buffer remains empty
and there is no stop with Debug on Error yet W s yields

        [[PGP Encrypt Part:Failed]]

The mail decrypted OK using gpg on the command line.  However, the
mail was separately signed and then encrypted.  The signed mail was
apparently encoded with quoted/printable but without the "-----BEGIN
PGP SIGNED MESSAGE-----" marker and without a hash yielding "gpg: no
signed data" when attempting to verify the fruit of the decryption
from the command line.

ISTM somewhat surprising that the default PGP/Mime (sign and) encrypt
should be to sign and then encrypt rather than to sign and encrypt in
one operation something like 'gpg -se' and whatever.

        jam

signed with C-c / s

-----BEGIN PGP SIGNATURE-----

iD8DBQE9me/tUEvv1b/iXy8RAu+ZAJsGZ5nRpdpiIdQUOw9FSXMdAtH9xgCfckMf
8ka7ceilbuxvcjQYZXA0iqg=
=0aS8
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Josh Huber]

jam@jamux.com (John A. Martin) writes:

> ISTM somewhat surprising that the default PGP/Mime (sign and)
> encrypt should be to sign and then encrypt rather than to sign and
> encrypt in one operation something like 'gpg -se' and whatever.

You can adjust this using mml-signencrypt-style:

(mml-signencrypt-style "pgpmime" 'combined)

-- 
Josh Huber

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Josh" == Josh Huber
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Tue, 01 Oct 2002 15:16:11 -0400

    Josh> jam@jamux.com (John A. Martin) writes:
    >> ISTM somewhat surprising that the default PGP/Mime (sign and)
    >> encrypt should be to sign and then encrypt rather than to sign
    >> and encrypt in one operation something like 'gpg -se' and
    >> whatever.

    Josh> You can adjust this using mml-signencrypt-style:

    Josh> (mml-signencrypt-style "pgpmime" 'combined)

Ok, did the above.  Decryption failed as before.

Running the mail through gpg on the command line gives

- -------------- cut here ---->8 ---< head
$ gpg --decrypt ~/Mail/t-test/43

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)

gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"
Content-Transfer-Encoding: quoted-printable


=2D-=20
GNU GPL: "The Source shall be with you... always."
- ---- 8<------- cut here ----------> tail

while signing and encrypting at the command line and then decrypting
looks like this

- -------------- cut here ---->8 ---< head
$ gpg -seatr jam@jamux.com </dev/null|gpg>/dev/null

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit DSA key, ID BFE25F2F, created 1998-09-19

gpg: jam@jamux.com: skipped: public key already present

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)

gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"
gpg: Signature made Tue Oct  1 16:01:14 2002 EDT using DSA key ID BFE25F2F
gpg: Good signature from "John A. Martin <jam@jamux.com>"
gpg:                 aka "John A. Martin <jam@acm.org>"
- ---- 8<------- cut here ----------> tail

One wonders whether there is a trusted signature on the stuff in the
first example above which was encrypted with

        (("smime" separate) ("pgp" separate) ("pgpmime" combined))

    jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9mgFQUEvv1b/iXy8RAqRRAJwPC1PimMmbgCWCIVqdXGrgjnjvXACeP540
VIjekvADuyCARS/AKgZXxgI=
=5cJm
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Josh Huber]

jam@jamux.com (John A. Martin) writes:

> Ok, did the above.  Decryption failed as before.

Can you expand the button which says decryption failed and tell me
what the full output is?

> Running the mail through gpg on the command line gives
>
> -------------- cut here ---->8 ---< head
> $ gpg --decrypt ~/Mail/t-test/43
>
> You need a passphrase to unlock the secret key for
> user: "John A. Martin <jam@jamux.com>"
> 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)
>
> gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
>       "John A. Martin <jam@jamux.com>"
> Content-Transfer-Encoding: quoted-printable
>
>
> =2D-=20
> GNU GPL: "The Source shall be with you... always."
> ---- 8<------- cut here ----------> tail

This looks okay, except for the missing signature messages... bummer!

> while signing and encrypting at the command line and then decrypting
> looks like this
>
> -------------- cut here ---->8 ---< head
> $ gpg -seatr jam@jamux.com </dev/null|gpg>/dev/null
>
> You need a passphrase to unlock the secret key for
> user: "John A. Martin <jam@jamux.com>"
> 1024-bit DSA key, ID BFE25F2F, created 1998-09-19
>
> gpg: jam@jamux.com: skipped: public key already present
>
> You need a passphrase to unlock the secret key for
> user: "John A. Martin <jam@jamux.com>"
> 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)
>
> gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
>       "John A. Martin <jam@jamux.com>"
> gpg: Signature made Tue Oct  1 16:01:14 2002 EDT using DSA key ID BFE25F2F
> gpg: Good signature from "John A. Martin <jam@jamux.com>"
> gpg:                 aka "John A. Martin <jam@acm.org>"
> ---- 8<------- cut here ----------> tail
>
> One wonders whether there is a trusted signature on the stuff in the
> first example above which was encrypted with
>
>         (("smime" separate) ("pgp" separate) ("pgpmime" combined))

Hmm, this may be broken with PGG.  I'll have to take a closer look
later

-- 
Josh Huber

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Josh" == Josh Huber
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Tue, 01 Oct 2002 16:58:33 -0400

    Josh> Can you expand the button which says decryption failed and
    Josh> tell me what the full output is?

[[PGP Encrypted Part:Failed]
(string-as-unibyte)]

        jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9mhHAUEvv1b/iXy8RAoI0AJ0Rnwb4K4PfOZUARdOCaUKZKpELhgCglt8o
s4nKU7N3RiGsrJAiUG651EY=
=fga0
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Josh Huber]

jam@jamux.com (John A. Martin) writes:

> [[PGP Encrypted Part:Failed]
> (string-as-unibyte)]

Hmm, it looks like this function is declared from poem for me.  I use
XEmacs as well, and this function looks like a compatibility function
with Emacs 20.3:

`string-as-unibyte' is a Lisp function
  -- loaded from "poem"
(string-as-unibyte STRING)

Documentation:
Return a unibyte string with the same individual bytes as STRING.
If STRING is unibyte, the result is STRING itself.
[Emacs 20.3 emulating macro]


Do you have your cvs up to date?  Do you have the pgg directory in
your load path?

-- 
Josh Huber

Re: pgg doesn't seem to like me

[Jesper Harder]

huber@alum.wpi.edu (Josh Huber) writes:

> Hmm, it looks like this function is declared from poem for me.  I use
> XEmacs as well, and this function looks like a compatibility function
> with Emacs 20.3:
>
> `string-as-unibyte' is a Lisp function
>   -- loaded from "poem"
> (string-as-unibyte STRING)
>
> Do you have your cvs up to date?  Do you have the pgg directory in
> your load path?

You shouldn't have poem.el in your pgg directory -- it has been removed.
This is probably causing the problem.

Re: pgg doesn't seem to like me

[Simon Josefsson]

"John A. Martin" <jam@jamux.com> writes:

> Attempt to decrypt gives
>
>   Signaling: (void-function string-as-unibyte)
>     string-as-unibyte("-----BEGIN PGP MESSAGE-----\nVersion: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>\n\nqANQR1DBwE4DYFY3dE/BJa0QA/4tU57r4OgXhPfZr6DSsNAB8wotOTPIXMF5OPnZ\n6QThF0W/Jo0Xbv2GodV3rNB3e5lheJOl5p7OiTIIBQlPc60GURfc9SWF22sutGqA\n+/n8Fi/DvnKtUUzxefEaEFPxF3FX9pRbAS1xxhtiml9XdFTMRqr0T+K0ncIj463/\nads3TwQAmw/KHKsDZrl3VCul+sN3nHFd8TMRhLphsBAKwBAWRxo/Q7y8BMnQlWNn\nwnfZPfRkuWMiWrsdzm2GAiXl1fbR9ovO4Uo9Tk8lfcLrh8cUyWXgijHhhq9gXhWQ\nE+7khvB5QjQDTtM9W9bqQeZYu7gymFDVlunltmm0FobKVWA4UbfJwAtma0Q9BVrI\nRnts2U+VMKun85Gi2UmR+p5lSk/fCjRb6TOTnSSvioOtQ1Eb6FbZuRCgaIA8jiHX\nNecqAxlyNeKAqJ1Zmx40xj7v10ZwXNbaYSgiKLQpvqg9UgRFRmnCFNLEKXNYErOv\nXjQMaQJee+NKs6V2vs+vWcd8KiWYrGUAAS092FCICyxSEwkVICLdydV9l0X4nS0R\nGEkYAuj5BihllifFFh/u11/uolG0M6qXEEgzHwyW7a6Xy2sU+S7shkJHpyzbpkpu\nqh93oA==\n=TBpC\n-----END PGP MESSAGE-----\n")

Should have been fixed in CVS recently.

