Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Decryption fails in v. 3.6.0 #1016

Closed
akwala opened this issue Sep 23, 2018 · 24 comments

Comments

Projects
None yet
4 participants
@akwala
Copy link
Contributor

commented Sep 23, 2018

System: Kubuntu 16.04

I'm seeing this behavior change immediately after the v. 3.6.0 update. Can anyone else reproduce it?

  1. The password entry dialog appears the first time CopyQ is launched after login.
  2. Decryption fails after I've provided the correct password.
  3. The password entry dialog does not appear on subsequent attempts to decrypt.

No decryption related errors are reported in the log (level=TRACE). I've attached what gpg-agent.log reported when I was trying to decrypt.

gpg-agent_copyq.txt

I've set up gpg2 as the default:

$ gpg --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA (1), ELG (16), DSA (17), ECDH (18), ECDSA (19), EDDSA (22)
Cypher: IDEA (S1), 3DES (S2), CAST5 (S3), BLOWFISH (S4), AES (S7),
        AES192 (S8), AES256 (S9), TWOFISH (S10), CAMELLIA128 (S11),
        CAMELLIA192 (S12), CAMELLIA256 (S13)
Hash: SHA1 (H2), RIPEMD160 (H3), SHA256 (H8), SHA384 (H9), SHA512 (H10),
      SHA224 (H11)
Compression: Uncompressed (Z0), ZIP (Z1), ZLIB (Z2), BZIP2 (Z3)

$ gpg2 --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA (1), ELG (16), DSA (17), ECDH (18), ECDSA (19), EDDSA (22)
Cypher: IDEA (S1), 3DES (S2), CAST5 (S3), BLOWFISH (S4), AES (S7),
        AES192 (S8), AES256 (S9), TWOFISH (S10), CAMELLIA128 (S11),
        CAMELLIA192 (S12), CAMELLIA256 (S13)
Hash: SHA1 (H2), RIPEMD160 (H3), SHA256 (H8), SHA384 (H9), SHA512 (H10),
      SHA224 (H11)
Compression: Uncompressed (Z0), ZIP (Z1), ZLIB (Z2), BZIP2 (Z3)

Possibly related to #991.

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 24, 2018

Can you provide log (F12 shortcut)?

@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 24, 2018

Log after launching and attempting to decrypt a few times... (Password entry dialog didn't appear.)

copyq-DEBUG.log

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 24, 2018

That's odd. Can you back up ~/.config/copyq.pub and ~/.config/copyq.sec files in case they get overridden?

How does the configuration for Encryption plugin look like?

If gpg is found and set up it looks like this:

image

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 24, 2018

It could be also a configuration issue. To omit reading configuration, you can try to start CopyQ with:

GNUPGHOME=/tmp/ copyq
@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 24, 2018

The PGP key files get backed up automatically but I copied them to a separate location just in case...

The Encryption plugin shows the location of the pub & sec keys just like your screenshot.

Launching with GNUPGHOME=/tmp/ doesn't look any different...

DEBUG [2018-09-24 13:26:30.052] <Server-4886>: Server "/home/userx/.config/copyq/.copyq_s" started.
DEBUG [2018-09-24 13:26:30.054] <Server-4886>: QtWarning: Icon theme "Oxygen" not found. (:0, )
DEBUG [2018-09-24 13:26:30.054] <Server-4886>: QtWarning: Icon theme "Elementary" not found. (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/16/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/22/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/24/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/32/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/48/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/64/" (:0, )
DEBUG [2018-09-24 13:26:30.057] <Server-4886>: QtWarning: Invalid Context= "stock" line for icon theme:  "/usr/share/icons/ubuntu-mono-light/stock/128/" (:0, )
DEBUG [2018-09-24 13:26:30.058] <Server-4886>: QtWarning: Icon theme "elementary" not found. (:0, )
DEBUG [2018-09-24 13:26:30.092] <Server-4886>: Geometry: Window "ProcessManagerDialog": Restore geometry "Options/ProcessManagerDialog_geometry": 376x276,0,0 -> 848x303,28,22
DEBUG [2018-09-24 13:26:30.104] <Server-4886>: Geometry: Window "MainWindow": Restore geometry "Options/MainWindow_geometry": 645x421,0,0 -> 668x890,1195,66
DEBUG [2018-09-24 13:26:30.104] <Server-4886>: Focus window is "userx@Devx: /home/userx — Konsole"
DEBUG [2018-09-24 13:26:30.109] <Server-4886>: Loading configuration
DEBUG [2018-09-24 13:26:30.154] <Server-4886>: Tab "history": Loading items
DEBUG [2018-09-24 13:26:30.632] <Server-4886>: Configuration loaded
DEBUG [2018-09-24 13:26:30.669] <Server-4886>: Starting monitor
DEBUG [2018-09-24 13:26:30.677] <Server-4886>: Executing: copyq monitorClipboard
DEBUG [2018-09-24 13:26:30.685] <Server-4886>: Got save state request from session manager.
DEBUG [2018-09-24 13:26:31.010] <Server-4886>: Tab "empty": Loading items
DEBUG [2018-09-24 13:26:31.010] <Server-4886>: Tab "empty": 0 items loaded
DEBUG [2018-09-24 13:26:31.022] <monitorClipboard-4894>: Ignoring unchanged selection
DEBUG [2018-09-24 13:26:31.022] <monitorClipboard-4894>: Ignoring unchanged clipboard
DEBUG [2018-09-24 13:26:41.826] <Server-4886>: Focus window is "Plasma"
DEBUG [2018-09-24 13:26:41.834] <Server-4886>: Geometry: Window "MainWindow": Restore geometry "Options/MainWindow_geometry": 668x890,1195,66 -> 668x890,1195,66
DEBUG [2018-09-24 13:26:41.838] <Server-4886>: Raising window "CopyQ"
@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 24, 2018

