NIIBE Yutaka: > On 01/23/2016 10:11 PM, Fulano Diego Perez wrote: >> NIIBE Yutaka: >>> Please note that you need to invoke gpg-agent with LD_LIBRARY_PATH, too. >> >> can explain how you mean to invoke ? > > Well, it seems terminology issue. I mean, to start, to kick the service, > and to run the service. > > In general, there are multiple ways. In my case on Debian, I have a > startup script, /etc/X11/Xsession.d/90gpg-agent, which invokes > gpg-agent. > >> i export library path for gpg2 and shows expected libgcrypt version > > Exporting library path is also needed for gpg-agent. > >> i can clearsign with ed25519 EDDSA subkey > > This can be done with libgcrypt 1.6.4. > >> i have problem testing encryption with cv25519 subkey >> >> >> tried to test with $ fortune | gpg2 --sign --encrypt -u abc --recipient >> 123 --recipient 456 | gpg2 --decrypt >> >> gpg: ecdh failed in gcry_cipher_decrypt: Checksum error >> gpg: ecdh failed in gcry_cipher_decrypt: Checksum error >> gpg: encrypted with 256-bit ECDH key, ID test, created 2016 >> "test" >> gpg: public key decryption failed: Checksum error >> gpg: encrypted with 256-bit ECDH key, ID test, created 2016 >> test2 >> gpg: public key decryption failed: Checksum error >> gpg: decryption failed: No secret key >> >> i have secret key > > I know. The problem is the version of libgcrypt of gpg-agent. > > Public key handling is the role of gpg frontend, while secret key > handling is done by gpg-agent. With no newer libgcrypt, gpg-agent > can't handle CV25519 keys. > >> tried list-packets & -vvv - nothing more on errors > > Yes. > >> maybe this is conflict with persistent gpg-agent and ssh-agent >> they are listed in htop with PID but no RAM use >> >> how can to figure this out ? > > If you can check the process's memory maps of gpg-agent, you can see > the maps to libgcrypt. In my case, I can see the entries in > /proc/<PID-OF-GPG-AGENT>/maps like: > > b7617000-b76d5000 r-xp 00000000 08:01 35743 > /usr/local/lib/libgcrypt.so.20.1.0 > b76d5000-b76d9000 rw-p 000bd000 08:01 35743 > /usr/local/lib/libgcrypt.so.20.1.0 > b76e7000-b76ef000 rw-p 00000000 00:00 0 >
$ cat /proc/PID-of-local-[gpg-ssh]agent/maps nada $ /builds/gpg21x/bin/gpg-agent --daemon $ cat /proc/PID/maps 55fb967f7000-55fb96849000 r-xp 00000000 fc:02 2098759 /builds/gpg21x/bin/gpg-agent 55fb96a48000-55fb96a4a000 r--p 00051000 fc:02 2098759 /builds/gpg21x/bin/gpg-agent 55fb96a4a000-55fb96a4b000 rw-p 00053000 fc:02 2098759 /builds/gpg21x/bin/gpg-agent 55fb96a4b000-55fb96a4c000 rw-p 00000000 00:00 0 55fb98220000-55fb98241000 rw-p 00000000 00:00 0 [heap] 7f714b7e4000-7f714b97e000 r-xp 00000000 fc:02 2229058 /lib/x86_64-linux-gnu/libc-2.21.so 7f714b97e000-7f714bb7e000 ---p 0019a000 fc:02 2229058 /lib/x86_64-linux-gnu/libc-2.21.so 7f714bb7e000-7f714bb82000 r--p 0019a000 fc:02 2229058 /lib/x86_64-linux-gnu/libc-2.21.so 7f714bb82000-7f714bb84000 rw-p 0019e000 fc:02 2229058 /lib/x86_64-linux-gnu/libc-2.21.so 7f714bb84000-7f714bb88000 rw-p 