Re: Signing message problem with GPG loopback pin-entry option
On Sonntag, 20. Februar 2022 17:37:51 CET Alireza Sadeghpour wrote: > On Sun, 20 Feb 2022, 7:37 PM Ingo Klöcker, wrote: > > On Sonntag, 20. Februar 2022 16:25:31 CET Alireza Sadeghpour wrote: > > > I am trying to encrypt and sign a file with gpg and loopback pinentry > > > option, with the below command: > > > > > > gpg --pinentry-mode=loopback --passphrase ="mypws" \ > > > --ignore-time-conflict --ignore-valid-from \ > > > --cipher-algo AES256 --symmetric --ignore-time-conflict \ > > > --passphrase-file ~/.gnupg/PG/p-enckey --trust-model always -q --batch > > > --yes --local-user "UserID" \ > > > --sign --force-mdc \ > > > --output /var/psigner/2 \ > > > /var/psigner/1 > > > > Using the options --passphrase *and* --passphrase-file makes no sense. > > Actually i need to use two keys, one for aes encryption and another one is > used for rsa signing, which both of them are protected with a passphrase. > > I tried to indicate rsa key passphrase with --passphrase option and aes key > with --passphrase-file option. > > If that is wrong, how can i indicate passphrase for two separate keys in > same command? Our usual reply to people trying to do provide a passphrase for doing automatic signing (or decryption) is: Use a passphrase-less key. If you put the passphrase needed for the signing key next to the signing key, then you do not gain any security by protecting the signing key with a non- empty passphrase. That's like putting a super secure lock into the front door of your house and then hanging the key next to the door on a nail. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing message problem with GPG loopback pin-entry option
Thanks for your response, Actually i need to use two keys, one for aes encryption and another one is used for rsa signing, which both of them are protected with a passphrase. I tried to indicate rsa key passphrase with --passphrase option and aes key with --passphrase-file option. If that is wrong, how can i indicate passphrase for two separate keys in same command? Sencerly On Sun, 20 Feb 2022, 7:37 PM Ingo Klöcker, wrote: > On Sonntag, 20. Februar 2022 16:25:31 CET Alireza Sadeghpour via > Gnupg-users > wrote: > > I am trying to encrypt and sign a file with gpg and loopback pinentry > > option, with the below command: > > > > gpg --pinentry-mode=loopback --passphrase ="mypws" \ > > --ignore-time-conflict --ignore-valid-from \ > > --cipher-algo AES256 --symmetric --ignore-time-conflict \ > > --passphrase-file ~/.gnupg/PG/p-enckey --trust-model always -q --batch > > --yes --local-user "UserID" \ > > --sign --force-mdc \ > > --output /var/psigner/2 \ > > /var/psigner/1 > > Using the options --passphrase *and* --passphrase-file makes no sense. > > > however i got the below error message: > > > > gpg: signing failed: Too much data for IPC layer > > gpg: /var/psigner/1: sign+symmetric failed: Too much data for IPC layer > > Could it be that the file ~/.gnupg/PG/p-enckey contains more data than gpg > allows/supports for a passphrase? > > > Can anyone give me advice to solve the problem? > > Removing `--passphrase-file ~/.gnupg/PG/p-enckey` from the command line > could > solve your problem. > > Regards, > Ingo > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing message problem with GPG loopback pin-entry option
On Sonntag, 20. Februar 2022 16:25:31 CET Alireza Sadeghpour via Gnupg-users wrote: > I am trying to encrypt and sign a file with gpg and loopback pinentry > option, with the below command: > > gpg --pinentry-mode=loopback --passphrase ="mypws" \ > --ignore-time-conflict --ignore-valid-from \ > --cipher-algo AES256 --symmetric --ignore-time-conflict \ > --passphrase-file ~/.gnupg/PG/p-enckey --trust-model always -q --batch > --yes --local-user "UserID" \ > --sign --force-mdc \ > --output /var/psigner/2 \ > /var/psigner/1 Using the options --passphrase *and* --passphrase-file makes no sense. > however i got the below error message: > > gpg: signing failed: Too much data for IPC layer > gpg: /var/psigner/1: sign+symmetric failed: Too much data for IPC layer Could it be that the file ~/.gnupg/PG/p-enckey contains more data than gpg allows/supports for a passphrase? > Can anyone give me advice to solve the problem? Removing `--passphrase-file ~/.gnupg/PG/p-enckey` from the command line could solve your problem. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Signing message problem with GPG loopback pin-entry option