Following command is used to decrypt encrypted items in CopyQ. Change the tab name (Secrets) and row index (0 in this case) to check it the decryption works.

copyq tab Secrets read application/x-copyq-encrypted 0 | gpg2 --trust-model always --recipient copyq --charset utf-8 --display-charset utf-8 --no-tty --no-default-keyring --keyring ~/.config/copyq/copyq.pub --decrypt
@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 24, 2018

BTW, I just installed Ubuntu 16.04 in Docker container and gpg --version gives me version 1.4.20. Am I missing something?

@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 24, 2018

BTW, I just installed Ubuntu 16.04 in Docker container and gpg --version gives me version 1.4.20. Am I missing something?

That's the default. I've modified it by updating alternatives and symlinks so that 'gpg' points to gpg2.

@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 24, 2018

Following command is used to decrypt encrypted items in CopyQ. Change the tab name (Secrets) and row index (0 in this case) to check it the decryption works.

copyq tab Secrets read application/x-copyq-encrypted 0 | gpg2 --trust-model always --recipient copyq --charset utf-8 --display-charset utf-8 --no-tty --no-default-keyring --keyring ~/.config/copyq/copyq.pub --decrypt

I tried this with a few encrypted tabs and got the following every time (kept row index 0 -- that means "read the first/top item in the tab," yes?) but, as before, the CopyQ log (level=DEBUG) doesn't report any errors:

gpg: enabled debug flags: memstat
gpg: decrypt_message failed: Unknown system error
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: secmem usage: 0/65536 bytes in 0 blocks

The only info I've seen re "Unknown system error" is when "no valid OpenPGP data found" is reported. However, that's not reported in this case. The corresponding entries in gpg-agent.log are similar to the excerpt I attached earlier.

Update: The output of gpg2 is the same with --verbose option -- gpg2 is apparently flummoxed by what it's getting from copyq.

@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

I can confirm that decryption started failing for me in 3.6.0 on Arch Linux. I get the same behavior @akwala is describing- it shows a notification of "Decryption failed!" without prompting for a password.

@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

@hluk when I'm running copyq tab clipboard read application/x-copyq-encrypted 0 in a terminal it finishes without errors (return code 0) and I don't get any output.
I also tried disabling the encryption and it doesn't seem to work. Is it because the data is still encrypted? If so, is there a way for me to manually decrypt it using gpg from the command line so that I can use copyq without encryption for now?

@scottkosty

This comment has been minimized.

Copy link
Collaborator

commented Sep 25, 2018

BTW, I just installed Ubuntu 16.04 in Docker container and gpg --version gives me version 1.4.20. Am I missing something?

On Ubuntu 18.04 the version of gpg is 2.2.4-1ubuntu1.1: https://packages.ubuntu.com/bionic/gpg

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 25, 2018

I cannot reproduce this issue on Ubuntu 16.04 (in Docker with gpg (GnuPG) 2.1.11). No idea what could be wrong.

Does following command work? (It should print HELLO after encrypting/decrypting.)

copyq 'x = plugins.itemencrypted.encrypt("HELLO"); plugins.itemencrypted.decrypt(x)'
@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

Yes, it worked for me (printed "HELLO").

