Split GPG support for EasyPG #2057

dschoepe · Jun 9, 2016

Qubes OS version (e.g., `R3.1`):

R3.1

Affected TemplateVMs (e.g., `fedora-23`, if applicable):

fedora-23, probably all others as well.

Expected behavior:

When using Emacs-based mail clients supporting GPG through the EasyPG library, a split GPG setup in Qubes should work for signing and encrypting mails.

Actual behavior:

qubes-gpg-client reports unsupported options, such as "--yes", "--command-fd", and "--output".

Steps to reproduce the behavior:

Set up Split GPG
Set epg-gpg-program variable in emacs to qubes-gpg-client.
Try to sign a mail in an emacs-based client, such as notmuch.

General notes:

Since EPG is used by several Emacs-based mail clients, supporting the options it uses in qubes-split-gpg would be helpful in making Split GPG usable in more setups.

Related issues:

--yes and --output are already implemented as part of #1940. As for --command-fd - it requires some more evaluation to not allow any risky operation (like exporting private key in extreme case). In theory it is only about questions asked by GPG as part of requested command (determined by other command line options), but some confirmation would be nice.

marmarek · Jun 9, 2016

--yes and --output are already implemented as part of #1940. As for --command-fd - it requires some more evaluation to not allow any risky operation (like exporting private key in extreme case). In theory it is only about questions asked by GPG as part of requested command (determined by other command line options), but some confirmation would be nice.

Check latest version (2.0.20) - it should support all the options you've requested.

marmarek · Jun 10, 2016

Check latest version (2.0.20) - it should support all the options you've requested.

Assuming it works now (see previous comment). If not, leave a comment.

marmarek · Jun 20, 2016

Assuming it works now (see previous comment). If not, leave a comment.

On 2016-07-08 21:12, Niels Kobschätzki wrote:

when I try to use mu4e with easy pg to do anything with mails I just get a GPG-error.
For example with epa-mail-sign I get: GPG-error: "Sign failed", "Exit" after
Qubes asks me to access my gpg-keys and allowing to do so.
My vault with my gpg-keys is accessed and mutt/split-gpg works fine. Does anyone
have an idea what the problem could be?

andrewdavidwong · Jul 10, 2016

On 2016-07-08 21:12, Niels Kobschätzki wrote:

when I try to use mu4e with easy pg to do anything with mails I just get a GPG-error.
For example with epa-mail-sign I get: GPG-error: "Sign failed", "Exit" after
Qubes asks me to access my gpg-keys and allowing to do so.
My vault with my gpg-keys is accessed and mutt/split-gpg works fine. Does anyone
have an idea what the problem could be?

It might be a problem with emacs 24. So now I updated to emacs 25 and after trying to sign the first time I get

gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/home/user/.gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

And after the first time

Error while signing with "/usr/bin/qubes-gpg-client":

gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

It can't find public keys either.
I also tried /usr/bin/qubes-gpg-client-wrapper.

nielsk · Jul 10, 2016

It might be a problem with emacs 24. So now I updated to emacs 25 and after trying to sign the first time I get

gpg: starting migration from earlier GnuPG versions
gpg: porting secret keys from '/home/user/.gnupg/secring.gpg' to gpg-agent
gpg: migration succeeded
gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

And after the first time

Error while signing with "/usr/bin/qubes-gpg-client":

gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

It can't find public keys either.
I also tried /usr/bin/qubes-gpg-client-wrapper.

What happens when you manually list keys? Like this:
qubes-gpg-client --list-secret-keys

And then, check if you really have those private keys in that backend
domain:
gpg2 --list-secret-keys (in backend domain)

If your keys are there, maybe it's only about specifying which one
should be used? For example in .gnupg/gpg.conf - default-key option (in
backend domain).

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

marmarek · Jul 10, 2016

What happens when you manually list keys? Like this:
qubes-gpg-client --list-secret-keys

And then, check if you really have those private keys in that backend
domain:
gpg2 --list-secret-keys (in backend domain)

If your keys are there, maybe it's only about specifying which one
should be used? For example in .gnupg/gpg.conf - default-key option (in
backend domain).