I am trying to encrypt and sign a file with gpg and loopback pinentry option, with the below command: gpg --pinentry-mode=loopback --passphrase ="mypws" \ --ignore-time-conflict --ignore-valid-from \ --cipher-algo AES256 --symmetric --ignore-time-conflict \ --passphrase-file ~/.gnupg/PG/p-enckey --trust-model always -q --batch --yes --local-user "UserID" \ --sign --force-mdc \ --output /var/psigner/2 \ /var/psigner/1 however i got the below error message: gpg: signing failed: Too much data for IPC layer gpg: /var/psigner/1: sign+symmetric failed: Too much data for IPC layer but with the below command, which a dialog pops up to ask for the key passphrase, everything works fine. gpg \ --ignore-time-conflict --ignore-valid-from \ --cipher-algo AES256 --symmetric --ignore-time-conflict \ --passphrase-file ~/.gnupg/PG/patch-enckey --trust-model always -q --batch --yes --local-user "UserID" \ --sign --force-mdc \ --output /var/psigner/2 \ /var/psigner/1 Can anyone give me advice to solve the problem? ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Problem with gpg-connect-agent command
Good day! I am trying to follow the setup guide here: http://no-passwd.net/askbot/question/34/how-gnuk-supports-firmware-upgrade/ it is all fine, until I get to the following command gpg-connect-agent KEYINFO --list /bye instead of writing KEYINFO, it just outputs OK. Please, could you tell, how to solve this problem? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Problem with gpg smartcard / 4096bits keys
Hello, I have some problems with my smartcard : I use Debian testing with gnupg2 2.0.18, i have a BCM5880 smart card reader and a zeitcontrol openpgp card. I read that now gnupg can use 4096bit keys with those smartcard but : when i load a 4096 bits key in the card i can sign but i'm unable to uncrypt when i generate on card keys, i'm unable to complete the generation with general error... Here the log file for generation of onkeys card : scdaemon[2840]: please wait while key is being generated ... scdaemon[2840]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[2840]: apdu_send_simple(0) failed: general error scdaemon[2840]: generating key failed gpg: key generation failed: Card error Key generation failed: Card error Anyone have idea ? Regards -- signature.asc Description: Ceci est une partie de message numériquement signée ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg smartcard / 4096bits keys
On Thu, 17 Nov 2011 11:58, emmanuel.joo...@gmail.com said: I use Debian testing with gnupg2 2.0.18, i have a BCM5880 smart card I don't know thisreader. Is this from Broadcom? scdaemon[2840]: pcsc_transmit failed: not transacted (0x80100016) This error message is kind of general error. It usually has nothing to do with transactions. Adding debug 2048 to scdaemon.conf will log all I/O with the reader. You may also try running without pcscd and thus use scdaemon's internal ccid reader. Make sure that you have write permissions to the USB device. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg smartcard / 4096bits keys
