| 1 |
On 04/06/2017 11:10 AM, Fernando Rodriguez wrote: |
| 2 |
> On 04/05/2017 10:22 PM, Miroslav Rovis wrote: |
| 3 |
>> On 170405-18:01-0400, Fernando Rodriguez wrote: |
| 4 |
>>> Hello, |
| 5 |
>>> |
| 6 |
>>> After a recent update I'm getting this error whenever I try to encrypt |
| 7 |
>>> or decrypt using gnupg. Here's error: |
| 8 |
>>> |
| 9 |
>>>> gpg: selftest for CTR failed - see syslog for details |
| 10 |
>>>> gpg: Ohhhh jeeee: ... this is a bug (seskey.c:61:make_session_key) |
| 11 |
>>>> Aborted |
| 12 |
>>> |
| 13 |
>>> And the syslog: |
| 14 |
>>> |
| 15 |
>>>> gpg[8945]: Libgcrypt warning: AES-CTR-128 test failed (plaintext |
| 16 |
>>>> mismatch) |
| 17 |
>>> |
| 18 |
>>> |
| 19 |
>>> |
| 20 |
>>> It started after a recent update that included gnupg and libgcrypt. The |
| 21 |
>>> versions before the update where libgcrypt-1.7.3 and gnupg-2.1.15. After |
| 22 |
>>> the update 1.7.6 and 2.1.18 respectively. I tried downgrading both |
| 23 |
>>> packages but it didn't help. |
| 24 |
>>> |
| 25 |
>>> I tried to delete the whole ~/.gnupg directory and re-import the keys |
| 26 |
>>> but it fails with the same error. |
| 27 |
>>> |
| 28 |
>>> I have another keyring on the same machine that I use with the --homedir |
| 29 |
>>> option and I have not problems with it. |
| 30 |
>>> |
| 31 |
>>> When I try to generate a new key I get the following error: |
| 32 |
>>> |
| 33 |
>>>> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o |
| 34 |
>>>> We need to generate a lot of random bytes. It is a good idea to perform |
| 35 |
>>>> some other action (type on the keyboard, move the mouse, utilize the |
| 36 |
>>>> disks) during the prime generation; this gives the random number |
| 37 |
>>>> generator a better chance to gain enough entropy. |
| 38 |
>>>> gpg: agent_genkey failed: Missing key |
| 39 |
>>>> Key generation failed: Missing key |
| 40 |
>>>> |
| 41 |
>>>> |
| 42 |
>>> |
| 43 |
>>> Any ideas? |
| 44 |
>> |
| 45 |
>> I tried some decryption. No issues here: |
| 46 |
>> |
| 47 |
>> $ gpg --version |
| 48 |
>> gpg (GnuPG) 2.1.20 |
| 49 |
>> libgcrypt 1.7.6 |
| 50 |
>> Copyright (C) 2017 Free Software Foundation, Inc. |
| 51 |
>> License GPLv3+: GNU GPL version 3 or later |
| 52 |
>> <https://gnu.org/licenses/gpl.html> |
| 53 |
>> This is free software: you are free to change and redistribute it. |
| 54 |
>> There is NO WARRANTY, to the extent permitted by law. |
| 55 |
>> |
| 56 |
>> Home: /home/miro/.gnupg |
| 57 |
>> Supported algorithms: |
| 58 |
>> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA |
| 59 |
>> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, |
| 60 |
>> CAMELLIA128, CAMELLIA192, CAMELLIA256 |
| 61 |
>> Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 |
| 62 |
>> Compression: Uncompressed, ZIP, ZLIB, BZIP2 |
| 63 |
>> $ |
| 64 |
>> |
| 65 |
>> It could be something else, or your Gnupg installation is somehow |
| 66 |
>> broken... |
| 67 |
> |
| 68 |
> I took the entire .gnupg from the same machine I exported the key from |
| 69 |
> and copied it over to this machine. Now I can at least sign messages but |
| 70 |
> encryption/decryption still fails with the same error. |
| 71 |
|
| 72 |
And that could mean that it's been broken for a while because I rarely |
| 73 |
use this key for encrypting/decrypting. I use it for signing and |
| 74 |
verifying signatures mostly. Just before I deleted the old keyring I was |
| 75 |
getting an error when signing a commit. So perhaps the problem existed |
| 76 |
before the update and just surfaced when I deleted the old keyring. |
| 77 |
|
| 78 |
|
| 79 |
-- |
| 80 |
|
| 81 |
Fernando Rodriguez |
Archives