Package: libgcrypt20
Version: 1.8.7-4
Severity: important
Dear Maintainer,
After a full-upgrade in Sid on 2021-05-02, `gpg --decrypt somefile.gpg` fails:
gpg: encrypted with 256-bit ECDH key, ID [hopefully irrelevant]
gpg: public key decryption failed: Invalid object
gpg: decryption failed: No secret key
Strace provides a little more context:
read(6, "S INQUIRE_MAXLEN 4096\nINQUIRE CIPHERT"..., 1002) = 41
write(6, "D (7:enc-val(4:ecdh(1:s49:0V\333\26\231\377\242\231\237b\375"...,
120) = 120
write(6, "END", 3) = 3
write(6, "\n", 1) = 1
read(6, "ERR 16777281 Invalid object <gcrypt>\n", 1002) = 37
Considering the list of updated packages this day, libgcrypt20:amd64 (1.8.7-3,
1.8.7-4) is the likely culprit. Its changelog states:
libgcrypt20 (1.8.7-4) unstable; urgency=medium
* Update from LIBGCRYPT-1.8-BRANCH:
+ 30_07-Fix-previous-commit.patch
+ 30_08-ecc-Check-the-input-length-for-the-point.patch
-- Andreas Metzler <ametz...@debian.org> Sun, 02 May 2021 13:58:47 +0200
The second patch is precisely about returning "Invalid object" /
GPG_ERR_INV_OBJ in some case related to GnuPG and ECDH decryption.
Therefore, could you please double-check this patch?
Thanks for your work.
Cheers,
-- Xavier G.
-- System Information:
Debian Release: 11.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libgcrypt20 depends on:
ii libc6 2.31-12
ii libgpg-error0 1.38-2
libgcrypt20 recommends no packages.
Versions of packages libgcrypt20 suggests:
pn rng-tools <none>
-- no debconf information
