Hi,
I think I've found a bug with org-crypt:
Org mode version 9.5.5 (release_9.5.5 @
/home/vk/src/external_compilations/emacs/lisp/org/)
GNU Emacs 28.2 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.33,
cairo version 1.16.0) of 2023-01-09
SUMMARY:
org-crypt fails to encrypt when org-encrypt-entry is set to a
different key than the default openpgp key and the default key is
expired.
BACKGROUND:
My setup involves an openpgp-key which is specifically used for
org-crypt. This key is not my default key A1234567 which I'm using
for encrypting and singing emails and such.
org-crypt-key is set to this secondary key, let's call it
org-openpgp-key. So the org-crypt setup is correct in that sense
that org-mode should not care about other keys than my
org-openpgp-key.
However, I've had the situation where the default openpgp key
expired on a machine. Please note that my org-openpgp-key did not
expire.
When I invoked org-decrypt-entry, decrypting works like always. Then
I modified something in this heading which is tagged with :crypt:.
On saving that buffer, org-crypt issues an error message:
| Error: (error "GPG error: \"Encrypt failed\", \"Unusable public key:
| A1234567; Exit\"")
This A1234567 key is my default key and not the org-openpgp-key.
org-encrypt-entry is causing this error at:
| ;; Text and key have to be identical, otherwise we
| ;; re-crypt.
| (if (and (equal crypt-key key)
| (string= checksum (sha1 contents)))
| (get-text-property 0 'org-crypt-text contents)
| (epg-encrypt-string epg-context contents crypt-key)))
After fixing the expiry date of A1234567, org-crypt was working
properly, using the correct org-openpgp-key again.
I do think this is wrong behavior: when the default key is expired
but a specific secondary key is used, encryption should be possible.
--
get mail|git|SVN|photos|postings|SMS|phonecalls|RSS|CSV|XML into Org-mode:
> get Memacs from https://github.com/novoid/Memacs <
Personal Information Management > http://Karl-Voit.at/tags/pim/
Emacs-related > http://Karl-Voit.at/tags/emacs/