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Josh" == Josh Huber
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Tue, 01 Oct 2002 17:38:26 -0400

    Josh> Do you have your cvs up to date?

As of about 11:00 -0400 (EDT).  Hmm.. does qumby.g.o or someone have
their clock off by an hour?  Or, I can't count.. :)

    Josh> Do you have the pgg directory in your load path?

Oops....  my pgg was being loaded from someplace like
/usr/share/xemacs21/site-lisp/semi.  I forgot to remember that somehow
my XEmacs does not load it's ~/.xemacs/init.el when there is an
_older_ init.elc nearby.  I've never looked into what makes that,
thinking all I need to do is to remember to byte compile it every time
I change it.  O'well.

Fixing the load-path changes everything.

Thank you very much for your help.

I hope my silly mistake did not waste too much of your time.

I need to take a fresh look at the gpg stuff with the _real_ changes
of the last couple of days.

        jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9mjCMUEvv1b/iXy8RAgXVAJwOkhIPNh9QdRabXm9OJp9+omZw+gCfTfRB
o7CYOrj8o/6q+sxZI5PS4OQ=
=nJxK
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Using cvs gnus gotten about 14:30 GMT 1 Oct atop XEmacs21
(xemacs21-nomule_21.4.6-8_i386.deb and friends) after checking
load-path (locate-library "pgg") and with ~/.gnus containing, in part:

        (require 'pgg)
        (mml-signencrypt-style "pgpmime" 'combined)

I found no suprize reading a message composed with C-c C-m s p
(mml-secure-message-sign-pgpmime).  However, when using C-c C-m c p
(mml-secure-message-encrypt-pgpmime) without an argument and
decrypting I see, in the Article buffer,

- --8<---------------cut here---------------start------------->8---
From: jam@jamux.com (John A. Martin)
Subject: pgp/mime encrypt
To: jam@jamux.com
Date: Wed, 02 Oct 2002 12:51:28 -0400

Content-Transfer-Encoding: quoted-printable

Use gnus not guns!


- --8<---------------cut here---------------end--------------->8---

and in the minibuffer,

        Unknown encoding quoted-printable\r; defaulting to 8bit

The *MML2015 Result* buffer contains

- --8<---------------cut here---------------start------------->8---
[GNUPG:] ENC_TO 605637744FC125AD 16 0
[GNUPG:] USERID_HINT 605637744FC125AD John A. Martin <jam@jamux.com>
[GNUPG:] NEED_PASSPHRASE 605637744FC125AD 504BEFD5BFE25F2F 16 0
[GNUPG:] GOOD_PASSPHRASE
gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_OKAY
[GNUPG:] GOODMDC
[GNUPG:] END_DECRYPTION
- --8<---------------cut here---------------end--------------->8---

Decrypting the message from the command line gives:

- --8<---------------cut here---------------start------------->8---
$ cat ~/Mail/t-test/46|gpg 

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)

gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"
Content-Transfer-Encoding: quoted-printable

Use gnus not guns!


- --8<---------------cut here---------------end--------------->8---

Where I would have expected something more like

- --8<---------------cut here---------------start------------->8---
$ echo Use gnus not guns\!|gpg -seatr jam@jamux.com|gpg

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit DSA key, ID BFE25F2F, created 1998-09-19

gpg: jam@jamux.com: skipped: public key already present

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)

gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"
Use gnus not guns!
gpg: Signature made Wed Oct  2 14:00:00 2002 EDT using DSA key ID BFE25F2F
gpg: Good signature from "John A. Martin <jam@jamux.com>"
gpg:                 aka "John A. Martin <jam@acm.org>"
- --8<---------------cut here---------------end--------------->8---

showing that the encrypted message had been signed.

Does it look like two problems: (1) some encoding/decoding mixup, and
(2) the encrypted message is not signed.

When I do C-u C-c C-m c p the decrypted article buffer looks like

- --8<---------------cut here---------------start------------->8---
From: jam@jamux.com (John A. Martin)
Subject: pgp/mime encrypt with argument
To: jam@jamux.com
Date: Wed, 02 Oct 2002 14:09:14 -0400


Use gnus not guns!
- --8<---------------cut here---------------end--------------->8---

with less cruft but still ugly, and no "mime heder".  Nothing in the
minibuffer and the *MML2015 Result* buffer is the same as above.  The
command line decription looks like this:

- --8<---------------cut here---------------start------------->8---
$ cat ~/Mail/t-test/47|gpg             

You need a passphrase to unlock the secret key for
user: "John A. Martin <jam@jamux.com>"
1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19 (main key ID BFE25F2F)

gpg: encrypted with 1024-bit ELG-E key, ID 4FC125AD, created 1998-09-19
      "John A. Martin <jam@jamux.com>"

Use gnus not guns!
- --8<---------------cut here---------------end--------------->8---

I dunno about this here except that gnus shows `^M' cruft that gpg on
the command line does not.

        jam

C-c / s

-----BEGIN PGP SIGNATURE-----

iD8DBQE9mzxvUEvv1b/iXy8RAm7sAJwJy6UwoPZnCUQGdrQDznIKqQTnKwCdHT8i
RwFZc22AgeUISr2cgnWbBE4=
=J0mS
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "jam" == John A Martin
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Wed, 02 Oct 2002 14:36:30 -0400

I'm following up to myself because some of the control character cruft
got taken away from my message.  This is one reason why I want to move
to a good mime capable mailer.  I'm a newbe on this mime stuff and was
trying to get the PGP stuff working before trying to learn how to use
mime intelligently.  Any pointers would be welcome in the meantime.

    jam> However, when using C-c
    jam> C-m c p (mml-secure-message-encrypt-pgpmime) without an
    jam> argument and decrypting I see, in the Article buffer,

    jam> --8<---------------cuthere---------------start------------->8---

Next time I'll use my own cut lines that are shorter and seldom
word-wrap when quoted.

    jam> From: jam@jamux.com (John A. Martin)
    jam> Subject: pgp/mime encrypt
    jam> To: jam@jamux.com
    jam> Date: Wed, 02 Oct 2002 12:51:28 -0400

    jam> Content-Transfer-Encoding: quoted-printable

    jam> Use gnus not guns!


    jam> --8<---------------cuthere---------------end--------------->8---

All the lines, blank and not blank, in the message body above ended
with Ctrl-M.

    jam> and in the minibuffer,

    jam>         Unknown encoding quoted-printable; defaulting to 8bit

There was a Ctrl-M between the `e' and the `;'.

    jam> Does it look like two problems: (1) some encoding/decoding
    jam> mixup, and (2) the encrypted message is not signed.

Maybe this amendment helps show (1) above.

    jam> When I do C-u C-c C-m c p the decrypted article buffer looks
    jam> like

    jam> --8<---------------cuthere---------------start------------->8---
    jam> From: jam@jamux.com (John A. Martin)
    jam> Subject: pgp/mime encrypt with argument
    jam> To: jam@jamux.com Date:
    jam> Wed, 02 Oct 2002 14:09:14 -0400


    jam> Use gnus not guns! 
    jam> --8<---------------cuthere---------------end--------------->8---

There was a Ctrl-M on the one blank body line and the one body text
line.

    jam> I dunno about this here except that gnus shows `^M' cruft
    jam> that gpg on the command line does not.