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

manually listing: works
listing in backend domain: works
I set the default-key in my backend domain: same error

And when I use mutt in my mail-domain, split-gpg works fine

nielsk · Jul 10, 2016

manually listing: works
listing in backend domain: works
I set the default-key in my backend domain: same error

And when I use mutt in my mail-domain, split-gpg works fine

Can you check what exact parameters are passed to qubes-gpg-client from
mu4e? Maybe it's trying to use some different key or so...

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

marmarek · Jul 10, 2016

Can you check what exact parameters are passed to qubes-gpg-client from
mu4e? Maybe it's trying to use some different key or so...

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

Tbh: I googled around and I have seriously no idea how to do that. I will write the emacs-ML, maybe someone can help me there

nielsk · Jul 10, 2016

Tbh: I googled around and I have seriously no idea how to do that. I will write the emacs-ML, maybe someone can help me there

On Sun, Jul 10, 2016 at 02:14:27AM -0700, Niels Kobschätzki wrote:

Tbh: I googled around and I have seriously no idea how to do that. I will write the emacs-ML, maybe someone can help me there

If you use qubes-gpg-client-wrapper, simply add some logging at the
beginning, like echo $@ >> /tmp/log.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

marmarek · Jul 10, 2016

On Sun, Jul 10, 2016 at 02:14:27AM -0700, Niels Kobschätzki wrote:

Tbh: I googled around and I have seriously no idea how to do that. I will write the emacs-ML, maybe someone can help me there

If you use qubes-gpg-client-wrapper, simply add some logging at the
beginning, like echo $@ >> /tmp/log.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

Thanks.
So emacs25 behaved weird. That showed with every operation only "--with-colons --list-config"

Now, I downgraded back to emacs24. This is able to list public and secret keys but signing etc won't work

A sign shows the following:

--with-colons --list-config
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --output /tmp/epg-output5325wDi --clearsign

An encrypt-action to my mail-address shows:

--with-colons --list-config
--with-colons --no-greeting --batch --with-fingerprint --with-fingerprint --fixed-list-mode --list-keys <my@mail.net>
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --armor --textmode --output /tmp/epg-output5325BRR --encrypt -r C186057EF1E416F2

And a decrypt

--with-colons --list-config
--with-colons --no-greeting --batch --with-fingerprint --with-fingerprint --fixed-list-mode --list-keys <my@mail.net>
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --armor --textmode --output /tmp/epg-output5325BRR --encrypt -r C186057EF1E416F2

The my@mail.net might be a problem since gpg expects my@mail.net without <>

nielsk · Jul 10, 2016

Thanks.
So emacs25 behaved weird. That showed with every operation only "--with-colons --list-config"

Now, I downgraded back to emacs24. This is able to list public and secret keys but signing etc won't work

A sign shows the following:

--with-colons --list-config
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --output /tmp/epg-output5325wDi --clearsign

An encrypt-action to my mail-address shows:

--with-colons --list-config
--with-colons --no-greeting --batch --with-fingerprint --with-fingerprint --fixed-list-mode --list-keys <my@mail.net>
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --armor --textmode --output /tmp/epg-output5325BRR --encrypt -r C186057EF1E416F2

And a decrypt

--with-colons --list-config
--with-colons --no-greeting --batch --with-fingerprint --with-fingerprint --fixed-list-mode --list-keys <my@mail.net>
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --armor --textmode --output /tmp/epg-output5325BRR --encrypt -r C186057EF1E416F2

The my@mail.net might be a problem since gpg expects my@mail.net without <>

On Sun, Jul 10, 2016 at 03:40:29AM -0700, Niels Kobschätzki wrote:

Thanks.
So emacs25 behaved weird. That showed with every operation only "--with-colons --list-config"

And no actual operation just after that? Strange... I've just tried and
"qubes-gpg-client --with-colons --list-config" returns valid output.