Here a full log, before i stop system pcscd but i seams that it is reload by gpg2. Also, i success to create or load and use 3072 bits keys. mahoru@debian:~/.gnupg$ gpg2 --card-edit scdaemon[3299]: enabled debug flags: cardio scdaemon[3299]: listening on socket `/tmp/gpg-9QyA9z/S.scdaemon' scdaemon[3299]: handler for fd -1 started scdaemon[3299]: reader slot 0: not connected scdaemon[3299]: slot 0: ATR=3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C scdaemon[3299]: DBG: send apdu: c=00 i=A4 p1=00 p2=0C lc=2 le=-1 em=0 scdaemon[3299]: DBG: PCSC_data: 00 A4 00 0C 02 3F 00 scdaemon[3299]: DBG: response: sw=6B00 datalen=0 scdaemon[3299]: DBG: send apdu: c=00 i=A4 p1=04 p2=00 lc=6 le=-1 em=0 scdaemon[3299]: DBG: PCSC_data: 00 A4 04 00 06 D2 76 00 01 24 01 scdaemon[3299]: DBG: response: sw=9000 datalen=0 scdaemon[3299]: DBG: dump: scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=4F lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 4F 00 scdaemon[3299]: DBG: response: sw=9000 datalen=16 scdaemon[3299]: DBG: dump: D2 76 00 01 24 01 02 00 00 05 00 00 10 E5 00 00 scdaemon[3299]: AID: D2 76 00 01 24 01 02 00 00 05 00 00 10 E5 00 00 scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=5F p2=52 lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 5F 52 00 scdaemon[3299]: DBG: response: sw=9000 datalen=10 scdaemon[3299]: DBG: dump: 00 31 C5 73 C0 01 40 05 90 00 scdaemon[3299]: Historical Bytes: 00 31 C5 73 C0 01 40 05 90 00 scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=C4 lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 C4 00 scdaemon[3299]: DBG: response: sw=9000 datalen=7 scdaemon[3299]: DBG: dump: 01 20 20 20 03 00 03 scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=6E lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 6E 00 scdaemon[3299]: DBG: response: sw=9000 datalen=217 scdaemon[3299]: DBG: dump: 4F 10 D2 76 00 01 24 01 02 00 00 05 00 00 10 E5 00 00 5F 52 0A 00 31 C5 73 C0 01 40 05 90 00 73 81 B7 C0 0A 7C 00 08 00 08 00 08 00 08 00 C1 06 01 10 00 00 20 00 C2 06 01 10 00 00 20 00 C3 06 01 10 00 00 20 00 C4 07 01 20 20 20 03 00 03 C5 3C 64 89 1D 7C 09 CC 65 8A 31 B2 D1 A4 90 2E 9E 03 D6 1B A0 38 87 A7 40 2C 8B 32 E3 80 8A 41 95 32 6D BC 54 33 FF A4 6E BA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 3C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CD 0C 4E C3 D4 75 4E C3 D4 75 00 00 00 00 scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=5E lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 5E 00 scdaemon[3299]: DBG: response: sw=9000 datalen=0 scdaemon[3299]: DBG: dump: scdaemon[3299]: Version-2 ..: yes scdaemon[3299]: Get-Challenge ..: yes (2048 bytes max) scdaemon[3299]: Key-Import .: yes scdaemon[3299]: Change-Force-PW1: yes scdaemon[3299]: Private-DOs : yes scdaemon[3299]: Algo-Attr-Change: yes scdaemon[3299]: SM-Support .: no scdaemon[3299]: Max-Cert3-Len ..: 2048 scdaemon[3299]: Max-Cmd-Data ...: 2048 scdaemon[3299]: Max-Rsp-Data ...: 2048 scdaemon[3299]: Cmd-Chaining ...: no scdaemon[3299]: Ext-Lc-Le ..: yes scdaemon[3299]: Status Indicator: 05 scdaemon[3299]: GnuPG-No-Sync ..: no scdaemon[3299]: GnuPG-Def-PW2 ..: no scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=6E lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 6E 00 scdaemon[3299]: DBG: response: sw=9000 datalen=217 scdaemon[3299]: DBG: dump: 4F 10 D2 76 00 01 24 01 02 00 00 05 00 00 10 E5 00 00 5F 52 0A 00 31 C5 73 C0 01 40 05 90 00 73 81 B7 C0 0A 7C 00 08 00 08 00 08 00 08 00 C1 06 01 10 00 00 20 00 C2 06 01 10 00 00 20 00 C3 06 01 10 00 00 20 00 C4 07 01 20 20 20 03 00 03 C5 3C 64 89 1D 7C 09 CC 65 8A 31 B2 D1 A4 90 2E 9E 03 D6 1B A0 38 87 A7 40 2C 8B 32 E3 80 8A 41 95 32 6D BC 54 33 FF A4 6E BA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 3C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CD 0C 4E C3 D4 75 4E C3 D4 75 00 00 00 00 scdaemon[3299]: Key-Attr-sign ..: RSA, n=4096, e=32, fmt=std scdaemon[3299]: DBG: send apdu: c=00 i=CA p1=00 p2=6E lc=-1 le=256 em=0 scdaemon[3299]: DBG: PCSC_data: 00 CA 00 6E 00 scdaemon[3299]: DBG: response: sw=9000 datalen=217 scdaemon[3299]: DBG: dump: 4F 10 D2 76 00 01 24 01 02 00 00 05 00 00 10 E5 00 00 5F 52 0A 00 31 C5 73 C0 01 40 05 90 00 73 81 B7 C0 0A 7C 00 08 00 08 00 08 00 08 00 C1 06 01 10 00 00 20 00 C2 06 01 10 00 00 20 00 C3 06 01 10 00 00 20 00 C4 07 01 20 20 20 03 00 03 C5 3C 64 89 1D 7C 09 CC 65 8A 31 B2 D1 A4 90 2E 9E 03 D6 1B A0 38 87 A7 40 2C 8B 32 E3 80 8A 41 95 32 6D BC 54 33 FF A4 6E BA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 3C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Re: Problem with GPG