That Ctri-M survived!

    jam> C-c / s

Of course the message did not verify.  Maybe this will. :)

        jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9m0b9UEvv1b/iXy8RAkVBAKCAIRhGlkU39+eYMEM8FaFqZApRFQCdFNh6
3klLY1DcIg5k5+jRYmGnN40=
=YQrr
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Clemens Fischer]

jam@jamux.com (John A. Martin) writes:

> I'm following up to myself because some of the control character cruft
> got taken away from my message.  This is one reason why I want to move
> to a good mime capable mailer.  I'm a newbe on this mime stuff and was
> trying to get the PGP stuff working before trying to learn how to use
> mime intelligently.  Any pointers would be welcome in the meantime.

you could try mutt.  it is far from programmable, but it's feature
complete and does MIME well.  very configurable.

clemens

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

> Using cvs gnus gotten about 14:30 GMT 1 Oct atop XEmacs21
> (xemacs21-nomule_21.4.6-8_i386.deb and friends) after checking
> load-path (locate-library "pgg") and with ~/.gnus containing, in part:
>
>         (require 'pgg)
>         (mml-signencrypt-style "pgpmime" 'combined)
>
> I found no suprize reading a message composed with C-c C-m s p
> (mml-secure-message-sign-pgpmime).  However, when using C-c C-m c p
> (mml-secure-message-encrypt-pgpmime) without an argument and
> decrypting I see, in the Article buffer,

PGG did not support combined sign and encrypt, so it not surprising it
didn't work.  PGG supports it now though, thanks for pointing this
out.  Do you still see the other problems?

Re: pgg doesn't seem to like me

[Simon Josefsson]

Simon Josefsson <jas@extundo.com> writes:

> PGG did not support combined sign and encrypt, so it not surprising it
> didn't work.  PGG supports it now though

...but only for GnuPG.  Does anyone know how to make PGP 5 and PGP 2/6
sign data when it is encrypting it?

PGP 2/6 commands:

	  `("+encrypttoself=off +verbose=1" "+batchmode"
	    "+language=us" "-fate"

PGP 5 commands:

	  `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1"

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Fri, 04 Oct 2002 01:04:50 +0200

    Simon> Simon Josefsson <jas@extundo.com> writes:
    >> PGG did not support combined sign and encrypt, so it not
    >> surprising it didn't work.  PGG supports it now though

    Simon> ...but only for GnuPG.

Here is what I see with xemacs21-nomule_21.4.6-8_i386.deb atop Debian
woody and cvs with the following changelog entry:

    2002-10-05  Simon Josefsson  <jas@extundo.com>

	* pgg-gpg.el (pgg-gpg-encrypt-region): Make signencrypt really
	work.

Message buffer
- --8<---------------cut here---------------start------------->8---
X-Draft-From: ("nndraft:drafts" "")
To: jam@jamux.com
Subject: pgpmime signencrypt combined
X-Attribution: jam
X-Request-PGP: http://www.tux.org/~jam/jam-gpg-keys.html
X-PGP-Fingerprint: 5F05 15CF 05D2 E8D3 E7FA  8C6A 504B EFD5 BFE2 5F2F
From: jam@jamux.com (John A. Martin)
Date: Fri, 04 Oct 2002 10:41:15 -0400
User-Agent: Gnus/5.090008 (Oort Gnus v0.08) XEmacs/21.4 (Honest
        Recruiter, i386-debian-linux) 
Message-ID: <87it0hr0gb.fsf@athene.jamux.com>
- --text follows this line--
<#secure method=pgpmime mode=signencrypt>
If it's there and you can see it, it's REAL
If it's there and you can't see it, it's TRANSPARENT
If it's not there and you can see it, it's VIRTUAL
If it's not there and you can't see it, it's GONE!
- --8<---------------cut here---------------end--------------->8---

Immediately after C-c C-c the minibuffer shows something like
"encryption failed" and the following without having prompted for a
passphrase.

*MML2015 Result*
- --8<---------------cut here---------------start------------->8---
[GNUPG:] USERID_HINT 504BEFD5BFE25F2F John A. Martin <jam@jamux.com>
[GNUPG:] NEED_PASSPHRASE 504BEFD5BFE25F2F 504BEFD5BFE25F2F 17 0
gpg: can't query password in batchmode
[GNUPG:] MISSING_PASSPHRASE
[GNUPG:] BAD_PASSPHRASE 504BEFD5BFE25F2F
gpg: no default secret key: bad passphrase
gpg: [stdin]: sign+encrypt failed: bad passphrase
- --8<---------------cut here---------------end--------------->8---

FWIW ~/.gnopg/gpg.conf contains the following.

- --8<---------------cut here---------------start------------->8---
no-greeting
lock-once
no-version
default-key 0xbfe25f2f
keyserver x-hkp://wwwkeys.us.pgp.net

keyserver-options auto-key-retrieve include-disabled include-revoked

# "Encrypt to self"
encrypt-to 0xbfe25f2f

# Non-compliant to OpenPGP rfc2440
escape-from-lines

# Force pgp-5.x readable signatures on data
#force-v3-sigs

[...]
- --8<---------------cut here---------------end--------------->8---

Somebody seems to be confused, no?

        jam

Again I'm signing by means of C-c / s

-----BEGIN PGP SIGNATURE-----

iD8DBQE9nm5fUEvv1b/iXy8RAs0IAJ0XpMCBFffo68vBdWh1E2Ptx1Ex3gCfTsAv
CP3mVdNqfPscQ99RoA9Ejz8=
=r60I
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

> --8<---------------cut here---------------start------------->8---
> [GNUPG:] USERID_HINT 504BEFD5BFE25F2F John A. Martin <jam@jamux.com>
> [GNUPG:] NEED_PASSPHRASE 504BEFD5BFE25F2F 504BEFD5BFE25F2F 17 0
> gpg: can't query password in batchmode
> [GNUPG:] MISSING_PASSPHRASE
> [GNUPG:] BAD_PASSPHRASE 504BEFD5BFE25F2F
> gpg: no default secret key: bad passphrase
> gpg: [stdin]: sign+encrypt failed: bad passphrase
> --8<---------------cut here---------------end--------------->8---

Maybe fixed, try again?

> Again I'm signing by means of C-c / s

Really?  It looked as if you used MML tags and not Mailcrypt?

Re: pgg doesn't seem to like me

[Raymond Scholz]

* Simon Josefsson <jas@extundo.com> wrote:

> Could you try with CVS again now?  I probably fixed it.

Now I see another error :)

Debugger entered--Lisp error: (error "Encrypt error")
  signal(error ("Encrypt error"))
  error("Encrypt error")
  mml2015-pgg-encrypt((part (sign . "pgpmime") (encrypt . "pgpmime") (tag-location . 485) (contents . "\nf\x8f6\x8f6 b\x8e4t\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")) t)
  mml2015-encrypt((part (sign . "pgpmime") (encrypt . "pgpmime") (tag-location . 485) (contents . "\nf\x8f6\x8f6 b\x8e4t\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")) t)
  mml-pgpmime-encrypt-buffer((part (sign . "pgpmime") (encrypt . "pgpmime") (tag-location . 485) (contents . "\nf\x8f6\x8f6 b\x8e4t\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")) t)
  mml-generate-mime-1((part (sign . "pgpmime") (encrypt . "pgpmime") (tag-location . 485) (contents . "\nf\x8f6\x8f6 b\x8e4t\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")))
  mml-generate-mime()
  message-encode-message-body()
  message-send-mail(nil)
  message-send-via-mail(nil)
  message-send(nil)
  message-send-and-exit(nil)
  call-interactively(message-send-and-exit)

and *MML2015 Result* says:

gpg: Warning: using insecure memory!
[GNUPG:] USERID_HINT 073143588F926461 Raymond Scholz <ray-2002@zonix.de>
[GNUPG:] NEED_PASSPHRASE 073143588F926461 073143588F926461 1 0
gpg: can't query password in batchmode
[GNUPG:] MISSING_PASSPHRASE
[GNUPG:] BAD_PASSPHRASE 073143588F926461
gpg: no default secret key: bad passphrase
gpg: [stdin]: sign+encrypt failed: bad passphrase

I'm not queried for my passphrase anyhow.  The "non combined" style
works for me.

