Steps to reproduce:
1. create a GPG key if needed.
2. Change its ownertrust to something different than Ultimate ( use your password manager for that. Seahorse in Ubuntu)
3. Try to encrypt the document ( File - Save As - Encrypt with GPG key )
Observed behaviour: Error message is 'OpenPGP key not trusted, damaged, or encryption failure. Please try again.'
Expected behaviour: Error message should be 'OpenPGP key not trusted, damaged, or encryption failure. Please check your owner trust level and try again.'
Ownertrust info: https://gpgtools.tenderapp.com/kb/faq/what-is-ownertrust-trust-levels-explained
Build ID: abf9ec7bef2c341ad9c914fd909dd03b4a784f18
CPU threads: 4; OS: Linux 4.13; UI render: default; VCL: gtk3;
Locale: ca-ES (ca_ES.UTF-8); Calc: group
Hi bubli, this is the issue found during the hackfest, in case you're interested...
Same here, but it's even worse - can't even use my own keys to encrypt. Happened after upgrade to gpg2:
gpg (GnuPG) 2.2.7-unknown
Marina, Xisco - can you paste your respective gpg versions please?
Created attachment 142533 [details]
Hack-around patch - of course we cannot simply trust all keys...
With the attached patch, it works again. No real solution though
gpg (GnuPG) 1.4.20
gpg (GnuPG) 2.1.11
Xisco, does signing the key help you're picking? With something != ultimate trust?
Still reproducible in
CPU 執行緒：4; OS：Linux 4.19; UI 算繪：預設; VCL: kde5;
語言地區：zh-TW (zh_TW.UTF-8); UI-Language: zh-TW
Signing is okay, but encrypting would fail.
Nothing different for encrypting public keys being signed or not.
(In reply to Thorsten Behrens (CIB) from comment #4)
> Created attachment 142533 [details]
> Hack-around patch - of course we cannot simply trust all keys...
> With the attached patch, it works again. No real solution though
I tried to debug it and have some interesting findings.
xSignCertificates.getLength() is 2 though I chose only one recipient. (line 5 in pastebin)
Then I checked keyID at code line 509, after key is pushed back to vector (line 37 in pastebin)
The key is correct (my public key).
In the first iteration the result is correct. Then goes to the second iteration (since xSignCertificates.getLength() is 2)
I checked the key in the second iteration (line 119 in pastebin) this time it returned another keyID (Osvaldo's public key!?)
This time crypt_res.error() returned code 53 and len was 0, so threw exception.
I have not checked why xSignCertificates.getLength() is 2 yet. Maybe someone would be interested in it?
It works when
1) encryption key is set in the personal profile, or
2) "When encrypting documents, always encrypt to self" is unchecked, which is checked by default.
I think it makes sense that when sending a GPG-encrypted document the author should encrypt it with his/her own key, or when it is saved encrypted the author can not read it anymore. Just that when the encrypt-to-self checkbox is set but no encryption key is set, there should be a warning or error message instead of jumping out the current error messages.
Franklin Weng committed a patch related to this issue.
It has been pushed to "master":
tdf#116862 do not encrypt to self when encryption key is not set
It will be available in 6.4.0.
The patch should be included in the daily builds available at
https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
Affected users are encouraged to test the fix and report feedback.