On 10.08.2011, MFPA wrote: The output from gpg --dump-options shows that both spellings are valid (for v 1.4.11 at least). Yes, now I see it, after you mentioned it. However, the manpage doesn't know about armour, and that was the motivation for my mail. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
Hello Werner, Yesterday, Aug 8, Werner Koch wrote to lists.gnupg-us...@duinheks.nl about...: WK You should better use WK gpg --batch --sign --armour --clearsig --passphrase-fd 0 --yes -o $1.asc $1 I will do that in future. WK to avoid the mv. Even better use gpg-agent. That will take some thinking. Will look into it. WK gpg: pkglue.c:41: mpi_from_sexp: Assertion `data' failed. WK Aborted WK Please show us the output of WK /usr/bin/gpg --version Of course: $ gpg --version gpg (GnuPG) 2.0.18 libgcrypt 1.5.0 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 Regards, Hans. J.D.H. Beekhuizen e-mail: jdh.beekhui...@duinheks.nl tel:+31(0)714015437 fax:+31(0)714017198 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
On Tue, 9 Aug 2011 13:34, lists.gnupg-us...@duinheks.nl said:
gpg (GnuPG) 2.0.18
libgcrypt 1.5.0
Okay, I only asked to make sure that we are really using the right
version.
It would be helpful if you could change this function in
gnupg/g10/pkglue.c:
static gcry_mpi_t
mpi_from_sexp (gcry_sexp_t sexp, const char * item)
{
gcry_sexp_t list;
gcry_mpi_t data;
list = gcry_sexp_find_token (sexp, item, 0);
assert (list);
data = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG);
assert (data);
gcry_sexp_release (list);
return data;
}
to
static gcry_mpi_t
mpi_from_sexp (gcry_sexp_t sexp, const char * item)
{
gcry_sexp_t list;
gcry_mpi_t data;
list = gcry_sexp_find_token (sexp, item, 0);
assert (list);
data = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG);
if (!data)
gcry_sexp_dump (list);
assert (data);
gcry_sexp_release (list);
return data;
}
That is, insert the two extra lines and run again; you should notice
some debug output right before the assertion failure.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
On 08.08.2011, Werner Koch wrote: echo | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd 0 $1 gpg --batch --sign --armour --clearsig --passphrase-fd 0 --yes -o $1.asc $1 Shouldn't this be --armor (and not --armour)?! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 9 August 2011 at 9:40:13 PM, in mid:20110809204013.ga2...@fritha.org, Heinz Diehl wrote: Shouldn't this be --armor (and not --armour)?! The output from gpg --dump-options shows that both spellings are valid (for v 1.4.11 at least). - -- Best regards MFPAmailto:expires2...@ymail.com Editing is a rewording activity -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJOQdLRnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pDkwD/07y 5WDscq06yGqQRMFJhEHpoaAXxhi6P+mbsMEcsxRBB0oEmNNfeji0p5SUte2yc5GK vcT4W1g2yJv1vQohubfambxzoSz0PhG1z0ZwJ+hlUbEgBcm41HAa7MuJWn6vQOto WTHtibnBzyzp88x1iNRj3zL+VHcoEnlF5kB5/n0s =Yj2b -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Problem with GPG
Hello, I call PGP from Pine with a simple script: #!/bin/sh echo | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd 0 $1 mv $1.asc $2 Lately I noticed that it did not work, withour giving me any warning. When I use it 'by hand' I see an error: echo xxx | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd test -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 gpg: pkglue.c:41: mpi_from_sexp: Assertion `data' failed. Aborted What's happening and how can I repair it? The file test contains nothing spectacular: /home/jbeekhui/.gnupg/pubring.gpg - pub 1024D/4F702D4A 2001-10-27 Johannes D.H. Beekhuizen Key fingerprint = C913 300F FEF9 92BE 8320 07B4 2DF2 2641 4F70 2D4A uidJohannes Beekhuizen sub 1024g/1074CC1A 2001-10-27 I'm running GNUpg 2.0.18 under SlackWare 13.0, built with the libraries: libgpg-error 1.9 libgrypt 1.5.0 libksba 1.2.0 libassuan 2.0.2 Maby yhnals for any helpful help, Hans Beekhuizen. J.D.H. Beekhuizen e-mail: jdh.beekhui...@duinheks.nl tel:+31(0)714015437 fax:+31(0)714017198 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