This is probably the same error, John A. Martin reported in
<87elb5qyrx.fsf@athene.jamux.com>

,----[ GnuPG 1.0.6 - ~/.gnupg/options ]
| force-v3-sigs
| escape-from-lines
| lock-once
| keyserver wwwkeys.de.pgp.net
| honor-http-proxy
| load-extension ~/.gnupg/idea
| encrypt-to 8F926461
`----

I've CC'ed (ding) again, because my first mail was intended to end
there - not in your personal inbox.  Sorry for that.

Cheers, Ray
-- 
Raymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Raymond" == Raymond Scholz
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Sat, 05 Oct 2002 13:58:48 +0200

    Raymond> ,----[ GnuPG 1.0.6 - ~/.gnupg/options ]
    Raymond> | force-v3-sigs
    Raymond> | escape-from-lines
    Raymond> | lock-once
    Raymond> | keyserver wwwkeys.de.pgp.net
    Raymond> | honor-http-proxy
    Raymond> | load-extension ~/.gnupg/idea
    Raymond> | encrypt-to 8F926461
    Raymond> `----

How do you make your quote?

        jam

-----BEGIN PGP SIGNATURE-----

iD8DBQE9nvRUUEvv1b/iXy8RAsn6AJwPhiXqwFaCaDY0cyhJ5uLyfWl5IwCeOa3j
vsXb/u/58s1kVPOvgWrYfDI=
=QCMe
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Sat, 05 Oct 2002 13:24:37 +0200

    Simon> Maybe fixed, try again?

Now pgpmime signencrypt combined worked as expected for me.

    >> Again I'm signing by means of C-c / s

    Simon> Really?  It looked as if you used MML tags and not
    Simon> Mailcrypt?

Sorry.  Please read 's/signing/signing this here mail/', as opposed to
the mail this here, or that there, mail was talking about. :)

FWIW I PGP sign all my outgoing mail[1], have done so for years, and
disavow any mail attributed to me without a valid signature by me.
This in spite of once or twice a year having inadvertently "fat
fingered" sending an unsigned mail.  One of my hopes is to be able to
rig gnus up to make it difficult to inadvertently send an unsigned
mail.

        jam

Footnotes: 
[1]  I do however occasionally "bounce" (resend) a mail to someone besides
myself.  I do not sign such mails.  At first brush, S D r
(gnus-summary-resend-message) does not seem to be convenient for that
"out of the box".

-----BEGIN PGP SIGNATURE-----

iD8DBQE9nwFlUEvv1b/iXy8RAqCeAJwMNYh/+UFChMERJ7Ku9xvUAJlDwACfeOd/
oXPoKLiLDuOBsM7vynW45wQ=
=f/2T
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Raymond Scholz]

* jam@jamux.com (John A. Martin) wrote:

> How do you make your quote?

,----[ http://www.davep.org/emacs/#boxquote.el ]
| Boxquote
`----

Cheers, Ray
-- 
It's a bit like shooting sparrows with a cannon (what's the English/US
idiom for this?) - Using Emacs to edit text files.
                         (Kai Großjohann and Per Abrahamsen on (ding))

Re: pgg doesn't seem to like me

[Raymond Scholz]

* jam@jamux.com (John A. Martin) wrote:

> Now pgpmime signencrypt combined worked as expected for me.

I second this.

Cheers, Ray
-- 
Q: What have american beer and sex in a canoe in common?
A: Both are fucking close to water.

Re: pgg doesn't seem to like me

[Simon Josefsson]

Raymond Scholz <ray-2002@zonix.de> writes:

> * jam@jamux.com (John A. Martin) wrote:
>
>> Now pgpmime signencrypt combined worked as expected for me.
>
> I second this.

So the backtrace in your other mail has now disappeared?  Good.

Uhm, are there any other outstanding PGG problems?  I may have missed
them.  Or PGP/MIME and S/MIME problems in general?

Re: pgg doesn't seem to like me

[Raymond Scholz]

* Simon Josefsson <jas@extundo.com> wrote:

> Uhm, are there any other outstanding PGG problems?  I may have missed
> them.  Or PGP/MIME and S/MIME problems in general?

Trying to send something with "method=pgp mode=signencrypt" and 
(mml-signencrypt-style "pgp" 'combined) gives me the following backtrace:

Debugger entered--Lisp error: (wrong-number-of-arguments #[(cont) "Á\b!	ÂÃ!" [cont mml1991-encrypt error "Encryption failed... inspect message logs for errors"] 2] 2)
  mml-pgp-encrypt-buffer((part (sign . "pgp") (encrypt . "pgp") (tag-location . 487) (contents . "\nf\x8f6\x8f6 b\x8e4r\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")) t)
  mml-generate-mime-1((part (sign . "pgp") (encrypt . "pgp") (tag-location . 487) (contents . "\nf\x8f6\x8f6 b\x8e4r\n\nGr\x8fc\x8df\ e, Ray\n-- \nRaymond Scholz - rscholz@zonix.de - PGP - http://www.zonix.de/\n")))
  mml-generate-mime()
  message-encode-message-body()
  message-send-mail(nil)
  message-send-via-mail(nil)
  message-send(nil)
  message-send-and-exit(nil)
  call-interactively(message-send-and-exit)

BTW: after seeing this I'm unable to send any _news_ posting?!

message-send-mail-with-sendmail: Sending...failed to No recipient addresses found in header; 

Cheers, Ray
-- 
Sigmentation fault, core dumped.

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Sun, 06 Oct 2002 02:03:35 +0200

    Simon> PGP/MIME and S/MIME problems in general?

Using (mml-signencrypt-style "pgpmime" 'combined) and
(mml-signencrypt-style "pgp" 'combined) with a cvs gotten about 14:00
GMT Oct 5:

Signed only pgpmime messages look ok when mailed to myself and
verified by gnus.

Encrypted pgpmime (combined) messages mailed to myself show extraneous
Ctrl-M characters at the end of all body lines.

Signed only pgp messages mailed to myself are QP encoded and show
extraneous Ctrl-M characters at the end of all body lines when
verified and displayed by gnus.

Encrypted pgp (combined) messages are not encoded, signed, nor
encrypted.

I have no experience with mime so perhaps my expectations need
adjustment, but I would expect to see the same thing _in the message
body_ in a gnus buffer when reading a mail composed in gnus and sent
to myself as I see at the command line with something like the
following (using mh mailboxes, textfile contains only body text).

        cat textfile|gpg -sat|/usr/sbin/sendmail myself; cat inbox/1

        cat textfile|gpg -seatr myself|/usr/sbin/sendmail myself
        cat inbox/1|gpg

In other words, why should gnus pgp muck with pgp not mime?
Mhe/mailcrypt does not.  Gnus/mailcrypt does not[1].


Other issues

How about a keybinding if not also a menue option for

        gpg option throw-keyid

        sign/encrypt individual mime parts

        snarf keys

        insert public key        

How about a method for adding arbitrary gpg options


Footnotes: 
[1]  At least not that I have noticed.


        jam

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAj2gkxAACgkQUEvv1b/iXy+OLACdHKFOKQnlUs5aR0LT9UEq1TXn
OLgAn3XhNZu5Ct1ifaO272amlnnGv9LB
=z0G6
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Andreas Fuchs]

[-- Attachment #1: Type: text/plain, Size: 726 bytes --]

On 2002-10-06, Simon Josefsson <jas@extundo.com> wrote:
> Uhm, are there any other outstanding PGG problems?  I may have missed
> them.  Or PGP/MIME and S/MIME problems in general?

Reading a mail encrypted for another key-id than the default one
doesn't DTRT: pgg tries to decrypt the mail for the default key-id,
which fails and then just displays the message to me. 

