Hello,
I've been trying to figure out why my setting (Emacs + Gnus) is giving
me trouble to sign SMIME messages. Well, the only problem seems to be
when I select the option for loopback pinentry, and only for SMIME
messags. For signing with PGP loopback seems to work fine and I get
asked the passphrase in the Emacs minibuffer, but for SMIME there seems
to be a problem.
By setting epg-debug in Emacs to True I found that most of the moves are
OK, but that the error comes from not being able to get the passphrase:
the " *gpg-error* buffer comes with:
,
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: CRLs not checked due to --disable-crl-checks option
| gpgsm: DBG: adding certificates at level -2
| gpgsm: ignoring gpg-agent inquiry 'PASSPHRASE'
| gpgsm: error creating signature: No passphrase given
`
while the gpg-agent.log tells me:
,
| DBG: chan_9 -> OK Pleased to meet you, process 3382246
| DBG: chan_9 <- RESET
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION ttytype=dumb
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION display=:0.0
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION xauthority=/home/angelv/.Xauthority
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION putenv=XDG_SESSION_TYPE=x11
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION
putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION putenv=INSIDE_EMACS=28.2,epg
| DBG: chan_9 -> OK
| DBG: chan_9 <- GETINFO version
| DBG: chan_9 -> D 2.2.40
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION allow-pinentry-notify
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION pinentry-mode=loopback
| DBG: chan_9 -> OK
| DBG: chan_9 <- HAVEKEY FC155E4BAF3DA44364C84711DA0B7137EA89D084
| DBG: chan_9 -> OK
| DBG: chan_9 <- ISTRUSTED D1EB23A46D17D68FD92564C2F1F1601764D8E349
| DBG: chan_9 -> S TRUSTLISTFLAG relax
| DBG: chan_9 -> OK
| DBG: chan_9 <- RESET
| DBG: chan_9 -> OK
| DBG: chan_9 <- SIGKEY FC155E4BAF3DA44364C84711DA0B7137EA89D084
| DBG: chan_9 -> OK
| DBG: chan_9 <- SETKEYDESC
|
Please+enter+the+passphrase+to+unlock+the+secret+key+for+the+X.509+certificate:%0A%22/CN=Angel+M+de+Vicente/O=Instituto+de+Astrofisica+de+Canarias/STREET=Calle+Vía+Láctea,+s\x2fn/ST=Santa+Cruz+de+Tenerife/C=ES%22%0AS/N+00B4307E9B17A8814A2B5CAE68E09B520E,+ID+0x74A5504B,%0Acreated+2022-10-31,+expires+2024-10-30.%0A
| DBG: chan_9 -> OK
| DBG: chan_9 <- SETHASH 9
96D6D02821BA0498546EF7BD466B9712FD1C8126AD583F895CD8DDA26DD07B7BBFD74F8A5A6E3087C0893C7BBDD78CCB
| DBG: chan_9 -> OK
| DBG: chan_9 <- PKSIGN
| DBG: agent_get_cache 'FC155E4BAF3DA44364C84711DA0B7137EA89D084'.0 (mode 2) ...
| DBG: ... miss
| DBG: agent_get_cache '6F4B59E5A9FBC6FB684CB55FDBB7CC30EEE197E3'.0 (mode 2)
(stored cache key) ...
| DBG: ... miss
| DBG: chan_9 -> S INQUIRE_MAXLEN 255
| DBG: chan_9 -> [[Confidential data not shown]]
| DBG: chan_9 <- [[Confidential data not shown]]
| failed to unprotect the secret key: No passphrase given
| failed to read the secret key
| command 'PKSIGN' failed: No passphrase given
| DBG: chan_9 -> ERR 67109041 No passphrase given
| DBG: chan_9 <- [eof]
`
I have removed gnome-keyring and seahorse in my system (in case there
was a conflict with them).
Any ideas as to what might cause this?
Many thanks
--
Ángel de Vicente
Research Software Engineer (Supercomputing and BigData)
Tel.: +34 922-605-747
Web.: http://research.iac.es/proyecto/polmag/
GPG: 0x8BDC390B69033F52
signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
