unable to send encrypted message with state-of-the-art OpenPGP keys
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| gnupg2 (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
with the gnupg2 version 2.1.11-6ubuntu2 shipped with ubuntu 16.04 it is impossible to send an encrypted email to people using up-to-date ECC algorithms in their OpenPGP key. newer encryption algorithms *should* be omitted by older gnupg2 versions in favor of supported alternatives, but in fact they are not. this might be caused by the accompanying version of libgcrypt20 assuming it can support the algorithm, but then the too old gnupg2 version cannot. in the end, all you get is a very meaningless error that "an error occurred".
to reproduce the problem, install ubuntu xenial and try to send an encrypted message to the very author of GnuPG (OpenPGP key ID 0xF2AD85AC1E42B
please upgrade gnupg2 to a more recent version.
| m.eik michalke (m.eik) wrote | #1 |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in gnupg2 (Ubuntu): | |
| status: | New → Confirmed |
on a second thought, please don't actually send mails.
it is sufficient to just import the key in question and try to encrypt a file with it:
gpg2 --recv-keys F2AD85AC1E42B367
touch /tmp/test.txt
gpg2 --recipient F2AD85AC1E42B367 --encrypt /tmp/test.txt
on xenial, you'll see an error that the "object is too short", but if you use any older key from your keyring it will simpley encrypt the file.