Is it possible to divine the key-id to which a message was encrypted
From the mail? I have seen pgg ask me if I want to download public
keys, could it also ask for the right key-id's password?

Have fun,
-- 
Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs
Was I helpful?  Let others know:
http://svcs.affero.net/rm.php?r=antifuchs

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg doesn't seem to like me

[Clemens Fischer]

[-- Attachment #1: Type: text/plain, Size: 698 bytes --]

Andreas Fuchs <asf@void.at>:

> Is it possible to divine the key-id to which a message was encrypted
> From the mail? I have seen pgg ask me if I want to download public
> keys, could it also ask for the right key-id's password?

i got a question on this one:  why does pgg sometimes ask if it should
get a public key and sometimes it lets a message silently fail for not
having that key?  shouldn't it ask always?  i have the *-option
variables set to 'known, and the method set to "pgpmime", because i
want to be able to encrypt/sign/decrypt multiparts.  is this thinking
correct?  basically, each part could be encoded and encrypted with a
"pgp" method as well, i guess.

clemens

[-- Attachment #2: Type: application/pgp-signature, Size: 154 bytes --]

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Sun, 06 Oct 2002 02:03:35 +0200

    Simon> Uhm, are there any other outstanding PGG problems?  [...]
    Simon> Or PGP/MIME and S/MIME problems in general?

Another point perhaps.

When verifying, gnus/pgg, or someone, will sometimes prompt with
something like:

        Key ... not found; attempt to fetch it (y or n)

When I say "y" it fails because my system is not set up to allow any
random process to willy-nilly access any random outside entity.

When I say "n" verification generally succeeds because my setup
provides for gpg to fetch keys from a particular keyserver.

I believe this is a reasonable set up and perhaps a preferred set up
in most situations.

I have not found where to disable gnus from attempting independently
to determine whether to attempt to fetch keys.  Presumably gnus key
fetching can be gracefully disabled, but a larger question is why
should gnus want to do this?  And by default no less?

Gpg has had workable key fetching for a long time.  Key fetching was
substantially improved in gnupg-1.0.7 and much improved again in
gnupg-2.0.0.  Gnupg is committed to coordinating key fetch with the
improvements under way with many public key servers.  IIRC more key
fetching improvements are slated for gnupg-2.0.1.  This is to suggest
that users would be better served were gnus to let default key
fetching be left to the user's gpg and optioned by ~/.gnupg/gpg.conf.

HTH

        jam

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAj2iPtgACgkQUEvv1b/iXy/L2gCfQ8HV5U7S+PZLEkYS+TwWDosw
ZXsAnA0Ti2LJ34kgI1k2++enEP2eiUHs
=I9Ot
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Sun, 06 Oct 2002 02:03:35 +0200

    Simon> Uhm, are there any other outstanding PGG problems?  [...]
    Simon> Or PGP/MIME and S/MIME problems in general?

When compiling cvs gnus (about 12:30 GMT 8 Aug) atop XEmacs-21.4.8
(xemacs21-nomule_21.4.8-2_i386.deb), Emacs complained about the
following:

mm-url.el:
  ** the function encode-coding-string is not known to be defined.

mm-util.el:
  ** the function detect-coding-region is not known to be defined.

pgg-parse.el:
  ** reference to free variable pgg-parse-crc24
  ** The following functions are not known to be defined: 
    define-ccl-program, ccl-execute-on-string, pgg-parse-crc24-string

pgg.el:
  ** The following functions are not known to be defined: 
    decode-coding-region, encode-coding-region

spam.el:
  ** The following functions are not known to be defined: 
    bbdb-search, bbdb-records, display-message-or-buffer

The spam.el complaints have already been given by Katsumi Yamaoka.  Is
it in general appropriate to put compiler complaints like this to this
news group when someone is not "asking for trouble :)"?

What is a convenient unambiguous way to identify the particular cvs
version used?  How come folks don't often seem to bother?

        jam

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAj2i34oACgkQUEvv1b/iXy/vLACdEu0I/0ZYcuDIeF+H/yHJVB9k
xpsAmQGudWtpUB4lJjgkxZ/zMx7Ql1u2
=Ctyl
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

>>>>>> "Simon" == Simon Josefsson
>>>>>> "Re: pgg doesn't seem to like me"
>>>>>>  Sun, 06 Oct 2002 02:03:35 +0200
>
>     Simon> Uhm, are there any other outstanding PGG problems?  [...]
>     Simon> Or PGP/MIME and S/MIME problems in general?
>
> When compiling cvs gnus (about 12:30 GMT 8 Aug) atop XEmacs-21.4.8
> (xemacs21-nomule_21.4.8-2_i386.deb), Emacs complained about the
> following:
>
> mm-url.el:
>   ** the function encode-coding-string is not known to be defined.
>
> mm-util.el:
>   ** the function detect-coding-region is not known to be defined.
>
> pgg-parse.el:
>   ** reference to free variable pgg-parse-crc24
>   ** The following functions are not known to be defined: 
>     define-ccl-program, ccl-execute-on-string, pgg-parse-crc24-string
>
> pgg.el:
>   ** The following functions are not known to be defined: 
>     decode-coding-region, encode-coding-region

Gnus is written to not generate warnings under Emacs only, according
to the manual.  Those warnings are harmless, but if someone knows how
to avoid them, patches are welcome...

> What is a convenient unambiguous way to identify the particular cvs
> version used?  How come folks don't often seem to bother?

CVS revision of the files used is probably the only way.  If you
updated all files, CVS revision of lisp/ChangeLog is probably enough.
I guess (hope) people update to latest CVS before reporting problems.

Re: pgg doesn't seem to like me

[Simon Josefsson]

Raymond Scholz <rscholz@zonix.de> writes:

> * Simon Josefsson <jas@extundo.com> wrote:
>
>> Uhm, are there any other outstanding PGG problems?  I may have missed
>> them.  Or PGP/MIME and S/MIME problems in general?
>
> Trying to send something with "method=pgp mode=signencrypt" and 
> (mml-signencrypt-style "pgp" 'combined) gives me the following backtrace:
>
> Debugger entered--Lisp error: (wrong-number-of-arguments #[(cont) "Á\b!	ÂÃ!" [cont mml1991-encrypt error "Encryption failed... inspect message logs for errors"] 2] 2)

Do you still see this?  I can't reproduce it.  Can you M-x
load-library RET mml1991.el RET to get a better backtrace?

> BTW: after seeing this I'm unable to send any _news_ posting?!
>
> message-send-mail-with-sendmail: Sending...failed to No recipient addresses found in header; 

This is weird, the MML1991 stuff shouldn't leave any permanent state
that can affect future messages.  Hm.  Could you edebug m-s-m-w-s to
see what happens to the headers?  Or debug sendmail somehow, to see
what data is piped to it.

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

> Using (mml-signencrypt-style "pgpmime" 'combined) and
> (mml-signencrypt-style "pgp" 'combined) with a cvs gotten about 14:00
> GMT Oct 5:

Shouldn't those things be customized instead of calling functions,
btw?  I made the `mml-signencrypt-style-alist' variable customizable.
Calling the functions should still work though.

> Signed only pgpmime messages look ok when mailed to myself and
> verified by gnus.

Good.

> Encrypted pgpmime (combined) messages mailed to myself show extraneous
> Ctrl-M characters at the end of all body lines.

I can't reproduce this with PGG and GnuPG CVS.  Do you use PGG?  Which
OpenPGP implementation?  Does this patch help?

--- mml2015.el.~6.53.~	2002-10-04 00:56:39.000000000 +0200
+++ mml2015.el	2002-10-10 00:33:58.000000000 +0200
@@ -662,6 +662,9 @@
 	(if (condition-case err
 		(prog1
 		    (pgg-decrypt-region (point-min) (point-max))
+		  (goto-char (point-min))
+		  (while (search-forward "\r\n" nil t)
+		    (replace-match "\n" t t))
 		  (setq decrypt-status 
 			(with-current-buffer mml2015-result-buffer
 			  (buffer-string))))

> Signed only pgp messages mailed to myself are QP encoded and show
> extraneous Ctrl-M characters at the end of all body lines when
> verified and displayed by gnus.

