Ihor Radchenko writes: > "Christopher M. Miles" writes: > >> I downgrade gnupg, then the problem solved. But the downgrade version is >> very old (gnupg@2.4.1 -> gnupg@2.2.41). I suspend problem is somewhere >> else, like Emacs interaction with GnuPG process. > > Do you have any issues decrypting and encrypting files from command > line? If no, what about from M-x shell? If yet no, what if you call gpg > via `start-process'? > - [X] test decrypt & encrypt in terminal with gpg command. -> works fine. - [X] test decrypt & encrypt in Emacs =[M-x shell]= with gpg command. -> works fine. #+begin_example bash-5.2$ bash-5.2$ bash-5.2$ pwd /Users/stardiviner/.config/emacs/secrets bash-5.2$ gpg -d authinfo.gpg > authinfo gpg: encrypted with rsa2048 key, ID 0251FA6886EB6B77, created 2015-01-31 "stardiviner (numbchild@gmail.com) " gpg: encrypted with rsa2048 key, ID AEDA8A17BB08B786, created 2012-03-02 "Christopher Miles (stardiviner, numbchild) " gpg: using "F09F650D7D674819892591401B5DF1C95AE89AC3" as default secret key for signing bash-5.2$ ls accounts.json.gpg authinfo authinfo.gpg bash-5.2$ #+end_example - [X] test decrypt & encrypt in Emacs with ~start-process~ -> works fine #+begin_src emacs-lisp :dir "~/.config/emacs/secrets/" :results output (let ((output-buffer "*gnupg-decrypt*")) (pwd) (when (get-buffer output-buffer) (with-current-buffer (get-buffer output-buffer) (erase-buffer))) (start-process "gnupg-testing" output-buffer "gpg" "--decrypt" "authinfo.gpg" ;; ">" "authinfo" ) (sleep-for 2) (print (with-current-buffer (get-buffer output-buffer) (buffer-substring-no-properties (point-min) (point-max))))) #+end_src >> 4. I press =[C-g]= to quit got following stacktrace: >> >> #+begin_example >> Debugger entered--Lisp error: (quit) >> accept-process-output(# 1) > > This certainly looks like gpg itself is waiting for something and Emacs > is waiting for gpg... > >> When I save modified "=~/.config/emacs/secrets/authinfo.gpg=", got prompt: >> >> #+begin_example >> Untrusted key AEDA8A17BB08B786 Christopher Miles (stardiviner, numbchild) . Use anyway? (y or n) >> #+end_example > >> If I input "n" for prompt: >> >> #+begin_example >> Debugger entered--Lisp error: (file-error "Opening output file" "Encrypt failed" "Unusable public key: B8C4B8E547C32433 (key not tru...") > > This reminds me of https://orgmode.org/list/2023-01-22T18-32-17@devnull.Karl-Voit.at > CC-ing Karl as he might be interested to join this discussion. > His error indeed same with mine. I have read email and check my private key. Here is my private key info: Check out my private key info: #+begin_src sh # gpg -K gpg --list-secret-keys --verbose --with-subkey-fingerprints #+end_src #+RESULTS[(2023-05-03 01:41:09) 80ae7b09060704481af2e01ae6f6086262d4a05c]: #+begin_example /Users/stardiviner/.gnupg/pubring.kbx ------------------------------------- sec rsa2048 2015-01-31 [SC] F09F650D7D674819892591401B5DF1C95AE89AC3 uid [ultimate] stardiviner (numbchild@gmail.com) uid [ultimate] stardiviner (Christopher Miles) uid [ultimate] [jpeg image of size 3384] ssb rsa2048 2015-01-31 [E] 32A8581A6E137ABD26DA2F570251FA6886EB6B77 #+end_example >> - [X] find bellowing two key ID belongs where >> >> Untrusted key "AEDA8A17BB08B786" ---> fingerprint "0DEF7425E79FE2E0090B424BAEDA8A17BB08B786" --> my old key >> ((invalid-recipient (reason . 10) (requested . "B8C4B8E547C32433"))) --> "F09F650D7D674819892591401B5DF1C95AE89AC3" --> my current new gnupg key >> >> Question: I don't know why my current gnupg key and old gnupg key are together. >> >> Here is my Emacs EasyPG (epa) config: >> >> #+begin_src emacs-lisp >> (use-package epa >> ;; force Emacs to use its own internal password prompt instead of an external >> ;; pinentry program. >> :preface (setenv "GPG_AGENT_INFO" nil) > > I do not use this setting on my side and simply stick to gtk password > prompt. > I check my pinentry on macOS. Found package "pinentry-mac" installed by Homebrew. Then I use it as pinentry-program in "gpg-agent.conf" config file. Then I tested by remove upper (setenv "GPG_AGENT_INFO" nil) line. Restart Emacs still same problem. Then I disable my "epa" config, restart Emacs, still same problem. > Not sure if it is of any help, but on my side I used > https://wiki.gentoo.org/wiki/GnuPG for GPG configuration. That wiki > page is rather detailed - you might find some clues. > > Also, my gpg config, for reference > https://github.com/yantar92/emacs-config/blob/master/system-config.org#gpg Thanks for sharing helpful links. I read whole page of Gentoo wiki of GnuPG. I have not found clue about my problem. I Googled more similar search query keywords. Still no clue. Paste my gpg.conf here for reference: #+begin_src conf default-recipient stardiviner require-cross-certification charset utf-8 keyserver hkp://keys.gnupg.net auto-key-retrieve pinentry-mode loopback default-key F09F650D7D674819892591401B5DF1C95AE89AC3 encrypt-to 32A8581A6E137ABD26DA2F570251FA6886EB6B77 # default-key 1B5DF1C95AE89AC3 # encrypt-to 0251FA6886EB6B77 # gpg-agent use-agent cert-digest-algo SHA256 no-emit-version no-comments personal-cipher-preferences AES AES256 AES192 CAST5 personal-digest-preferences SHA256 SHA512 SHA384 SHA224 ignore-time-conflict allow-freeform-uid #+end_src -- [ stardiviner ] I try to make every word tell the meaning that I want to express without misunderstanding. Blog: https://stardiviner.github.io/ IRC(libera.chat, freenode): stardiviner, Matrix: stardiviner GPG: F09F650D7D674819892591401B5DF1C95AE89AC3