Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Fernando Rodriguez <cyklonite@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] gpg: selftest for CTR failed - see syslog for details
Date: Thu, 06 Apr 2017 14:52:29
Message-Id: 9403251c-9827-86ae-59f9-9979fa1f93eb@gmail.com
In Reply to: Re: [gentoo-user] gpg: selftest for CTR failed - see syslog for details by Miroslav Rovis
1 On 04/05/2017 10:22 PM, Miroslav Rovis wrote:
2 > On 170405-18:01-0400, Fernando Rodriguez wrote:
3 >> Hello,
4 >>
5 >> After a recent update I'm getting this error whenever I try to encrypt
6 >> or decrypt using gnupg. Here's error:
7 >>
8 >>> gpg: selftest for CTR failed - see syslog for details
9 >>> gpg: Ohhhh jeeee: ... this is a bug (seskey.c:61:make_session_key)
10 >>> Aborted
11 >>
12 >> And the syslog:
13 >>
14 >>> gpg[8945]: Libgcrypt warning: AES-CTR-128 test failed (plaintext mismatch)
15 >>
16 >>
17 >>
18 >> It started after a recent update that included gnupg and libgcrypt. The
19 >> versions before the update where libgcrypt-1.7.3 and gnupg-2.1.15. After
20 >> the update 1.7.6 and 2.1.18 respectively. I tried downgrading both
21 >> packages but it didn't help.
22 >>
23 >> I tried to delete the whole ~/.gnupg directory and re-import the keys
24 >> but it fails with the same error.
25 >>
26 >> I have another keyring on the same machine that I use with the --homedir
27 >> option and I have not problems with it.
28 >>
29 >> When I try to generate a new key I get the following error:
30 >>
31 >>> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
32 >>> We need to generate a lot of random bytes. It is a good idea to perform
33 >>> some other action (type on the keyboard, move the mouse, utilize the
34 >>> disks) during the prime generation; this gives the random number
35 >>> generator a better chance to gain enough entropy.
36 >>> gpg: agent_genkey failed: Missing key
37 >>> Key generation failed: Missing key
38 >>>
39 >>>
40 >>
41 >> Any ideas?
42 >
43 > I tried some decryption. No issues here:
44 >
45 > $ gpg --version
46 > gpg (GnuPG) 2.1.20
47 > libgcrypt 1.7.6
48 > Copyright (C) 2017 Free Software Foundation, Inc.
49 > License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
50 > This is free software: you are free to change and redistribute it.
51 > There is NO WARRANTY, to the extent permitted by law.
52 >
53 > Home: /home/miro/.gnupg
54 > Supported algorithms:
55 > Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
56 > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
57 > CAMELLIA128, CAMELLIA192, CAMELLIA256
58 > Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
59 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
60 > $
61 >
62 > It could be something else, or your Gnupg installation is somehow
63 > broken...
64 >
65
66 Thanks. Here's the output of gpg --gen-key --debug-all in case anyone
67 else can help.
68
69 > $ gpg --gen-key --debug-all
70 > gpg: Note: no default option file '/home/fernan/.gnupg/gpg.conf'
71 > gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc.
72 > This is free software: you are free to change and redistribute it.
73 > There is NO WARRANTY, to the extent permitted by law.
74 >
75 > gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing cardio ipc clock lookup extprog
76 > gpg: DBG: [not enabled in the source] start
77 > gpg: directory '/home/fernan/.gnupg' created
78 > gpg: new configuration file '/home/fernan/.gnupg/dirmngr.conf' created
79 > gpg: new configuration file '/home/fernan/.gnupg/gpg.conf' created
80 > gpg: DBG: fd_cache_invalidate (/home/fernan/.gnupg/pubring.kbx)
81 > gpg: DBG: iobuf-1.0: open '/home/fernan/.gnupg/pubring.kbx' desc=file_filter(fd) fd=3
82 > gpg: DBG: iobuf-1.0: close 'file_filter(fd)'
83 > gpg: DBG: /home/fernan/.gnupg/pubring.kbx: close fd/handle 3
84 > gpg: DBG: fd_cache_close (/home/fernan/.gnupg/pubring.kbx) new slot created
85 > gpg: DBG: iobuf-*.*: ioctl '/home/fernan/.gnupg/pubring.kbx' invalidate
86 > gpg: DBG: fd_cache_invalidate (/home/fernan/.gnupg/pubring.kbx)
87 > gpg: DBG: did (/home/fernan/.gnupg/pubring.kbx)
88 > gpg: keybox '/home/fernan/.gnupg/pubring.kbx' created
89 > Note: Use "gpg2 --full-gen-key" for a full featured key generation dialog.
