Hello everyone, still trying to debug the interaction between my custom built gpg 2.4 and the tpm I manage to enable the gpg-agent log file and set the debug level to 5 (advanced) according to:
https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html#option-_002d_002dhomedir Actually what I see when I run the `keytotpm` is: ``` 2023-12-10 16:42:44 gpg-agent[357268] DBG: chan_10 <- KEYTOTPM FDEE0860BCFCE24C29738F1ADBF42D4C7D95516B 2023-12-10 16:42:44 gpg-agent[357268] starting a new PIN Entry 2023-12-10 16:42:44 gpg-agent[357268] DBG: connection to PIN entry established 2023-12-10 16:42:44 gpg-agent[357268] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 357865 curses 1.2.1 /dev/pts/3 xterm-256color :0 20620/590201106/5 590201106/590200513 0 2023-12-10 16:42:44 gpg-agent[357268] DBG: chan_10 <- END 2023-12-10 16:42:49 gpg-agent[357268] no running /opt/gpg24/libexec/tpm2daemon daemon - starting it 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 <- OK GNU Privacy Guard's TPM2 server ready 2023-12-10 16:42:49 gpg-agent[357268] first connection to daemon /opt/gpg24/libexec/tpm2daemon established 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> GETINFO socket_name 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 <- ERR 268435731 Unknown IPC command <TPM2d> 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> OPTION event-signal=12 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 <- OK 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> IMPORT 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 <- INQUIRE KEYDATA 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> [ 44 20 28 31 31 3a 70 72 69 76 61 74 65 2d 6b 65 ...(982 byte(s) skipped) ] 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> [ 44 20 c8 dc 76 ef 16 58 03 a0 29 29 29 00 ] 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 -> END 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_11 <- INQUIRE NEEDPIN Please enter the TPM Authorization passphrase for the key. 2023-12-10 16:42:49 gpg-agent[357268] starting a new PIN Entry 2023-12-10 16:42:49 gpg-agent[357268] DBG: connection to PIN entry established 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 357872 curses 1.2.1 /dev/pts/3 xterm-256color :0 20620/590201106/5 590201106/590200513 0 2023-12-10 16:42:49 gpg-agent[357268] DBG: chan_10 <- END 2023-12-10 16:42:51 gpg-agent[357268] starting a new PIN Entry 2023-12-10 16:42:51 gpg-agent[357268] DBG: connection to PIN entry established 2023-12-10 16:42:51 gpg-agent[357268] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 357874 curses 1.2.1 /dev/pts/3 xterm-256color :0 20620/590201106/5 590201106/590200513 0 2023-12-10 16:42:51 gpg-agent[357268] DBG: chan_10 <- END 2023-12-10 16:42:52 gpg-agent[357268] starting a new PIN Entry 2023-12-10 16:42:52 gpg-agent[357268] DBG: connection to PIN entry established 2023-12-10 16:42:52 gpg-agent[357268] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 357876 curses 1.2.1 /dev/pts/3 xterm-256color :0 20620/590201106/5 590201106/590200513 0 2023-12-10 16:42:52 gpg-agent[357268] DBG: chan_10 <- END 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_11 -> D pippero 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_11 -> END 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_11 <- [ 44 20 28 31 30 3a 31 30 37 33 37 34 31 38 32 35 ...(524 byte(s) skipped) ] 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_11 <- OK 2023-12-10 16:42:55 gpg-agent[357268] updating regular key file '/home/netresults.wintranet/borghese/gpg2.tmp/private-keys-v1.d/FDEE0860BCFCE24C29738F1ADBF42D4C7D95516B.key' by a shadow key inhibited 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_10 -> OK 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_10 <- KEYINFO FDEE0860BCFCE24C29738F1ADBF42D4C7D95516B 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_12 -> KEYINFO --list 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_12 <- OK 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_10 -> S KEYINFO FDEE0860BCFCE24C29738F1ADBF42D4C7D95516B D - - - P - - - 2023-12-10 16:42:55 gpg-agent[357268] DBG: chan_10 -> OK ``` What seems interesting to me are the following log entries: ``` 2023-12-10 16:46:24 gpg-agent[358316] DBG: chan_11 <- ERR 268435731 Unknown IPC command <TPM2d> ``` and ``` 2023-12-10 16:46:30 gpg-agent[358316] updating regular key file '/home/netresults.wintranet/borghese/gpg2.tmp/private-keys-v1.d/FDEE0860BCFCE24C29738F1ADBF42D4C7D95516B.key' by a shadow key inhibited ``` Does anyone know what the above error means exactly and how to solve it? Ciao e grazie Sergio On Sun, Dec 10, 2023 at 1:04 AM sergio borghese <sergio.borgh...@gmail.com> wrote: > Hi Stephan, > > You are right actually, but I built gnupg 2.4 from the source code. I'm > using the correct binary and also assured the gpg-agent used is the one > built from version 2.4 > > The strange thing is that I get no error when editing the key and use the > command keytotpm, but the key is not sealed > > Ciao e grazie > Sergio > > > On Sat 9 Dec 2023, 15:16 Stephan Verbücheln via Gnupg-users, < > gnupg-users@gnupg.org> wrote: > >> As far as I am aware, Debian and Ubuntu still have GnuPG 2.2 which does >> not have that feature yet. >> >> Regards >> _______________________________________________ >> Gnupg-users mailing list >> Gnupg-users@gnupg.org >> https://lists.gnupg.org/mailman/listinfo/gnupg-users >> > -- preferisco ammazzare il tempo, preferisco sparare cazzate, preferisco fare esplodere una moda, preferisco morire d'amore. (Caparezza)
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
