Skip to content

monkeysign crashes when trying to sign key that has no encryption capability or subkey

When i try to sign the tails signing key, monkeysign crashes (looked here and on bugs.d.o, but didn't find that issue)

Expected behavior

either a warning, that a the key can not be signed or monkeysign signing the key without encrypting it

Actual behavior

Signing the following key

pub  [unknown] 4096R/58ACD84F 1421590671 [expiry: 2018-01-11 13:49:04]
    Fingerprint = A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F
uid 1      [unknown] Tails developers (offline long-term identity key) <tails@boum.org>
uid 2      [unknown] Tails developers <tails@boum.org>
sub   4096R/752A3DB6 1421590835 [expiry: 2018-01-11 13:49:20]
sub   4096R/A0EDAA41 1472561457 [expiry: 2018-01-11 13:50:57]
sub   4096R/56987A65 1421590930 [expiry: 2016-01-11 15:22:10]
sub   4096R/2F699C56 1421595116 [expiry: 2018-01-11 13:49:36]


Sign all identities? [y/N] 
Choose the identity to sign (1-2 or full UID, control-c to abort): 1
Really sign key? [y/N] y
Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7fc58b1e07e8>> ignored
[Errno 2] encryption to A490D0F4D311A4153E2BB7CADBB802B258ACD84F failed: gpg: [stdin]: encryption failed: Unusable public key.

Steps to reproduce

monkeysign A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F --mua --debug

(don't know how to copy the debug output, the tails signing key is preeetty big and my terminal buffter doesn't go back that far, but here is the last bit:)

-----END PGP PUBLIC KEY BLOCK-----
stderr: [GNUPG:] EXPORTED A490D0F4D311A4153E2BB7CADBB802B258ACD84F
[GNUPG:] EXPORT_RES 1 0 1

Monkeysign: 2.2.1
Load path: /usr/lib/python2.7/dist-packages/monkeysign
CPython: 2.7.12+ (GCC 6.2.0 20160927 default Sep  1 2016 20:27:38)
Kernel: Linux tekla 4.7.0-1-amd64 #1 SMP Debian 4.7.6-1 (2016-10-07) x86_64 
Operating system: debian stretch/sid (Linux)
PID: 8112, CWD: /home/muri
Command: ['/usr/bin/monkeysign', 'A490', 'D0F4', 'D311', 'A415', '3E2B', 'B7CA', 'DBB8', '02B2', '58AC', 'D84F', '--mua', '--debug']
GnuPG: 2.1.15
deleting the temporary keyring /tmp/pygpg-6LNXPo
Traceback (most recent call last):
  File "/usr/bin/monkeysign", line 41, in <module>
    u.main()
  File "/usr/lib/python2.7/dist-packages/monkeysign/cli.py", line 73, in main
    self.export_key()
  File "/usr/lib/python2.7/dist-packages/monkeysign/ui.py", line 624, in export_key
    return self.sendmail(msg)
  File "/usr/lib/python2.7/dist-packages/monkeysign/ui.py", line 677, in sendmail
    msg.keyfpr)
  File "/usr/lib/python2.7/dist-packages/monkeysign/gpg.py", line 456, in encrypt_data
    raise GpgRuntimeError(self.context.returncode, _('encryption to %s failed: %s.') % (recipient, self.context.stderr.split("\n")[-2]))
monkeysign.gpg.GpgRuntimeError: [Errno 2] encryption to A490D0F4D311A4153E2BB7CADBB802B258ACD84F failed: gpg: [stdin]: encryption failed: Unusable public key.

Testsuite output

Please paste the output of monkeysign --test here:

 monkeysign --test                                                                                                                                                                                           1 ↵
..Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0e8e248>> ignored
....................pub  [unknown] 1024R/96F47C6A 1342795252
    Fingerprint = 3F94 240C 918E 6359 0B04  152E 86E4 E70A 96F4 7C6A
uid 1      [unknown] Second Test Key <unittests@monkeysphere.info>
uid 2      [unknown] Test Key <foo@example.com>
sub   1024R/14B46386 1342795252

.............pub  [empty] 1024R/4023702F 1110320887 [expiry: 2010-03-13 00:56:20]
    Fingerprint = C9E1 F123 0DBE 47D5 7BAB  3C60 5860 73B3 4023 702F
uid 1      [empty] The Anarcat <anarcat@anarcat.ath.cx>
sub   2048R/EB8D47BB 1110320966

.xx.Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0e96320>> ignored
....Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0dcdd88>> ignored
.Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0dc38c0>> ignored
..Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0de95f0>> ignored
.Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0d6d638>> ignored
....Exception OSError: OSError(2, 'No such file or directory') in <bound method TempKeyring.__del__ of <monkeysign.gpg.TempKeyring instance at 0x7f7db0d80f38>> ignored
...^C

(killed the test after 10 minutes- if you need it, i can do a full run and paste the output, but i have some problems with accessing keyservers at the moment, which makes it run for a very long time)

Environment details

Monkeysign: 2.2.1
Load path: /usr/lib/python2.7/dist-packages/monkeysign
CPython: 2.7.12+ (GCC 6.2.0 20160927 default Sep  1 2016 20:27:38)
Kernel: Linux tekla 4.7.0-1-amd64 #1 SMP Debian 4.7.6-1 (2016-10-07) x86_64 
Operating system: debian stretch/sid (Linux)
PID: 9110, CWD: /home/muri
Command: ['/usr/bin/monkeysign', '--version']
GnuPG: 2.1.15

installed via debian package

thanks for monkeysign!

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information