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 25, 2018

Can you paste the encrypt/decrypt commands you use here? This is how to do it:

  • open Command dialog (F6),
  • enter "crypt" to Find text field at top of the dialog,
  • select all items in list starting with Encrypt and Decrypt,
  • press "Copy Selected" button,
  • paste into a comment here (ideally as code -- in between lines with triple backticks -- ```).
@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

[Commands]
1\Command="
    copyq: plugins.itemencrypted.pasteEncryptedItems()"
1\Icon=\xf13e
1\InMenu=true
1\Input=application/x-copyq-encrypted
1\Name=Decrypt and Paste
1\Shortcut=enter
2\Command="
    copyq: plugins.itemencrypted.encryptItems()"
2\Icon=\xf023
2\InMenu=true
2\Input=!OUTPUT
2\Name=Encrypt (needs GnuPG)
2\Output=application/x-copyq-encrypted
2\Shortcut=ctrl+l
3\Command="
    copyq: plugins.itemencrypted.decryptItems()"
3\Icon=\xf09c
3\InMenu=true
3\Input=application/x-copyq-encrypted
3\Name=Decrypt
3\Output=application/x-copyq-item
3\Shortcut=ctrl+l
4\Command="
    copyq: plugins.itemencrypted.copyEncryptedItems()"
4\Icon=\xf13e
4\InMenu=true
4\Input=application/x-copyq-encrypted
4\Name=Decrypt and Copy
4\Shortcut=ctrl+shift+l
size=4
@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 25, 2018

Hmm, the commands look OK.

Can you check that the encrypted items contain application/x-copyq-encrypted format and it has some data? You can verify this by using "Item/Show Content..." (F4 shortcut); selecting the format should show non-zero Size. E.g.:

image

@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

The Item menu is inaccessible (tried the F4 shortcut as well). I guess this is because the items are encrypted and I don't see them in the copyq window (just a lock sign).

@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 25, 2018

You mean the whole tab is encrypted? Can you provide screenshot?

@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 25, 2018

I have encrypted tabs. This shows the clipboard tab which I've named "history".
copyq1809925

@scottkosty

This comment has been minimized.

Copy link
Collaborator

commented Sep 25, 2018

Do we think that 29902cc is indeed the commit that changed behavior? It might be helpful to confirm that (e.g., compile that commit and test and compile the commit before and test). If that's not the commit that changed behavior, a bisect might help? CopyQ is easy and fast to compile, so a bisect should hopefully not take too long.

@akwala

This comment has been minimized.

Copy link
Contributor Author

commented Sep 25, 2018

My commands are the actual gpg commands which look OK...

[Commands]
1\Command="
    gpg --trust-model always --recipient copyq --charset utf-8 --display-charset utf-8 --no-tty --no-default-keyring --secret-keyring /home/userx/.config/copyq/copyq.sec --keyring /home/userx/.config/copyq/copyq.pub --encrypt"
1\Icon=\xf023
1\InMenu=true
1\Input=application/x-copyq-item
1\Name=Encrypt (needs GnuPG)
1\Output=application/x-copyq-encrypted
1\Shortcut=ctrl+l
1\Transform=true
2\Command="
    gpg --trust-model always --recipient copyq --charset utf-8 --display-charset utf-8 --no-tty --no-default-keyring --secret-keyring /home/userx/.config/copyq/copyq.sec --keyring /home/userx/.config/copyq/copyq.pub --decrypt"
2\Icon=\xf09c
2\InMenu=true
2\Input=application/x-copyq-encrypted
2\Name=Decrypt
2\Output=application/x-copyq-item
2\Shortcut=ctrl+l
2\Transform=true
3\Command="
    gpg --trust-model always --recipient copyq --charset utf-8 --display-charset utf-8 --no-tty --no-default-keyring --secret-keyring /home/userx/.config/copyq/copyq.sec --keyring /home/userx/.config/copyq/copyq.pub --decrypt | copyq copy application/x-copyq-item -"
3\Icon=\xf13e
3\InMenu=true
3\Input=application/x-copyq-encrypted
3\Name=Decrypt and Copy
3\Shortcut=ctrl+shift+l
4\Command="
    copyq: plugins.itemencrypted.pasteEncryptedItems()"
4\Icon=\xf13e
4\InMenu=true
4\Input=application/x-copyq-encrypted
4\Name=Decrypt and Paste
4\Shortcut=enter
size=4
@infokiller

This comment has been minimized.

Copy link

commented Sep 25, 2018

@hluk yes I mean the whole tab is encrypted, screenshot:
screenshot from 2018-09-25 19-27-44

hluk added a commit that referenced this issue Sep 25, 2018

itemencrypted: Fix decrypting tabs
Fixes #1016

Signed-off-by: Lukas Holecek <hluk@email.cz>
@hluk

This comment has been minimized.

Copy link
Owner

commented Sep 25, 2018

OK, I finally understood the issue (thought this was only when decrypting single items).

I'll try to merge the fix ASAP and release new bugfix version.

@hluk hluk closed this in 752d422 Sep 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.