00000000 00:00 0 7f714bb88000-7f714bba0000 r-xp 00000000 fc:02 2229034 /lib/x86_64-linux-gnu/libpthread-2.21.so 7f714bba0000-7f714bd9f000 ---p 00018000 fc:02 2229034 /lib/x86_64-linux-gnu/libpthread-2.21.so 7f714bd9f000-7f714bda0000 r--p 00017000 fc:02 2229034 /lib/x86_64-linux-gnu/libpthread-2.21.so 7f714bda0000-7f714bda1000 rw-p 00018000 fc:02 2229034 /lib/x86_64-linux-gnu/libpthread-2.21.so 7f714bda1000-7f714bda5000 rw-p 00000000 00:00 0 7f714bda5000-7f714bda8000 r-xp 00000000 fc:02 271554 /usr/lib/x86_64-linux-gnu/libnpth.so.0.0.5 7f714bda8000-7f714bfa8000 ---p 00003000 fc:02 271554 /usr/lib/x86_64-linux-gnu/libnpth.so.0.0.5 7f714bfa8000-7f714bfa9000 r--p 00003000 fc:02 271554 /usr/lib/x86_64-linux-gnu/libnpth.so.0.0.5 7f714bfa9000-7f714bfaa000 rw-p 00004000 fc:02 271554 /usr/lib/x86_64-linux-gnu/libnpth.so.0.0.5 7f714bfaa000-7f714bfbc000 r-xp 00000000 fc:02 269865 /usr/lib/x86_64-linux-gnu/libassuan.so.0.7.2 7f714bfbc000-7f714c1bb000 ---p 00012000 fc:02 269865 /usr/lib/x86_64-linux-gnu/libassuan.so.0.7.2 7f714c1bb000-7f714c1bc000 r--p 00011000 fc:02 269865 /usr/lib/x86_64-linux-gnu/libassuan.so.0.7.2 7f714c1bc000-7f714c1bd000 rw-p 00012000 fc:02 269865 /usr/lib/x86_64-linux-gnu/libassuan.so.0.7.2 7f714c1bd000-7f714c1cf000 r-xp 00000000 fc:02 2233335 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 7f714c1cf000-7f714c3cf000 ---p 00012000 fc:02 2233335 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 7f714c3cf000-7f714c3d0000 r--p 00012000 fc:02 2233335 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 7f714c3d0000-7f714c3d1000 rw-p 00013000 fc:02 2233335 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 7f714c3d1000-7f714c4ce000 r-xp 00000000 fc:02 2098729 /builds/libgcrypt/lib/libgcrypt.so.20.1.0 7f714c4ce000-7f714c6ce000 ---p 000fd000 fc:02 2098729 /builds/libgcrypt/lib/libgcrypt.so.20.1.0 7f714c6ce000-7f714c6d0000 r--p 000fd000 fc:02 2098729 /builds/libgcrypt/lib/libgcrypt.so.20.1.0 7f714c6d0000-7f714c6d6000 rw-p 000ff000 fc:02 2098729 /builds/libgcrypt/lib/libgcrypt.so.20.1.0 7f714c6d6000-7f714c6f8000 r-xp 00000000 fc:02 2229042 /lib/x86_64-linux-gnu/ld-2.21.so 7f714c741000-7f714c8ca000 r--p 00000000 fc:02 262206 /usr/lib/locale/locale-archive 7f714c8ca000-7f714c8cf000 rw-p 00000000 00:00 0 7f714c8ed000-7f714c8f5000 rw-p 00000000 00:00 0 7f714c8f5000-7f714c8f7000 rw-p 00000000 00:00 0 7f714c8f7000-7f714c8f8000 r--p 00021000 fc:02 2229042 /lib/x86_64-linux-gnu/ld-2.21.so 7f714c8f8000-7f714c8f9000 rw-p 00022000 fc:02 2229042 /lib/x86_64-linux-gnu/ld-2.21.so 7f714c8f9000-7f714c8fa000 rw-p 00000000 00:00 0 7ffe65c44000-7ffe65c65000 rw-p 00000000 00:00 0 [stack] 7ffe65ddb000-7ffe65ddd000 r--p 00000000 00:00 0 [vvar] 7ffe65ddd000-7ffe65ddf000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] above is showing systems libraries and not the prefix i used at install time i compiled gpg2 and libgcrypt with DEB_BUILD_HARDENING=1 from HARDENED-CC(1) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users