From: Karl Voit <devnull@Karl-Voit.at>
To: emacs-orgmode@gnu.org
Subject: Re: org-crypt fails if default key is expired while non-default key is to be used
Date: Mon, 23 Jan 2023 15:58:28 +0100 [thread overview]
Message-ID: <2023-01-23T15-55-10@devnull.Karl-Voit.at> (raw)
In-Reply-To: 875ycx7dzx.fsf@localhost
Hi Ihor,
* Ihor Radchenko <yantar92@posteo.net> wrote:
> Karl Voit <devnull@Karl-Voit.at> writes:
>
>> When I invoked org-decrypt-entry, decrypting works like always. Then
>> I modified something in this heading which is tagged with :crypt:.
>> On saving that buffer, org-crypt issues an error message:
>>
>> | Error: (error "GPG error: \"Encrypt failed\", \"Unusable public key:
>> | A1234567; Exit\"")
>>
>> This A1234567 key is my default key and not the org-openpgp-key.
>>
>> org-encrypt-entry is causing this error at:
>>
>> | ;; Text and key have to be identical, otherwise we
>> | ;; re-crypt.
>> | (if (and (equal crypt-key key)
>> | (string= checksum (sha1 contents)))
>> | (get-text-property 0 'org-crypt-text contents)
>> | (epg-encrypt-string epg-context contents crypt-key)))
>>
>> After fixing the expiry date of A1234567, org-crypt was working
>> properly, using the correct org-openpgp-key again.
>>
>> I do think this is wrong behavior: when the default key is expired
>> but a specific secondary key is used, encryption should be possible.
>
> All we do here is calling `epg-encrypt-string' with crypt key obtained
> using `org-crypt-key-for-heading', which see.
>
> May I know how exactly did you set `org-crypt-key'? Do you happen to
> have CRYPTKEY properties somewhere in your buffer?
Sure. My config is on
https://github.com/novoid/dot-emacs/blob/master/config.org and I've
set it with:
(setq org-crypt-key "ABC12345") ;; I may have to mask this online as well ;-)
: grep -i CRYPTKEY *
... is empty when applied to my Org-mode files.
The only thing to fix my situation was to re-import a non-expired
version of my default OpenPGP sec key.
--
get mail|git|SVN|photos|postings|SMS|phonecalls|RSS|CSV|XML into Org-mode:
> get Memacs from https://github.com/novoid/Memacs <
Personal Information Management > http://Karl-Voit.at/tags/pim/
Emacs-related > http://Karl-Voit.at/tags/emacs/
next prev parent reply other threads:[~2023-01-23 14:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-22 17:41 org-crypt fails if default key is expired while non-default key is to be used Karl Voit
2023-01-23 10:16 ` Ihor Radchenko
2023-01-23 14:58 ` Karl Voit [this message]
2023-01-24 9:14 ` Ihor Radchenko
2023-01-29 17:37 ` Karl Voit
2023-01-30 13:53 ` Ihor Radchenko
2023-01-30 22:00 ` Karl Voit
2023-01-31 10:32 ` Ihor Radchenko
2023-04-18 13:28 ` Karl Voit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2023-01-23T15-55-10@devnull.Karl-Voit.at \
--to=devnull@karl-voit.at \
--cc=emacs-orgmode@gnu.org \
--cc=news2042@Karl-Voit.at \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).