2.1.10 with libgcrypt 1.7.0-beta300
NIIBE Yutaka
gniibe at fsij.org
Mon Jan 25 02:33:40 CET 2016
On 01/23/2016 10:11 PM, Fulano Diego Perez wrote:
> NIIBE Yutaka:
>> Please note that you need to invoke gpg-agent with LD_LIBRARY_PATH, too.
>
> can explain how you mean to invoke ?
Well, it seems terminology issue. I mean, to start, to kick the service,
and to run the service.
In general, there are multiple ways. In my case on Debian, I have a
startup script, /etc/X11/Xsession.d/90gpg-agent, which invokes
gpg-agent.
> i export library path for gpg2 and shows expected libgcrypt version
Exporting library path is also needed for gpg-agent.
> i can clearsign with ed25519 EDDSA subkey
This can be done with libgcrypt 1.6.4.
> i have problem testing encryption with cv25519 subkey
>
>
> tried to test with $ fortune | gpg2 --sign --encrypt -u abc --recipient
> 123 --recipient 456 | gpg2 --decrypt
>
> gpg: ecdh failed in gcry_cipher_decrypt: Checksum error
> gpg: ecdh failed in gcry_cipher_decrypt: Checksum error
> gpg: encrypted with 256-bit ECDH key, ID test, created 2016
> "test"
> gpg: public key decryption failed: Checksum error
> gpg: encrypted with 256-bit ECDH key, ID test, created 2016
> test2
> gpg: public key decryption failed: Checksum error
> gpg: decryption failed: No secret key
>
> i have secret key
I know. The problem is the version of libgcrypt of gpg-agent.
Public key handling is the role of gpg frontend, while secret key
handling is done by gpg-agent. With no newer libgcrypt, gpg-agent
can't handle CV25519 keys.
> tried list-packets & -vvv - nothing more on errors
Yes.
> maybe this is conflict with persistent gpg-agent and ssh-agent
> they are listed in htop with PID but no RAM use
>
> how can to figure this out ?
If you can check the process's memory maps of gpg-agent, you can see
the maps to libgcrypt. In my case, I can see the entries in
/proc/<PID-OF-GPG-AGENT>/maps like:
b7617000-b76d5000 r-xp 00000000 08:01 35743 /usr/local/lib/libgcrypt.so.20.1.0
b76d5000-b76d9000 rw-p 000bd000 08:01 35743 /usr/local/lib/libgcrypt.so.20.1.0
b76e7000-b76ef000 rw-p 00000000 00:00 0
--
More information about the Gnupg-users
mailing list