Now, I downgraded back to emacs24. This is able to list public and secret keys but signing etc won't work

A sign shows the following:
--with-colons --list-config
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --output /tmp/epg-output5325wDi --clearsign

--enable-progress-filter is not included in the allowed options.
It looks to be safe to simply ignore this option - take a look at
/usr/bin/qubes-gpg-client-wrapper - there is already loop for ignoring
some options - simply add another one.

The my@mail.net might be a problem since gpg expects my@mail.net without <>

Manual call to qubes-gpg-client seems to work either way.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

marmarek · Jul 10, 2016

On Sun, Jul 10, 2016 at 03:40:29AM -0700, Niels Kobschätzki wrote:

Thanks.
So emacs25 behaved weird. That showed with every operation only "--with-colons --list-config"

And no actual operation just after that? Strange... I've just tried and
"qubes-gpg-client --with-colons --list-config" returns valid output.

Now, I downgraded back to emacs24. This is able to list public and secret keys but signing etc won't work

A sign shows the following:
--with-colons --list-config
--no-tty --status-fd 1 --yes --enable-progress-filter --command-fd 0 --output /tmp/epg-output5325wDi --clearsign

--enable-progress-filter is not included in the allowed options.
It looks to be safe to simply ignore this option - take a look at
/usr/bin/qubes-gpg-client-wrapper - there is already loop for ignoring
some options - simply add another one.

The my@mail.net might be a problem since gpg expects my@mail.net without <>

Manual call to qubes-gpg-client seems to work either way.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

emacs25: Yeah, no further operation. It is really weird.
--enable-progress-filter
I added

--enable-progress-filter)
  shift 2
  ;;

That will continue to bring the errors; shift or shift 3 (I tried both not really knowing how shift works) will freeze emacs while signing.
Btw. where can I find the allowed options? There is no man page and --help and -h are invalid options for qubes-gpg-client.

When I tried a mail-address enclosed by <> it didn't work for me. I tried it in bash and fish. It worked only in bash/fish when I surrounded my@mail.net with "

nielsk · Jul 10, 2016

emacs25: Yeah, no further operation. It is really weird.
--enable-progress-filter
I added

--enable-progress-filter)
  shift 2
  ;;

That will continue to bring the errors; shift or shift 3 (I tried both not really knowing how shift works) will freeze emacs while signing.
Btw. where can I find the allowed options? There is no man page and --help and -h are invalid options for qubes-gpg-client.

When I tried a mail-address enclosed by <> it didn't work for me. I tried it in bash and fish. It worked only in bash/fish when I surrounded my@mail.net with "

It should be just shift, just like for --yes.

That will continue to bring the errors; shift or shift 3 (I tried both not really knowing how shift works) will freeze emacs while signing.

So it looks like it isn't harmless to ignore this one...

When I tried a mail-address enclosed by <> it didn't work for me. I tried it in bash and fish. It worked only in bash/fish when I surrounded my@mail.net with "

Yes, otherwise bash will interpret "<" and ">".

Btw. where can I find the allowed options? There is no man page and --help and -h are invalid options for qubes-gpg-client.

Currently, only in source code: https://github.com/QubesOS/qubes-app-linux-split-gpg/blob/master/src/gpg-common.h#L164-L244

marmarek · Jul 10, 2016

It should be just shift, just like for --yes.

That will continue to bring the errors; shift or shift 3 (I tried both not really knowing how shift works) will freeze emacs while signing.

So it looks like it isn't harmless to ignore this one...

When I tried a mail-address enclosed by <> it didn't work for me. I tried it in bash and fish. It worked only in bash/fish when I surrounded my@mail.net with "

Yes, otherwise bash will interpret "<" and ">".

Btw. where can I find the allowed options? There is no man page and --help and -h are invalid options for qubes-gpg-client.

Currently, only in source code: https://github.com/QubesOS/qubes-app-linux-split-gpg/blob/master/src/gpg-common.h#L164-L244

Thanks. Anything else I can do?

nielsk · Jul 10, 2016

Thanks. Anything else I can do?

