bug#22359: 24.5; EasyPG selects wrong key when revoked key is present

[Lars Ingebrigtsen]

Andrea Richiardi <a.richiardi.work@gmail.com> writes:

> - Create GPG identity for address your@email.address
> - Revoke it (for instance):
> gpg -a --gen-revoke BF3B5AFCD4480E60 > BF3B5AFCD4480E60.rev
> gpg --import BF3B5AFCD4480E60.rev
> - Create another GPG identity for address your@email.address

Thanks -- I've now done this (with test@gnus.org).

> - Encrypt a file to that email address ( -*- epa-file-encrypt-to:
> ("your@email.address") -*-) and use extension .gpg
> - Open that file in Emacs

OK, I made this file, test.el.gpg:

------
;; -*- epa-file-encrypt-to: ("test@gnus.org") -*-

(defun test ())
------

And saved it...

And chose the unrevoked key...  And then I killed the buffer and
reloaded it, and then upon saving I got the error you're seeing:

----
Debugger entered--Lisp error: (file-error "Opening output file" "Encrypt 
failed" "Unusable public key: 68122531AABEE4EF; Exit")
  signal(file-error ("Opening output file" "Encrypt failed" "Unusable public
  epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg" 
  apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
  epa-file-handler(write-region nil nil "/tmp/test.el.gpg" nil t "/tmp/test.
  write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
  basic-save-buffer-2()
  basic-save-buffer-1()
  basic-save-buffer(t)
  save-buffer(1)
  funcall-interactively(save-buffer 1)
  call-interactively(save-buffer nil nil)
  command-execute(save-buffer)
  recursive-edit()
  epa--select-keys("Select recipients for encr..." (#s(epg-key :owner-trust 
  epa-select-keys(#s(epg-context :protocol OpenPGP :program "/usr/bin/gpg2" 
  epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg" 
  apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
  write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
  basic-save-buffer-2()
  basic-save-buffer-1()
  basic-save-buffer(t)
  save-buffer(1)
  funcall-interactively(save-buffer 1)
  call-interactively(save-buffer nil nil)
  command-execute(save-buffer)
  recursive-edit()
  epa--select-keys("Select recipients for encr..." (#s(epg-key :owner-trust 
  epa-select-keys(#s(epg-context :protocol OpenPGP :program "/usr/bin/gpg2" 
  epa-file-write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg" 
  apply(epa-file-write-region (nil nil "/tmp/test.el.gpg" nil t "/tmp/test.e
  epa-file-handler(write-region nil nil "/tmp/test.el.gpg" nil t "/tmp/test.
  write-region(nil nil "/tmp/test.el.gpg" nil t "/tmp/test.el.gpg")
  basic-save-buffer-2()
  basic-save-buffer-1()
  basic-save-buffer(nil)
  save-buffer()
  write-file("/tmp/test.el.gpg" t)
  funcall-interactively(write-file "/tmp/test.el.gpg" t)
  call-interactively(write-file nil nil)
  command-execute(write-file)
----

Phew!

And it is indeed choosing the first (and revoked key).

And...  filtering the revoked keys seems simple enough, so I've now done
this in Emacs 28.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no