On 04/05/2017 10:22 PM, Miroslav Rovis wrote:
On 170405-18:01-0400, Fernando Rodriguez wrote:
Hello,
After a recent update I'm getting this error whenever I try to encrypt
or decrypt using gnupg. Here's error:
gpg: selftest for CTR failed - see syslog for details
gpg: Ohhhh jeeee: ... this is a bug (seskey.c:61:make_session_key)
Aborted
And the syslog:
gpg[8945]: Libgcrypt warning: AES-CTR-128 test failed (plaintext mismatch)
It started after a recent update that included gnupg and libgcrypt. The
versions before the update where libgcrypt-1.7.3 and gnupg-2.1.15. After
the update 1.7.6 and 2.1.18 respectively. I tried downgrading both
packages but it didn't help.
I tried to delete the whole ~/.gnupg directory and re-import the keys
but it fails with the same error.
I have another keyring on the same machine that I use with the --homedir
option and I have not problems with it.
When I try to generate a new key I get the following error:
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: agent_genkey failed: Missing key
Key generation failed: Missing key
Any ideas?
I tried some decryption. No issues here:
$ gpg --version
gpg (GnuPG) 2.1.20
libgcrypt 1.7.6
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/miro/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$
It could be something else, or your Gnupg installation is somehow
broken...
Thanks. Here's the output of gpg --gen-key --debug-all in case anyone
else can help.
$ gpg --gen-key --debug-all
gpg: Note: no default option file '/home/fernan/.gnupg/gpg.conf'
gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat
trust hashing cardio ipc clock lookup extprog
gpg: DBG: [not enabled in the source] start
gpg: directory '/home/fernan/.gnupg' created
gpg: new configuration file '/home/fernan/.gnupg/dirmngr.conf' created
gpg: new configuration file '/home/fernan/.gnupg/gpg.conf' created
gpg: DBG: fd_cache_invalidate (/home/fernan/.gnupg/pubring.kbx)
gpg: DBG: iobuf-1.0: open '/home/fernan/.gnupg/pubring.kbx'
desc=file_filter(fd) fd=3
gpg: DBG: iobuf-1.0: close 'file_filter(fd)'
gpg: DBG: /home/fernan/.gnupg/pubring.kbx: close fd/handle 3
gpg: DBG: fd_cache_close (/home/fernan/.gnupg/pubring.kbx) new slot created
gpg: DBG: iobuf-*.*: ioctl '/home/fernan/.gnupg/pubring.kbx' invalidate
gpg: DBG: fd_cache_invalidate (/home/fernan/.gnupg/pubring.kbx)
gpg: DBG: did (/home/fernan/.gnupg/pubring.kbx)
gpg: keybox '/home/fernan/.gnupg/pubring.kbx' created
Note: Use "gpg2 --full-gen-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: fsadfas
Email address: f...@fdsa.com
You selected this USER-ID:
"fsadfas <f...@fdsa.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: DBG: chan_4 <- OK Pleased to meet you, process 18814
gpg: DBG: connection to agent established
gpg: DBG: chan_4 -> RESET
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION ttyname=/dev/pts/2
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION ttytype=xterm
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION display=:0
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION xauthority=/tmp/xauth-1000-_0
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION
putenv=DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-2FF2vYbCnV,guid=883de1ea15755281b1dbb77b58e64397
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION lc-ctype=en_US.utf8
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION lc-messages=en_US.utf8
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> GETINFO version
gpg: DBG: chan_4 <- D 2.1.15
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION allow-pinentry-notify
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> OPTION agent-awareness=2.1.0
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> AGENT_ID
gpg: DBG: chan_4 <- ERR 67109139 Unknown IPC command <GPG Agent>
gpg: DBG: chan_4 -> RESET
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> GENKEY
gpg: DBG: chan_4 <- S INQUIRE_MAXLEN 1024
gpg: DBG: chan_4 <- INQUIRE KEYPARAM
gpg: DBG: chan_4 -> D (genkey(rsa(nbits 4:2048)))
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18816
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18819
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 18823
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 99 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 120 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 126 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 128 128
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen X 100 100
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 79 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 116 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 125 128
gpg: DBG: chan_4 <- S PROGRESS need_entropy X 128 128
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen . 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen + 0 0
gpg: DBG: chan_4 <- S PROGRESS primegen X 100 100
gpg: DBG: chan_4 <- ERR 16777397 Missing key <gcrypt>
gpg: agent_genkey failed: Missing key
Key generation failed: Missing key
gpg: DBG: [not enabled in the source] stop
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: secmem usage: 1344/65536 bytes in 2 blocks
It appears to be related to libgcrypt but I have no clue where to go
from here. I'm using the same versions I was using a few days ago when
it was working. I also downgraded libgpg-error to 1.24, that's the only
libgcrypt dependency that was updated so I'm not sure what else could be
affecting it.
--
Fernando Rodriguez