On Mon, 8 Aug 2011 14:58, lists.gnupg-us...@duinheks.nl said: #!/bin/sh echo | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd 0 $1 You should better use gpg --batch --sign --armour --clearsig --passphrase-fd 0 --yes -o $1.asc $1 to avoid the mv. Even better use gpg-agent. echo xxx | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd test -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 gpg: pkglue.c:41: mpi_from_sexp: Assertion `data' failed. Aborted Please show us the output of /usr/bin/gpg --version Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with GPG
On 08/08/2011 05:58, lists.gnupg-us...@duinheks.nl wrote: Hello, I call PGP from Pine with a simple script: Take a look at http://dougbarton.us/PGP/ppf/index.html gpg: pkglue.c:41: mpi_from_sexp: Assertion `data' failed. Aborted I'm running GNUpg 2.0.18 under SlackWare 13.0, built with the libraries: libgpg-error1.9 libgrypt1.5.0 libksba1.2.0 libassuan2.0.2 That's the same error I was getting when I ran 2.0.17 compiled against the old libgcrypt after upgrading libgcrypt to 1.5.0. Does gpg --version tell you that you're running 2.0.18? Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
problem getting gpg to work
I have a zipped file that I un zipped and then notice the file types are gpg. I installed the gpg and un tarred it in a different location where the zip folder is, does that matter? Also, what command do I use to unzip the gpg file ? When I ungpg or gz the file I need to be a txt file for importing into access. Many thanks Mary ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: problem getting gpg to work
It sounds like you already know how to unzip them. Are you asking how to decrypt them? Do you have any reason to believe the files were encrypted for a key that you have in your possession? gpg --list-packets file will tell you the key that was used to encrypt. If you do not have the private key for it, you are out of luck. --Scott On Thu, Jun 2, 2011 at 9:14 AM, Wanda Sprowl wmspr...@austin.rr.com wrote: I have a zipped file that I un zipped and then notice the file types are gpg. I installed the gpg and un tarred it in a different location where the zip folder is, does that matter? Also, what command do I use to unzip the gpg file ? When I ungpg or gz the file I need to be a txt file for importing into access. Many thanks Mary ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- “Until we have the courage to recognize cruelty for what it is—whether its victim is human or animal —we cannot expect things to be much better in this world. We cannot have peace among men whose hearts delight in killing any living creature.”—Rachel Carson, Silent Spring ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: problem getting gpg to work
On Thu, Jun 2, 2011 at 15:14, Wanda Sprowl wmspr...@austin.rr.com wrote: Also, what command do I use to unzip the gpg file ? When I ungpg or gz the file I need to be a txt file for importing into access. gpg files are usually encrypted, which means you need a key to get at the contents. If you haven't used gpg or PGP before, then your correspondent probably didn't encrypt the file to a public key. They will have used a password. You need to know that password to access the file. I suggest you contact the person who sent you this file. They should be able to help out. -- Jerome Baum tel +49-1578-8434336 email jer...@jeromebaum.com -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: problem with gpg
On Thu, Jun 2, 2011 at 23:08, wanda.spr...@newcomlink.com wrote: Yes I have the password and I was given a script that actually calls the file and inserts password but I have to do it for every single file I can't just run the script for all and have it decrypt all by running the script? I also don’t' know where to put the script it was given to me in note pad does it have to go in a path or file that the actual files are in ? Could you provide the script? (Make sure to remove any sensitive contents -- replace paths, filenames, passwords, and any other private information with e.g. ***REDACTED***) -- Jerome Baum tel +49-1578-8434336 email jer...@jeromebaum.com -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
