1 |
On 04/05/2017 10:22 PM, Miroslav Rovis wrote: |
2 |
> On 170405-18:01-0400, Fernando Rodriguez wrote: |
3 |
>> Hello, |
4 |
>> |
5 |
>> After a recent update I'm getting this error whenever I try to encrypt |
6 |
>> or decrypt using gnupg. Here's error: |
7 |
>> |
8 |
>>> gpg: selftest for CTR failed - see syslog for details |
9 |
>>> gpg: Ohhhh jeeee: ... this is a bug (seskey.c:61:make_session_key) |
10 |
>>> Aborted |
11 |
>> |
12 |
>> And the syslog: |
13 |
>> |
14 |
>>> gpg[8945]: Libgcrypt warning: AES-CTR-128 test failed (plaintext mismatch) |
15 |
>> |
16 |
>> |
17 |
>> |
18 |
>> It started after a recent update that included gnupg and libgcrypt. The |
19 |
>> versions before the update where libgcrypt-1.7.3 and gnupg-2.1.15. After |
20 |
>> the update 1.7.6 and 2.1.18 respectively. I tried downgrading both |
21 |
>> packages but it didn't help. |
22 |
>> |
23 |
>> I tried to delete the whole ~/.gnupg directory and re-import the keys |
24 |
>> but it fails with the same error. |
25 |
>> |
26 |
>> I have another keyring on the same machine that I use with the --homedir |
27 |
>> option and I have not problems with it. |
28 |
>> |
29 |
>> When I try to generate a new key I get the following error: |
30 |
>> |
31 |
>>> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o |
32 |
>>> We need to generate a lot of random bytes. It is a good idea to perform |
33 |
>>> some other action (type on the keyboard, move the mouse, utilize the |
34 |
>>> disks) during the prime generation; this gives the random number |
35 |
>>> generator a better chance to gain enough entropy. |
36 |
>>> gpg: agent_genkey failed: Missing key |
37 |
>>> Key generation failed: Missing key |
38 |
>>> |
39 |
>>> |
40 |
>> |
41 |
>> Any ideas? |
42 |
> |
43 |
> I tried some decryption. No issues here: |
44 |
> |
45 |
> $ gpg --version |
46 |
> gpg (GnuPG) 2.1.20 |
47 |
> libgcrypt 1.7.6 |
48 |
> Copyright (C) 2017 Free Software Foundation, Inc. |
49 |
> License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> |
50 |
> This is free software: you are free to change and redistribute it. |
51 |
> There is NO WARRANTY, to the extent permitted by law. |
52 |
> |
53 |
> Home: /home/miro/.gnupg |
54 |
> Supported algorithms: |
55 |
> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA |
56 |
> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, |
57 |
> CAMELLIA128, CAMELLIA192, CAMELLIA256 |
58 |
> Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 |
59 |
> Compression: Uncompressed, ZIP, ZLIB, BZIP2 |
60 |
> $ |
61 |
> |
62 |
> It could be something else, or your Gnupg installation is somehow |
63 |
> broken... |
64 |
|
65 |
I took the entire .gnupg from the same machine I exported the key from |
66 |
and copied it over to this machine. Now I can at least sign messages but |
67 |
encryption/decryption still fails with the same error. |
68 |
|
69 |
|
70 |
-- |
71 |
|
72 |
Fernando Rodriguez |