I think I fixed the QP, but I don't see the ^M.

> Encrypted pgp (combined) messages are not encoded, signed, nor
> encrypted.

Or sent, as it generated a elisp error, I presume.  I think I fixed
this.

> I have no experience with mime so perhaps my expectations need
> adjustment, but I would expect to see the same thing _in the message
> body_ in a gnus buffer when reading a mail composed in gnus and sent
> to myself as I see at the command line with something like the
> following (using mh mailboxes, textfile contains only body text).
>
>         cat textfile|gpg -sat|/usr/sbin/sendmail myself; cat inbox/1
>
>         cat textfile|gpg -seatr myself|/usr/sbin/sendmail myself
>         cat inbox/1|gpg
>
> In other words, why should gnus pgp muck with pgp not mime?
> Mhe/mailcrypt does not.  Gnus/mailcrypt does not[1].

Do you still see any differences?

> Other issues
>
> How about a keybinding if not also a menue option for
>
>         gpg option throw-keyid
>
>         sign/encrypt individual mime parts
>
>         snarf keys
>
>         insert public key        
>
> How about a method for adding arbitrary gpg options

I added the second one, patches for the others accepted.

Re: pgg doesn't seem to like me

[Simon Josefsson]

Simon Josefsson <jas@extundo.com> writes:

> Raymond Scholz <rscholz@zonix.de> writes:
>
>> * Simon Josefsson <jas@extundo.com> wrote:
>>
>>> Uhm, are there any other outstanding PGG problems?  I may have missed
>>> them.  Or PGP/MIME and S/MIME problems in general?
>>
>> Trying to send something with "method=pgp mode=signencrypt" and 
>> (mml-signencrypt-style "pgp" 'combined) gives me the following backtrace:
>>
>> Debugger entered--Lisp error: (wrong-number-of-arguments #[(cont) "Á\b!	ÂÃ!" [cont mml1991-encrypt error "Encryption failed... inspect message logs for errors"] 2] 2)
>
> Do you still see this?  I can't reproduce it.  Can you M-x
> load-library RET mml1991.el RET to get a better backtrace?

Never mind, I think I fixed this.  Did I?

Re: pgg doesn't seem to like me

[Simon Josefsson]

Andreas Fuchs <asf@void.at> writes:

> On 2002-10-06, Simon Josefsson <jas@extundo.com> wrote:
>> Uhm, are there any other outstanding PGG problems?  I may have missed
>> them.  Or PGP/MIME and S/MIME problems in general?
>
> Reading a mail encrypted for another key-id than the default one
> doesn't DTRT: pgg tries to decrypt the mail for the default key-id,
> which fails and then just displays the message to me. 
>
> Is it possible to divine the key-id to which a message was encrypted
> From the mail? I have seen pgg ask me if I want to download public
> keys, could it also ask for the right key-id's password?

I think it does this now.

2002-10-10  Simon Josefsson  <jas@extundo.com>

	* pgg.el (pgg-decrypt-region): Bind pgg-default-user-id to
	key-identifier in packet.  Is this a good idea?

Index: pgg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/pgg.el,v
retrieving revision 6.4
retrieving revision 6.5
diff -u -p -r6.4 -r6.5
--- pgg.el	2002/10/09 23:45:01	6.4
+++ pgg.el	2002/10/10 01:22:42	6.5
@@ -172,10 +172,20 @@ If optional argument SIGN is non-nil, do
 (defun pgg-decrypt-region (start end)
   "Decrypt the current region between START and END."
   (interactive "r")
-  (let ((status
-	 (pgg-save-coding-system start end
-	   (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme)
-		       (point-min) (point-max)))))
+  (let* ((buf (current-buffer))
+	 (packet (cdr (assq 1 (with-temp-buffer
+				(insert-buffer buf)
+				(pgg-decode-armor-region
+				 (point-min) (point-max))))))
+	 (key (cdr (assq 'key-identifier packet)))
+	 (pgg-default-user-id 
+	  (if key
+	      (concat "0x" (pgg-truncate-key-identifier key))
+	    pgg-default-user-id))
+	 (status
+	  (pgg-save-coding-system start end
+	    (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme)
+			(point-min) (point-max)))))
     (when (interactive-p)
       (pgg-display-output-buffer start end status))
     status))

Re: pgg doesn't seem to like me

[Simon Josefsson]

Clemens Fischer <ino@despammed.com> writes:

> Andreas Fuchs <asf@void.at>:
>
>> Is it possible to divine the key-id to which a message was encrypted
>> From the mail? I have seen pgg ask me if I want to download public
>> keys, could it also ask for the right key-id's password?
>
> i got a question on this one:  why does pgg sometimes ask if it should
> get a public key and sometimes it lets a message silently fail for not
> having that key?  shouldn't it ask always?  i have the *-option
> variables set to 'known, and the method set to "pgpmime", because i
> want to be able to encrypt/sign/decrypt multiparts.  is this thinking
> correct?  basically, each part could be encoded and encrypted with a
> "pgp" method as well, i guess.

PGG only asks if it is able to extract a key-identifier from the
OpenPGP message.  Perhaps someone sends signed messages without the
key identifier?  Maybe you can dissect the OpenPGP message and look.

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

> When I say "y" it fails because my system is not set up to allow any
> random process to willy-nilly access any random outside entity.

Maybe you can frob `pgg-default-keyserver-address'.  But I don't think
the keyserver stuff in PGG should be used if GnuPG is used, the GnuPG
keyserver support is better and more likely to be set up correctly.

I added a variable `pgg-query-keyserver' that toggles whether PGG
fetches keys.  It defaults to nil.  Presumably, only non-GnuPG users
would want to toggle this.

> Gpg has had workable key fetching for a long time.  Key fetching was
> substantially improved in gnupg-1.0.7 and much improved again in
> gnupg-2.0.0.  Gnupg is committed to coordinating key fetch with the
> improvements under way with many public key servers.  IIRC more key
> fetching improvements are slated for gnupg-2.0.1.  This is to suggest
> that users would be better served were gnus to let default key
> fetching be left to the user's gpg and optioned by ~/.gnupg/gpg.conf.

One argument for PGG to fetch keys is that GnuPG's key fetching is
disabled by default, and a mail reader without key fetching is pretty
useless.  Perhaps GnuPG should not be changed, but most common GnuPG
distributions like Debian packages and RedHat packages should enable
some keyserver by default, I think.

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Thu, 10 Oct 2002 02:13:38 +0200

    Simon> jam@jamux.com (John A. Martin) writes:
    >> Using (mml-signencrypt-style "pgpmime" 'combined) and
    >> (mml-signencrypt-style "pgp" 'combined) with a cvs gotten about
    >> 14:00 GMT Oct 5:

    Simon> Shouldn't those things be customized instead of calling
    Simon> functions, btw?  I made the `mml-signencrypt-style-alist'
    Simon> variable customizable.  Calling the functions should still
    Simon> work though.

Somewhere it was stated to use the `mml-signencrypt-style' function.
I'm no great fan of custom and neither it seems is the author of the
the XEmacs-21.4.8 sample.init.el. :)

    >> Signed only pgpmime messages look ok when mailed to myself and
    >> verified by gnus.

Still OK using XEmacs-21.4.8 (xemacs21-nomule_21.4.8-2_i386.deb) and
the cvs with lisp/ChangeLog/6.1598/Thu Oct 10 01:40:39 2002// with gpg
as follows.

,----[ GnuPG-1.2.0 gpg.conf ]
| no-greeting
| lock-once
| no-version
| openpgp
| default-key 0xbfe25f2f
| #no-default-keyring
| 
| keyserver x-hkp://wwwkeys.us.pgp.net
| keyserver-options auto-key-retrieve include-disabled include-revoked
| 
| #show-photos
| 
| # "Encrypt to self"
| encrypt-to 0xbfe25f2f
| 
| # Non-compliant to OpenPGP rfc2440
| escape-from-lines
| 
| # Read only keyrings
| keyring /usr/share/keyrings/debian-keyring.gpg
| keyring /usr/share/keyrings/debian-keyring.pgp
| 
| group peon@jamux.com=0xb870dab6 0xd5c296f2 0x7df7d271
`----

    >> Encrypted pgpmime (combined) messages mailed to myself show
    >> extraneous Ctrl-M characters at the end of all body lines.