code page problem with gpg 4 win
Hi, all I use gpg version 1.4.10 for win, my native language is chinese, i want to gen a key pair with Chinese real name (UID).but when i type chinese characters in the console, gpg failed to handle the chinese characters . i ever used the following commands to gen key pair: gpg --display-charset utf-8 --gen-key gpg --utf8-strings --gen-key gpg --display-charset GBK --gen-key All of them failed to do it. I searched the mail list for this problem, i find the following URL: http://lists.gnupg.org/pipermail/gnupg-i18n/2003-March/000202.html it gives a solution for russian.but what can i do in my case? BTW: I can gen key pair with chinese characters uid by GNU-4win GUI. and console in my os uses code page 936, that means GBK. of course, when i type following command, that chinese characters uid can be display well. gpg --list-keys thanks for every reply. -- regards Ray ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
Hi, thanks for the hint, I have changed this - unfortunately this did not made a change to the error message. Interesting to mention what Kleopatra tells me: - gpgcong Configuration Check Ok - gpg Configuration Check failed - gpg-agent Configuration Check failed - scddeamon Configuration Check failed - dirmngr Configuration Check failed All failed have a tool tip which says: gpgconf: invalid option -check-options I have searched google so many times. i do not find a hint - hope you have one :-))) Michael Am Donnerstag 02 Oktober 2008 01:01:03 schrieb John Clizbe: Michael wrote: keyserver-options auto-key-retrieve include-subkeys include-revoked import- clean export-clean import-options import-clean import-options import-clean belongs on a separate line from the keyserver-options ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
Hello Werner, Am Donnerstag 02 Oktober 2008 08:33:17 schrieb Werner Koch: On Thu, 2 Oct 2008 07:56, [EMAIL PROTECTED] said: All failed have a tool tip which says: gpgconf: invalid option -check-options The name of the option should be --check-options (two leading dashes). Thanks, my typo there are two dashes... This is a quite new option to gpgconf, it was added on 2008-05-20 and thus it is not available in the last released version of GnuPG (2.0.9) I was not aware that KDE did a release requiring a non yet released version of GnuPG. This is probably becuase all developers used an SVN snapshot. I use for KDE: Version 4.1.2 (KDE 4.1.1 (KDE 4.1 = 20080828)) release 52.2 so this is kind of very actual but not (too) experimental.. Background: The new code was added in the course of a Windows project to port KDE to Windows. For Windows we use a snapshot of GnuPG. I know that a GnuPG release is long overdue; I hope to get a release candidate out in about 2 weeks. I will unsubscribe from the list and post an update in case I encounter problems. Is there an anouncelist for your next release? Michael Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
On Thu, 2 Oct 2008 13:26, [EMAIL PROTECTED] said: I will unsubscribe from the list and post an update in case I encounter problems. Is there an anouncelist for your next release? [EMAIL PROTECTED] Shalom-Salam, Werner -- Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
Michael wrote the following on 10/1/08 1:00 AM: Hello I am useing kde 4.1.1 and gpg 2.0.9 within kde there is a Program Kleopatra to maintain the keys. This program performs a selfcheck and complains about an option setting: gpgconf: ungültige Option --check-options I have searched all files up and down but I can not find out where this option is set. If there is anyone how has an idea to find this setting or even has an idea why this option might be invalid - I'd be happy to here about. Thanks a lot Michael Michael, there does seem to be such an option as --check-options. There are such options as: --import-options, --export-options, --list-options, --keyserver-options, and a few more; all of them have to be defined by a value, e.g. --list-options no-show-photos (do not show photos when listing keys included in a user's keyserver), and so on. Whereas the --check option is always (or usually) composed as --check-sigs, --check-trustdb, etc. --check-options as a inclusive option followed by a defining value is invalid (I believe ungültige means invalid). So maybe you'd be better erase (or comment) --check-options in your gpg.conf file. Just a thought, Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
