Re: gpg password and/or agend messed up (gnupg: message 2 of 20)

[Daniel Kahn Gillmor]

On Mon 2016-11-14 13:42:00 -0500, gnupg.theg...@spamgourmet.com wrote:

>> What platform are you using?  What version of GnuPG?  do you have
>> multiple versions of gpg installed ?  (e.g. "gpg" and "gpg2")?
>
> My machine is a debian/jessie linux.
>
>  % dpkg -l \*gpg\* | egrep '^ii'
> ii  gpgsm2.1.15-4  amd64GNU privacy guard - 
> S/MIME version
> ii  gpgv 2.1.15-4  amd64GNU privacy guard - 
> signature verification tool
> ii  libgpg-error0:amd64  1.24-1amd64library for common error 
> values and messages in GnuPG components
> ii  libgpg-error0:i386   1.24-1i386 library for common error 
> values and messages in GnuPG components
> ii  libgpgme++2v54:4.14.10-7   amd64C++ wrapper library for 
> GPGME
> ii  libgpgme11:amd64 1.7.0-1   amd64GPGME - GnuPG Made Easy 
> (library)
> ii  libkf5gpgmepp5:amd64 16.04.3-1 amd64c++ wrapper library for 
> gpgme
> ii  python-gpgme 0.3-1.1+b1amd64python wrapper for the 
> GPGME library
>
> % dpkg -l \*gnupg\* | egrep '^ii'
> ii  gnupg   2.1.15-4 amd64GNU privacy guard - a 
> free PGP replacement
> ii  gnupg-agent 2.1.15-4 amd64GNU privacy guard - 
> cryptographic agent
> ii  gnupg-l10n  2.1.15-4 all  GNU privacy guard - 
> localization files
> ii  gnupg2  2.1.15-4 all  GNU privacy guard - a 
> free PGP replacement (dummy transitional package)
> ii  libgnupg-interface-perl 0.52-5   all  Perl interface to GnuPG

These versions are not the versions that are part of Debian jessie.  are
you running a mixed environment, or are you actually running Debian
stretch?

--dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Primary and Signing Key on Different Smart Cards

[Daniel Kahn Gillmor]

On Thu 2016-11-17 13:45:25 -0500, Arthur Ulfeldt wrote:

> PS: the bug is that gpg will only use the newest signing key, rather than
> the newest signing key that is available now.

I believe this bug is tracked upstream at
https://bugs.gnupg.org/gnupg/issue1983 -- it would be great if someone
wanted to propose a patch to fix it.

   --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gpg2 --version gpg: Fatal: libgcrypt is too old (need 1.7.0, have 1.6.3)

[David Adamson]

Hello,

I'm running a debian Jessie v8 kernel release 3.16.0-4-amd64 on my
personal laptop. It came pre-installed with GnuPG 1.4.18.

Rightly or not I thought having the latest version was a good idea for
no other reason than wanting to have the latest and greatest. So from
gnupg.org download page I downloaded and installed Gnupg Modern 2.1.15
along with the required libraries: nPth v1.2, Libgpg-error v1.25,
Libgcrypt v1.7.3, Libksba v1.3.5 and Libassuan v2.4.3. Integrity
checked them all.

After installation completed I ran gpg --version from the command line
and was presented with:
gpg (GnuPG) 1.4.18
but then saw reference online somewhere to gpg2 and figured that I
should be checking the version to that and so I ran gpg2 --version and
was presented with:
gpg: Fatal: libgcrypt is too old (need 1.7.0, have 1.6.3).

I would like to have either version at this point that works. I don't
like the idea of having misconfigured or improperly installed software
trashing up my system. If you can help me clean up my system and have
either version operational, I'd appreciate it.

I intend to use Gnupg just to encrypt and sign text and files.

Thanks in advance!

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[Announce] GnuPG 2.1.16 released

[Werner Koch]

Hello!

The GnuPG team is pleased to announce the availability of a new release
of GnuPG modern: Version 2.1.16.  See below for a list of new features
and bug fixes.


About GnuPG
=

The GNU Privacy Guard (GnuPG) is a complete and free implementation
of the OpenPGP standard which is commonly abbreviated as PGP.

GnuPG allows to encrypt and sign data and communication, features a
versatile key management system as well as access modules for public key
directories.  GnuPG itself is a command line tool with features for easy
integration with other applications.  A wealth of frontend applications
and libraries making use of GnuPG are available.  Since version 2 GnuPG
provides support for S/MIME and Secure Shell in addition to OpenPGP.

GnuPG is Free Software (meaning that it respects your freedom). It can
be freely used, modified and distributed under the terms of the GNU
General Public License.

Three different branches of GnuPG are actively maintained:

- GnuPG "modern" (2.1) comes with the latest features and is suggested
  for most users.  This announcement is about this branch.

- GnuPG "stable" (2.0) is the currently mostly used branch which will be
  maintain until 2017-12-31.

- GnuPG "classic" (1.4) is a simplified version of GnuPG, required on
  very old platforms or to decrypt data created with PGP-2 keys.

You may not install "modern" (2.1) and "stable" (2.0) at the same time.
However, it is possible to install "classic" (1.4) along with any of the
other versions.


Noteworthy changes in version 2.1.16


 * gpg: New algorithm for selecting the best ranked public key when
   using a mail address with -r, -R, or --locate-key.

 * gpg: New option --with-tofu-info to print a new "tfs" record in
   colon formatted key listings.