    Simon> I can't reproduce this with PGG and GnuPG CVS.  Do you use
    Simon> PGG?  Which OpenPGP implementation?  Does this patch help?

    Simon> --- mml2015.el.~6.53.~ 2002-10-04 00:56:39.000000000 +0200
    Simon> +++ mml2015.el 2002-10-10 00:33:58.000000000 +0200
    Simon> @@ -662,6 +662,9 @@
    Simon>  	(if (condition-case err
    Simon>  		(prog1
    Simon>  		    (pgg-decrypt-region (point-min)
    Simon>  		    (point-max))
    Simon> + (goto-char (point-min))
    Simon> + (while (search-forward "\r\n" nil t)
    Simon> + (replace-match "\n" t t))
    Simon>  		  (setq decrypt-status
    Simon>  			(with-current-buffer
    Simon>  			mml2015-result-buffer
    Simon>  			  (buffer-string))))

pgg gives no change from before with the setup above with or without
the patch.  As before, the same messages decrypted by gpg on the
command line or by mhe/mailcrypt are OK.

    >> Signed only pgp messages mailed to myself are QP encoded and
    >> show extraneous Ctrl-M characters at the end of all body lines
    >> when verified and displayed by gnus.

    Simon> I think I fixed the QP, but I don't see the ^M.

Still same as before with or without the patch above.

    >> Encrypted pgp (combined) messages are not encoded, signed, nor
    >> encrypted.

    Simon> Or sent, as it generated a elisp error, I presume.  I think
    Simon> I fixed this.

Before, no elisp error and the messages were sent plaintext!

Now encrypted pgp (combined) messages are signed and encrypted but
when decrypted in gnus show extraneous Ctrl-M characters at the end of
all body lines.  The same messages decrypted by gpg on the command
line or by mhe/mailcrypt are OK.

    >> cat textfile|gpg -sat|/usr/sbin/sendmail myself; cat inbox/1
    >>
    >> cat textfile|gpg -seatr myself|/usr/sbin/sendmail myself
    >> cat inbox/1|gpg
    >>
    >> In other words, why should gnus pgp muck with pgp not mime?
    >> Mhe/mailcrypt does not.  Gnus/mailcrypt does not[1].

    Simon> Do you still see any differences?

No change from before except that the pgp(no-mime) encrypted messages
are signed and encrypted but gnus shows the ^M.  The pgp(no-mime)
signed messages are QP and so not verified by gpg on the command line.

Is there an easy way to tell for sure that the messages are being
processed by pgg and not by anyone else that should not be involved.

Since the encrypted messages look OK when decrypted on the command
line maybe something wrong is happening after gnus decrypting?

        jam

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAj2lCDQACgkQUEvv1b/iXy90AwCfef1m3bl+mmLOUI2yjw8nIk+P
K1EAnArCaVEppnyxRUvZ5GSkG3+O1bPC
=+9LI
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Andreas Fuchs]

[-- Attachment #1: Type: text/plain, Size: 659 bytes --]

Today, Simon Josefsson <jas@extundo.com> wrote:
> Andreas Fuchs <asf@void.at> writes:
>> Is it possible to divine the key-id to which a message was encrypted
>> From the mail? I have seen pgg ask me if I want to download public
>> keys, could it also ask for the right key-id's password?
> 
> I think it does this now.

Hm, yes, it shows me a decrypted message, but it still asks for the
password of the default-user-id. When I enter the password of the
"right" key at this prompt, pgg decrypts the message.

-- 
Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs
Was I helpful?  Let others know:
http://svcs.affero.net/rm.php?r=antifuchs

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg doesn't seem to like me

[Josh Huber]

jam@jamux.com (John A. Martin) writes:

> Somewhere it was stated to use the `mml-signencrypt-style' function.
> I'm no great fan of custom and neither it seems is the author of the
> the XEmacs-21.4.8 sample.init.el. :)

:) I'm the one who suggested it, also because I wrote it.

My original reason for using the function was I was changing the
layout of the data structure at the time...

Now that it's been stable for a while, using custom seems okay with
me.  I'll still use the function :)

-- 
Josh Huber

Re: pgg doesn't seem to like me

[John A. Martin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Simon" == Simon Josefsson
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Thu, 10 Oct 2002 02:13:38 +0200

    Simon> Does this patch help?

    Simon> --- mml2015.el.~6.53.~ 2002-10-04 00:56:39.000000000 +0200
    Simon> +++ mml2015.el 2002-10-10 00:33:58.000000000 +0200
    Simon> @@ -662,6 +662,9 @@
    Simon>  	(if (condition-case err
    Simon>  		(prog1
    Simon>  		    (pgg-decrypt-region (point-min)
    Simon>  		    (point-max))
    Simon> + (goto-char (point-min))
    Simon> + (while (search-forward "\r\n" nil t)
    Simon> + (replace-match "\n" t t))
    Simon>  		  (setq decrypt-status
    Simon>  			(with-current-buffer
    Simon>  			mml2015-result-buffer
    Simon>  			  (buffer-string))))

With that patch in place my xemacs process disappeared while trying to
verify an armored PGP signed message that was also QP encoded.

,----[ On the command line: GnuPG-1.2.0 ]
| jam@athene:~/tmp$ cat ~/Mail/gnupg-users/9608|gpg --verify -vv
| gpg: armor: BEGIN PGP SIGNED MESSAGE
| gpg: armor header: Hash: RIPEMD160
| :packet 63: length 11 - gpg control packet
| gpg: armor: BEGIN PGP SIGNATURE
| gpg: armor header: Version: GnuPG v1.2.0 (GNU/Linux)
| gpg: armor header: Comment: Keys- http://www.geocities.com/burns98/rb_pub_keys.txt
| :literal data packet:
|         mode t, created 0, name="",
|         raw data: 0 bytes
| gpg: original file name=''
| gpg: CRC error; a4dfc8 - dc3a4d
| :signature packet: algo 17, keyid 84D2DA4D2CECAE1F
|         version 3, created 1034133720, md5len 5, sigclass 01
|         digest algo 3, begin of digest 5e 34
|         data: [159 bits]
|         data: [158 bits]
| gpg: quoted printable character in armor - probably a buggy MTA has been used
`----

Actually, I think the mail was from a buggy MUA.

,----
| User-Agent: KMail/1.4.1
| MIME-Version: 1.0
| Content-Transfer-Encoding: quoted-printable
`----

After reverting the patch a new XEmacs Gnus verified that mail and
another similar mail without incident.

>>>>> "jam" == John A Martin
>>>>> "Re: pgg doesn't seem to like me"
>>>>>  Thu, 10 Oct 2002 00:55:27 -0400

    jam> Since the encrypted messages look OK when decrypted on the
    jam> command line maybe something wrong is happening after gnus
    jam> decrypting?

Also, I see no extraneous ^M line ending characters when verifying
armored signed mail, KMail broken armored mail, or pgpmime signed mail
_from the wild_

I see no extraneous ^M in the product of Gnus decryption of armored
"PGP MESSAGES" (no mime) from the wild.  I don't see mail from the
wild pgpmime encrypted to me because, so far, I don't do MIME in
public.

Another point.  When my Gnus decrypts a my Gnus pgpmime signencrypt'ed
message that will show extraneous ^M characters, the minibuffer shows
something like

,----
| Unknowm encoding quoted printable ^M; defaulting to 8bit
`----

I do not see this when decrypting Gnus pgp(no-mime).