Hello Charly, thanks for your answer, I have attacht further information at the bottom of this mail. Am Mittwoch 01 Oktober 2008 13:13:35 schrieb Charly Avital: Michael wrote the following on 10/1/08 1:00 AM: I am useing kde 4.1.1 and gpg 2.0.9 within kde there is a Program Kleopatra to maintain the keys. This program performs a selfcheck and complains about an option setting: gpgconf: ungültige Option --check-options there does seem to be such an option as --check-options. [...] Whereas the --check option is always (or usually) composed as --check-sigs, --check-trustdb, etc. So maybe you'd be better erase (or comment) --check-options in your gpg.conf file. These are my settings in gpg.conf I do not really see a check-option, how ever this makes sense. Maybe one of the experts sees the problem ? default-key 923B023B ask-cert-level default-cert-level 2 require-cross-certification charset utf-8 keyserver hkp://subkeys.pgp.net verbose verbose verbose keyserver-options auto-key-retrieve include-subkeys include-revoked import- clean export-clean import-options import-clean comment GPG keyID 0x - For copy: http://tinyurl.com/x use-agent Thanks a lot Michael ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem with gpg and option --check-options
Michael wrote: keyserver-options auto-key-retrieve include-subkeys include-revoked import- clean export-clean import-options import-clean import-options import-clean belongs on a separate line from the keyserver-options -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:[EMAIL PROTECTED] Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Problem with gpg and option --check-options
Hello I am useing kde 4.1.1 and gpg 2.0.9 within kde there is a Program Kleopatra to maintain the keys. This program performs a selfcheck and complains about an option setting: gpgconf: ungültige Option --check-options I have searched all files up and down but I can not find out where this option is set. If there is anyone how has an idea to find this setting or even has an idea why this option might be invalid - I'd be happy to here about. Thanks a lot Michael ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
sshd authentication problem with gpg-agent and OpenPGP card
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all! I recently found a problem when using OpenPGP cards with gpg-agent in combination with ssh/sshd. Technical details follows: - --- snip --- gpg-agent --version gpg-agent (GnuPG) 2.0.0 - --- snip --- rpm -qf `which ssh-add` openssh-3.9p1-12.10 - --- snip --- ssh-add -l 1024 fingerprint_in_hex cardno:my_card_no (RSA) 1024 fingerprint_in_hex ~/id_dsa (DSA) 1024 fingerprint_in_hex ~/other_id_dsa (DSA) 1024 fingerprint_in_hex ~/other2_id_dsa (DSA) - --- snip --- (on the remote machine) # rpm -qf `which sshd` openssh-3.9p1-12.10 - --- snip --- OK. Connecting to the remote via: ssh -i ~/.ssh/id_dsa remote_host works perfectly (no card involved) but: ssh - remote_host tries to use the card and results in: - --- snip --- debug2: key: cardno:my_card (0x8095498) debug2: key: ~/.ssh/id_dsa (0x80999b0) debug2: key: ~/.ssh/other_id_dsa (0x8098d98) debug2: key: ~/.ssh/other2_id_dsa (0x8098d98) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: cardno:my_card_no debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply Connection closed by remote_host - --- snip --- and the log on the remote machine explains this abrupt connection loss: - --- snip --- Dec 5 09:47:19 floyd sshd[4666]: fatal: buffer_get_bignum2: negative numbers not supported Dec 5 09:55:13 floyd