Your message dated Thu, 06 May 2021 16:33:30 +0000
with message-id <e1legwm-00089g...@fasolo.debian.org>
and subject line Bug#987956: fixed in libgcrypt20 1.8.7-5
has caused the Debian Bug report #987956,
regarding libgcrypt20: ECDH decryption fails with "gpg: public key decryption
failed: Invalid object" error message
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
987956: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987956
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libgcrypt20
Version: 1.8.7-4
Severity: important
Dear Maintainer,
After a full-upgrade in Sid on 2021-05-02, `gpg --decrypt somefile.gpg` fails:
gpg: encrypted with 256-bit ECDH key, ID [hopefully irrelevant]
gpg: public key decryption failed: Invalid object
gpg: decryption failed: No secret key
Strace provides a little more context:
read(6, "S INQUIRE_MAXLEN 4096\nINQUIRE CIPHERT"..., 1002) = 41
write(6, "D (7:enc-val(4:ecdh(1:s49:0V\333\26\231\377\242\231\237b\375"...,
120) = 120
write(6, "END", 3) = 3
write(6, "\n", 1) = 1
read(6, "ERR 16777281 Invalid object <gcrypt>\n", 1002) = 37
Considering the list of updated packages this day, libgcrypt20:amd64 (1.8.7-3,
1.8.7-4) is the likely culprit. Its changelog states:
libgcrypt20 (1.8.7-4) unstable; urgency=medium
* Update from LIBGCRYPT-1.8-BRANCH:
+ 30_07-Fix-previous-commit.patch
+ 30_08-ecc-Check-the-input-length-for-the-point.patch
-- Andreas Metzler <ametz...@debian.org> Sun, 02 May 2021 13:58:47 +0200
The second patch is precisely about returning "Invalid object" /
GPG_ERR_INV_OBJ in some case related to GnuPG and ECDH decryption.
Therefore, could you please double-check this patch?
Thanks for your work.
Cheers,
-- Xavier G.
-- System Information:
Debian Release: 11.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libgcrypt20 depends on:
ii libc6 2.31-12
ii libgpg-error0 1.38-2
libgcrypt20 recommends no packages.
Versions of packages libgcrypt20 suggests:
pn rng-tools <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: libgcrypt20
Source-Version: 1.8.7-5
Done: Andreas Metzler <ametz...@debian.org>
We believe that the bug you reported is fixed in the latest version of
libgcrypt20, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <ametz...@debian.org> (supplier of updated libgcrypt20 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 06 May 2021 18:06:14 +0200
Source: libgcrypt20
Architecture: source
Version: 1.8.7-5
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-ma...@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametz...@debian.org>
Closes: 987956
Changes:
libgcrypt20 (1.8.7-5) unstable; urgency=medium
.
* Pull fix ECC decyryption regression (caused by
30_08-ecc-Check-the-input-length-for-the-point.patch) from
LIBGCRYPT-1.8-BRANCH. Closes: #987956
Checksums-Sha1:
f65ad13437731b6a56a52af3d639af53570207f5 2800 libgcrypt20_1.8.7-5.dsc
4360d7d30aea67988a71979aa92b14688f493f3c 36348
libgcrypt20_1.8.7-5.debian.tar.xz
Checksums-Sha256:
caec869b77a69a799f01be7f5514504b2c35a336eae6ce2da26b00f73475c6d7 2800
libgcrypt20_1.8.7-5.dsc
df3f4fdfdb0948d7d9fe9b0c8a63d54cefd23691be25d866cbb089ab8c5a543a 36348
libgcrypt20_1.8.7-5.debian.tar.xz
Files:
211f94da1c6ceccae716c02440a9dc18 2800 libs optional libgcrypt20_1.8.7-5.dsc
dd8e6f81d50fbb4e8b6a52656b5e8f3e 36348 libs optional
libgcrypt20_1.8.7-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmCUFVMACgkQpU8BhUOC
FIQs9A/+LnxnN1QJupswV2HbGl4htaY/mVC2cOVzYf6VYqW3O+J7nI9rjg3VQI74
2wFr+PqOzI7H97VifEedeTtHl7LVzr+LlL1bXyMcyzIgFxb3TbuKFDTF9MV/g0px
oS9AITId3pwoXhfS1C9MHHi99OdnNe7dLHJ4+eCy7FeJH5arfNu3X3moMeAU3Wv/
YfY5z/yaUmXqxl9maeEYBDeaOfSrwSkbZLbT4Jm0gWY8ABlAis9rJDTu5gle8HBm
iEpJnCQ1s7nJJgqDWP+lE3NRkSgJd/JPdjkmS2QzTN+XAgwAfINbvXjcP6zAv8Nd
yCZ7JgaItM6cEqXgEtaPek0C493FeBprWg+wNzjkF8KsnUSIJtIPb23Q/4bhMEXI
eXVT5LFss8lcEsiLgc6R7QyYkDMaL87yJg9yRziiynZTEdmSeFrC1BsR3zjN+Bn7
3Mum3qvzOVAbHvaqOWPNpgsnveJLAdXkpnLx8GHnoyOo/izI+DKVciopFobI92MZ
8g1oOLspsq2//mqG0vqMxHIafF49PAunXEiczevKAuUr1NUWlkIdDFExOGL1iAmP
GGZjIssMllM9LlCJF2+GcJFclXoMfUShg9sqrigIPQhdi0fiseia/KK4BfkU4pQc
VKEGenl+o/8dDBS/yjjFIPUF16mp7Kt1wMk+qcSWUkfdbvfW7yQ=
=Bmhq
-----END PGP SIGNATURE-----
--- End Message ---