Which Qubes version?

marmarek · Jul 10, 2016

Which Qubes version?

3.2 RC1

nielsk · Jul 10, 2016

3.2 RC1

Automated announcement from builder-github

The package qubes-gpg-split_2.0.22-1+deb8u1 has been pushed to the r3.2 testing repository for the Debian jessie template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing jessie-testing, then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

QubesOS/qubes-issues

Join GitHub today

Split GPG support for EasyPG #2057

Comments

dschoepe commented Jun 9, 2016

Qubes OS version (e.g., R3.1):

Affected TemplateVMs (e.g., fedora-23, if applicable):

Expected behavior:

Actual behavior:

Steps to reproduce the behavior:

General notes:

Related issues:

andrewdavidwong added enhancement C: other labels Jun 9, 2016

This comment has been minimized.

marmarek commented Jun 9, 2016 • edited Edited 1 time marmarek edited Jun 9, 2016 (most recent)

marmarek added this to the Release 3.0 updates milestone Jun 9, 2016

marmarek added P: major help wanted labels Jun 9, 2016

andrewdavidwong changed the title from Split GPG not working with EasyPG to Split GPG support for EasyPG Jun 9, 2016

andrewdavidwong added a commit that referenced this issue Jun 9, 2016

This comment has been minimized.

marmarek commented Jun 10, 2016

andrewdavidwong added a commit that referenced this issue Jun 11, 2016

marmarek modified the milestones: Release 3.1 updates, Release 3.0 updates Jun 20, 2016

This comment has been minimized.

marmarek commented Jun 20, 2016

marmarek closed this Jun 20, 2016

This comment has been minimized.

andrewdavidwong commented Jul 10, 2016

andrewdavidwong reopened this Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016 • edited Edited 1 time nielsk edited Jul 10, 2016 (most recent)

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016 • edited Edited 1 time nielsk edited Jul 10, 2016 (most recent)

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016

This comment has been minimized.

marmarek commented Jul 10, 2016

This comment has been minimized.

nielsk commented Jul 10, 2016

marmarek self-assigned this Jul 11, 2016

marmarek closed this in marmarek/qubes-app-linux-split-gpg@986f0c9 Jul 11, 2016

This comment has been minimized.

marmarek commented Jul 12, 2016

marmarek added the r3.2-jessie-cur-test label Jul 12, 2016

This comment has been minimized.

marmarek commented Jul 12, 2016

marmarek added the r3.2-stretch-cur-test label Jul 12, 2016

This comment has been minimized.

marmarek commented Jul 12, 2016

marmarek added the r3.2-wheezy-cur-test label Jul 12, 2016

This comment has been minimized.

marmarek commented Jul 12, 2016

marmarek added the r3.2-fc23-cur-test label Jul 12, 2016

This comment has been minimized.

marmarek commented Jul 12, 2016

marmarek added the r3.1-wheezy-stable label Jul 25, 2016

This comment has been minimized.

marmarek commented Jul 25, 2016

marmarek added r3.2-fc23-stable and removed r3.2-fc23-cur-test labels Jul 25, 2016

This comment has been minimized.

marmarek commented Jul 25, 2016

marmarek added r3.2-fc24-stable and removed r3.2-fc24-cur-test labels Jul 25, 2016

This comment has been minimized.

marmarek commented Jul 25, 2016

Qubes OS version (e.g., `R3.1`):

Affected TemplateVMs (e.g., `fedora-23`, if applicable):

marmarek commented Jun 9, 2016 •

edited

Edited 1 time

marmarek edited Jun 9, 2016 (most recent)

nielsk commented Jul 10, 2016 •

edited

Edited 1 time

nielsk edited Jul 10, 2016 (most recent)

nielsk commented Jul 10, 2016 •

edited

Edited 1 time

nielsk edited Jul 10, 2016 (most recent)

marmarek closed this in `marmarek/qubes-app-linux-split-gpg@986f0c9` Jul 11, 2016