sshd[4893]: fatal: buffer_get_bignum2: negative numbers not supported - --- snip --- The last snippet shows whats going on in gpg-agent: - --- snip --- [client at fd 4 connected] 4 - 2006-12-05 10:10:37 gpg-agent[10191]: SSH-Handhabungsroutine 0x80858b8 für fd 7 gestartet 4 - 2006-12-05 10:10:37 gpg-agent[10191]: ssh request handler for request_identities (11) started 4 - 2006-12-05 10:10:37 gpg-agent[10191]: new connection to SCdaemon established (reusing) [client at fd 5 connected] 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - GETATTR $AUTHKEYID 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - S $AUTHKEYID OPENPGP.3 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - OK 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - GETATTR SERIALNO 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - S SERIALNO my_serial_info 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - OK 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - READKEY OPENPGP.3 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - [ xx xx...(all bytes skipped) ] 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - OK 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - GETATTR $DISPSERIALNO 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - S $DISPSERIALNO the_displayable_serialno 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - OK 4 - 2006-12-05 10:10:37 gpg-agent[10191]: ssh request handler for request_identities (11) ready 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - RESTART 5 - 2006-12-05 10:10:37 scdaemon[10600.0] DBG: - OK 4 - 2006-12-05 10:10:37 gpg-agent[10191]: SSH-Handhabungsroutine 0x80858b8 für fd 7 beendet - --- snip --- So gpg-agent in conjunction with this ssh version might deliver invalid data to the waiting ssh daemon. I found nothing particular on the mentioned bignum package in sshd though... :-( Anybody knows whats going on with OpenPGP card authentication? Werner? :-) Salut, Jörg - -- gpg/pgp key # 0xd7fa4512 fingerprint 4e89 6967 9cb2 f548 a806 7e8b fcf4 2053 d7fa 4512 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFFdTik/PQgU9f6RRIRArT4AJ4wXZaBiR8oZWhlvAcZXSOP8VdUcwCgzbs/ aUdw1ByhBJlE8e3C9KeiGsE= =JwLw -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Problem with gpg --batch --gen-key
Hi folks, I am trying to generate a key from within a Java application. Everything seems to go right, but at the beginning, everything stops. I have no idea what could be wrong... Anyone of you guys? C:\gpg --batch --gen-key Key-Type: DSA Key-Length: 1024 Subkey-Type: ELG-E Subkey-Length: 1024 Name-Real: qwertz Name-Comment: qwertz Name-Email: [EMAIL PROTECTED] Expire-Date: 0 Passphrase: password %pubring C:\gpg\pubring.pgp %secring C:\gpg\secring.pgp %commit +.+.++...+++.+++.+++ ++..++.+..+. +..+ .++....+++.+ +..+^^^ Every single hint will be very welcome!!! Bjorn ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re[2]: Problem with GPG and TheBat
Hello omn, Sunday, May 22, 2005, 6:15:06 AM, you wrote: Hi Sean, Sunday, May 22, 2005, 7:25:07 AM, you wrote: Hello gnupg-users, I am using gpg 1.41 Windows with TheBat and I get the following trying to retrieve keys: gpg: Signature made 05/21/05 21:52:30 using DSA key ID 6F50DB32 gpg: requesting key 6F50DB32 from hkp server blackhole.pca.dfn.de gpg: renaming `c:/gnupg\pubring.gpg' to `c:/gnupg\pubring.bak' failed: Permission denied gpg: error writing keyring `c:/gnupg\pubring.gpg': file rename error gpg: key 6F50DB32: public key [User ID not found] imported gpg: error reading `[stream]': file rename error gpg: Total number processed: 0 gpg: imported: 1 gpg: Can't check signature: public key not found It was reported in https://www.ritlabs.com/bt/view.php?id=2442nbn=8 . Is there anyway to get around this? Insert the following in gpg.conf file. no-default-keyring Added that now, It looks, from my reading, to be a gpg error not a Bat error Sean -- ICQ: 679813 YAHOO: thecivvie Jabber: [EMAIL PROTECTED] AIM: tcobone Vodafone +353879120530 Winamp is stopped pgplKkJceeLd8.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