90 >
91 > GnuPG needs to construct a user ID to identify your key.
92 >
93 > Real name: fsadfas
94 > Email address: fads@××××.com
95 > You selected this USER-ID:
96 > "fsadfas <fads@××××.com>"
97 >
98 > Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
99 > We need to generate a lot of random bytes. It is a good idea to perform
100 > some other action (type on the keyboard, move the mouse, utilize the
101 > disks) during the prime generation; this gives the random number
102 > generator a better chance to gain enough entropy.
103 > gpg: DBG: chan_4 <- OK Pleased to meet you, process 18814
104 > gpg: DBG: connection to agent established
105 > gpg: DBG: chan_4 -> RESET
106 > gpg: DBG: chan_4 <- OK
107 > gpg: DBG: chan_4 -> OPTION ttyname=/dev/pts/2
108 > gpg: DBG: chan_4 <- OK
109 > gpg: DBG: chan_4 -> OPTION ttytype=xterm
110 > gpg: DBG: chan_4 <- OK
111 > gpg: DBG: chan_4 -> OPTION display=:0
112 > gpg: DBG: chan_4 <- OK
113 > gpg: DBG: chan_4 -> OPTION xauthority=/tmp/xauth-1000-_0
114 > gpg: DBG: chan_4 <- OK
115 > gpg: DBG: chan_4 -> OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-2FF2vYbCnV,guid=883de1ea15755281b1dbb77b58e64397
116 > gpg: DBG: chan_4 <- OK
117 > gpg: DBG: chan_4 -> OPTION lc-ctype=en_US.utf8
118 > gpg: DBG: chan_4 <- OK
119 > gpg: DBG: chan_4 -> OPTION lc-messages=en_US.utf8
120 > gpg: DBG: chan_4 <- OK
121 > gpg: DBG: chan_4 -> GETINFO version
122 > gpg: DBG: chan_4 <- D 2.1.15
123 > gpg: DBG: chan_4 <- OK
124 > gpg: DBG: chan_4 -> OPTION allow-pinentry-notify
125 > gpg: DBG: chan_4 <- OK
126 > gpg: DBG: chan_4 -> OPTION agent-awareness=2.1.0
127 > gpg: DBG: chan_4 <- OK
128 > gpg: DBG: chan_4 -> AGENT_ID
129 > gpg: DBG: chan_4 <- ERR 67109139 Unknown IPC command <GPG Agent>
130 > gpg: DBG: chan_4 -> RESET
131 > gpg: DBG: chan_4 <- OK
132 > gpg: DBG: chan_4 -> GENKEY
133 > gpg: DBG: chan_4 <- S INQUIRE_MAXLEN 1024
134 > gpg: DBG: chan_4 <- INQUIRE KEYPARAM
135 > gpg: DBG: chan_4 -> D (genkey(rsa(nbits 4:2048)))
136 > gpg: DBG: chan_4 -> END
137 > gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18816
138 > gpg: DBG: chan_4 -> END
139 > gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18819
140 > gpg: DBG: chan_4 -> END
141 > gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18823
142 > gpg: DBG: chan_4 -> END
143 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 99 128
144 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 120 128
145 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 126 128
146 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 128 128
147 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
148 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
149 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
150 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
151 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
152 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
153 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
154 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
155 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
156 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
157 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
158 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
159 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
160 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
161 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
162 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
163 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
164 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
165 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
166 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
167 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
168 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
169 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
170 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
171 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
172 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
173 > gpg: DBG: chan_4 <- S PROGRESS primegen X 100 100
174 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 79 128
175 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 116 128
176 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 125 128
177 > gpg: DBG: chan_4 <- S PROGRESS need_entropy X 128 128
178 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
179 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
180 > gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
181 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
182 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
183 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
184 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
185 > gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
186 > gpg: DBG: chan_4 <- S PROGRESS primegen X 100 100
187 > gpg: DBG: chan_4 <- ERR 16777397 Missing key <gcrypt>
188 > gpg: agent_genkey failed: Missing key
189 > Key generation failed: Missing key
190 > gpg: DBG: [not enabled in the source] stop
191 > gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
192 > outmix=0 getlvl1=0/0 getlvl2=0/0
193 > gpg: secmem usage: 1344/65536 bytes in 2 blocks
194
195 It appears to be related to libgcrypt but I have no clue where to go
196 from here. I'm using the same versions I was using a few days ago when
197 it was working. I also downgraded libgpg-error to 1.24, that's the only
198 libgcrypt dependency that was updated so I'm not sure what else could be
199 affecting it.
200
201 --
202
203 Fernando Rodriguez
Report Message
Find on MARC Find on Google Groups