How can I get closer to this (these) problem(s)?

        jam

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAj2llKoACgkQUEvv1b/iXy8p5gCePzjoQbnFOvLtB9tO9g5YBEp5
eRYAn1FnWROa7uckr9bSKx5qVSGlToP8
=55V6
-----END PGP SIGNATURE-----

Re: pgg doesn't seem to like me

[Simon Josefsson]

Andreas Fuchs <asf@void.at> writes:

> Today, Simon Josefsson <jas@extundo.com> wrote:
>> Andreas Fuchs <asf@void.at> writes:
>>> Is it possible to divine the key-id to which a message was encrypted
>>> From the mail? I have seen pgg ask me if I want to download public
>>> keys, could it also ask for the right key-id's password?
>> 
>> I think it does this now.
>
> Hm, yes, it shows me a decrypted message, but it still asks for the
> password of the default-user-id. When I enter the password of the
> "right" key at this prompt, pgg decrypts the message.

Hm, maybe the message doesn't include a OpenPGP key-identifier?  PGG
parses the message and looks for it, and uses it in the prompt for
your password.  If there isn't a key-identifier, PGG should use the
default username.

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

>     >> Encrypted pgpmime (combined) messages mailed to myself show
>     >> extraneous Ctrl-M characters at the end of all body lines.
>
>     Simon> I can't reproduce this with PGG and GnuPG CVS.  Do you use
>     Simon> PGG?  Which OpenPGP implementation?  Does this patch help?
>
>     Simon> --- mml2015.el.~6.53.~ 2002-10-04 00:56:39.000000000 +0200
>     Simon> +++ mml2015.el 2002-10-10 00:33:58.000000000 +0200
>     Simon> @@ -662,6 +662,9 @@
>     Simon>  	(if (condition-case err
>     Simon>  		(prog1
>     Simon>  		    (pgg-decrypt-region (point-min)
>     Simon>  		    (point-max))
>     Simon> + (goto-char (point-min))
>     Simon> + (while (search-forward "\r\n" nil t)
>     Simon> + (replace-match "\n" t t))
>     Simon>  		  (setq decrypt-status
>     Simon>  			(with-current-buffer
>     Simon>  			mml2015-result-buffer
>     Simon>  			  (buffer-string))))
>
> pgg gives no change from before with the setup above with or without
> the patch.  As before, the same messages decrypted by gpg on the
> command line or by mhe/mailcrypt are OK.

Hm. Can you make a proper bug report (M-x gnus-bug) so I can see which
emacs, operating system, etc you use, and other settings?  Or send me
an encrypted mail, then I can see if it is encrypting or decrypting
that is buggy.

>     >> Signed only pgp messages mailed to myself are QP encoded and
>     >> show extraneous Ctrl-M characters at the end of all body lines
>     >> when verified and displayed by gnus.
>
>     Simon> I think I fixed the QP, but I don't see the ^M.
>
> Still same as before with or without the patch above.

Probably same bug.  Is the message properly verified otherwise?

>     >> Encrypted pgp (combined) messages are not encoded, signed, nor
>     >> encrypted.
>
>     Simon> Or sent, as it generated a elisp error, I presume.  I think
>     Simon> I fixed this.
>
> Before, no elisp error and the messages were sent plaintext!
>
> Now encrypted pgp (combined) messages are signed and encrypted but
> when decrypted in gnus show extraneous Ctrl-M characters at the end of
> all body lines.  The same messages decrypted by gpg on the command
> line or by mhe/mailcrypt are OK.

That's probably good then, only the ^M bug left.

>     >> cat textfile|gpg -sat|/usr/sbin/sendmail myself; cat inbox/1
>     >>
>     >> cat textfile|gpg -seatr myself|/usr/sbin/sendmail myself
>     >> cat inbox/1|gpg
>     >>
>     >> In other words, why should gnus pgp muck with pgp not mime?
>     >> Mhe/mailcrypt does not.  Gnus/mailcrypt does not[1].
>
>     Simon> Do you still see any differences?
>
> No change from before except that the pgp(no-mime) encrypted messages
> are signed and encrypted but gnus shows the ^M.  

Ok, maybe this is due to some combination of OS and emacs version that
I don't use.

> The pgp(no-mime) signed messages are QP and so not verified by gpg
> on the command line.

I recall some discussion about whether cleartext armored OpenPGP
messages should be QP'd or not when mml1991.el was added, and that the
outcome was that they should.  It seems ugly to me, and I don't see
why it would be necessary, but maybe I forgot.

> Is there an easy way to tell for sure that the messages are being
> processed by pgg and not by anyone else that should not be involved.

Other than checking the configuration or edebugging everything, I
don't know.

> Since the encrypted messages look OK when decrypted on the command
> line maybe something wrong is happening after gnus decrypting?

Yup.  Or your terminal is simply hiding the ^M's...

Re: pgg doesn't seem to like me

[Simon Josefsson]

jam@jamux.com (John A. Martin) writes:

> With that patch in place my xemacs process disappeared while trying to
> verify an armored PGP signed message that was also QP encoded.

XEmacs crashed?  The XEmacs people might want a report...

> | User-Agent: KMail/1.4.1

Yup, I have seen some KMail's send extra ^M's.

> After reverting the patch a new XEmacs Gnus verified that mail and
> another similar mail without incident.

Good.

>     jam> Since the encrypted messages look OK when decrypted on the
>     jam> command line maybe something wrong is happening after gnus
>     jam> decrypting?
>
> Also, I see no extraneous ^M line ending characters when verifying
> armored signed mail, KMail broken armored mail, or pgpmime signed mail
> _from the wild_
>
> I see no extraneous ^M in the product of Gnus decryption of armored
> "PGP MESSAGES" (no mime) from the wild.  I don't see mail from the
> wild pgpmime encrypted to me because, so far, I don't do MIME in
> public.

Sorry if I'm dense, but this is all OK then?

> Another point.  When my Gnus decrypts a my Gnus pgpmime signencrypt'ed
> message that will show extraneous ^M characters, the minibuffer shows
> something like
>
> ,----
> | Unknowm encoding quoted printable ^M; defaulting to 8bit
> `----
>
> I do not see this when decrypting Gnus pgp(no-mime).

The easiest way to solve it is to use combined sign+encrypt (customize
mml-signencrypt-style-alist) when encrypting the mail.  I have put
fixing this properly on my TODO list.  It probably means the mml2015
decrypt code will need to UU/MIME dissect the cleartext decrypted
content.

Re: pgg doesn't seem to like me

[Raymond Scholz]

* Simon Josefsson <jas@extundo.com> wrote:

> Never mind, I think I fixed this.  Did I?

You did.  Thanks.

Cheers, Ray
-- 
Emacs is a fine operating system, but I still prefer UNIX.  
                                        (Tom Christiansen)

Re: pgg doesn't seem to like me

[Andreas Fuchs]

[-- Attachment #1: Type: text/plain, Size: 682 bytes --]

Today, Simon Josefsson <jas@extundo.com> wrote:
> Hm, maybe the message doesn't include a OpenPGP key-identifier?  PGG
> parses the message and looks for it, and uses it in the prompt for
> your password.  If there isn't a key-identifier, PGG should use the
> default username.

Could be, but it decrypts with the right private key... Could a
default-key in ~/.gnupg/options be responsible for that?

Evil things happen when the glue and the glued program outguess
another, we surely have proved that (-:

Thanks for your help (-:
-- 
Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs
Was I helpful?  Let others know:
http://svcs.affero.net/rm.php?r=antifuchs

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: pgg doesn't seem to like me

[Simon Josefsson]

Andreas Fuchs <asf@void.at> writes:

> Today, Simon Josefsson <jas@extundo.com> wrote:
>> Hm, maybe the message doesn't include a OpenPGP key-identifier?  PGG
>> parses the message and looks for it, and uses it in the prompt for
>> your password.  If there isn't a key-identifier, PGG should use the
>> default username.
>
> Could be, but it decrypts with the right private key... Could a
> default-key in ~/.gnupg/options be responsible for that?

Perhaps.  The key parsed by PGG is only used in the passphrase prompt,
so GnuPG's parser might pick another private key.  This works for me
though, I have one default key in the options file and when I send
myself an encrypted mail for another key, PGG finds the key-identifier
option and prompts me for the right key.  Are you using latest CVS?