 * gpg: New option --compliance as an alternative way to specify
   options like --rfc2440, --rfc4880, et al.

 * gpg: Many changes to the TOFU implementation.

 * gpg: Improve usability of --quick-gen-key.

 * gpg: In --verbose mode print a diagnostic when a pinentry is
   launched.

 * gpg: Remove code which warns for old versions of gnome-keyring.

 * gpg: New option --override-session-key-fd.

 * gpg: Option --output does now work with --verify.

 * gpgv: New option --output to allow saving the verified data.

 * gpgv: New option --enable-special-filenames.

 * agent, dirmngr: New --supervised mode for use by systemd and alike.

 * agent: By default listen on all available sockets using standard
   names.

 * agent: Invoke scdaemon with --homedir.

 * dirmngr: On Linux now detects the removal of its own socket and
   terminates.

 * scd: Support ECC key generation.

 * scd: Support more card readers.

 * dirmngr: New option --allow-version-check to download a software
   version database in the background.

 * dirmngr: Use system provided CAs if no --hkp-cacert is given.

 * dirmngr: Use a default keyserver if none is explicitly set

 * gpgconf: New command --query-swdb to check software versions
   against an copy of an online database.

 * gpgconf: Print the socket directory with --list-dirs.

 * tools: The WKS tools now support draft version -02.

 * tools: Always build gpg-wks-client and install under libexec.

 * tools: New option --supported for gpg-wks-client.

 * The log-file option now accepts a value "socket://" to log to the
   socket named "S.log" in the standard socket directory.

 * Provide fake pinentries for use by tests cases of downstream
   developers.

 * Fixed many bugs and regressions.

 * Many changes and improvements for the test suite.

A detailed description of the changes found in the 2.1 branch can be
found at .

Please be aware that there are still known bugs which we are working on.
Check https://bugs.gnupg.org, https://wiki.gnupg.org, and the mailing
list archives for known problems and workarounds.


Getting the Software


Please follow the instructions found at  or
read on:

GnuPG 2.1.16 may be downloaded from one of the GnuPG mirror sites or
direct from its primary FTP server.  The list of mirrors can be found at
.  Note that GnuPG is not
available at ftp.gnu.org.

The GnuPG source code compressed using BZIP2 and its OpenPGP signature
are available here:

 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.16.tar.bz2  (5704k)
 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.16.tar.bz2.sig
or here:
 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.16.tar.bz2
 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.16.tar.bz2.sig

An installer for Windows without any graphical frontend except for a
very minimal Pinentry tool is available here:

 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.16_20161118.exe  (3684k)
 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.16_20161118.exe.sig
or here
 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.1.16_20161118.exe
 

Re: gpgme 1.8 build failure

[Robert J. Hansen]

> Sorry, I don't understand the problem. In line 35 keygenerationresult.cpp 
> includes  so strdup should be available. Is string.h not the right 
> header for strdup on macOS?

It is, but it's in an #ifdef guard.  A small test program is able to use
strdup:

=
quorra:~ rjh$ more test.cxx
#include 

int main()
{
  const char* foo = "Foo";
  const char* bar = strdup(foo);
  return 0;
}

quorra:~ rjh$ clang++ -W -Wextra -std=c++11 test.cxx -o t
=

So given that a dummy program can see strdup, but a default ./configure
gpgme-1.8.0 can't, I suspect somewhere the configure script is setting a
custom #define which is causing the build to fail.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg-agent crashes on Windows 10

[Peter Lebbing]

On 18/11/16 09:45, Matthias Wachs wrote:
> 2.1.12 may be outdated but is the latest version for Windows (available on
> Heise):

That's not the official place to get your GnuPG downloads. 2.1.15 for
Windows is available from .

> The version included in gpg4win is even older:
> https://www.gpg4win.org/download.html
> -> GnuPG 2.0.30

While technically correct[1], 2.0.30 is the latest 2.0 release, and thus
the current version. Remember there are three parallel branches, 1.4,
2.0 and 2.1.

HTH,

Peter.

[1] The best kind of correct!

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg-agent crashes on Windows 10

[Matthias Wachs]

Hi Werner, hi all,

2.1.12 may be outdated but is the latest version for Windows (available on
Heise):
https://www.heise.de/download/product/gnu-privacy-guard-gnupg-1677/download

The version included in gpg4win is even older:
https://www.gpg4win.org/download.html
-> GnuPG 2.0.30

Best,

-M


On Thu, 2016-11-17 at 08:53 +0100, Werner Koch wrote:
> On Tue, 15 Nov 2016 17:19, wa...@net.in.tum.de said:
> 
> > 
> >    2.1.12.223
> 
> gnupg 2.1.12 is not current.
> 
> > 
> >    libgpg-error-0.dll
> >    1.22.0.39429
> 
> IRRC, we fixes some Windows things in libgpg after 1.22.
> 
> I'd suggest until we have release 2.1.16 along with a new windows
> installer.  Very likely this week.
> 
> 
> Shalom-Salam,
> 
>    Werner
> 
-- 
Dr. rer. nat. Matthias Wachs
Researcher

Technical University of Munich
Department of Informatics
Chair of Network Architectures and Services

Boltzmannstr. 3 
85748 Garching, Germany

Tel. + 49 89 289 18037
Fax + 49 89 289 18030

wa...@net.in.tum.de
https://net.in.tum.de/members/wachs/

OpenPGP fingerprint 4594 6915 BA9B 3886 A7A5  91E0 271E D86D 6F53 AD12

signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users