Re: GnuPG 2.1.3 Fails to Compile OS X

[Werner Koch]

On Sun, 12 Apr 2015 00:29, dominyktil...@gmail.com said:

> =
> t-stringhelp.c:488:3: error: function definition is not allowed here
>   {
>   ^

Oh sorry, I didn't spotted the use of a nested function here.
Fix pushed and attsched.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>From 454f60399c7318fffd3de2afadd58c7a490178bd Mon Sep 17 00:00:00 2001
From: Werner Koch 
Date: Mon, 13 Apr 2015 09:57:33 +0200
Subject: [PATCH] common: Do without nested fucntions to support non-gcc.

* common/t-stringhelp.c (test_strsplit): Remove nested function.

Signed-off-by: Werner Koch 
---
 common/t-stringhelp.c | 106 +-
 1 file changed, 54 insertions(+), 52 deletions(-)

diff --git a/common/t-stringhelp.c b/common/t-stringhelp.c
index f5b6cd9..9d1d20c 100644
--- a/common/t-stringhelp.c
+++ b/common/t-stringhelp.c
@@ -482,58 +482,60 @@ test_make_absfilename_try (void)
 static void
 test_strsplit (void)
 {
-  int test_count = 0;
-  void test (const char *s, char delim, char replacement,
-	 const char *fields_expected[])
-  {
-char *s2;
-int field_count;
-char **fields;
-int field_count_expected;
-int i;
-
-/* Count the fields.  */
-for (field_count_expected = 0;
-	 fields_expected[field_count_expected];
-	 field_count_expected ++)
-  ;
-
-test_count ++;
-
-/* We need to copy s since strsplit modifies it in place.  */
-s2 = xstrdup (s);
-fields = strsplit (s2, delim, replacement, &field_count);
-
-if (field_count != field_count_expected)
-  fail (test_count * 1000);
-
-for (i = 0; i < field_count_expected; i ++)
-  if (strcmp (fields_expected[i], fields[i]) != 0)
-	{
-	  printf ("For field %d, expected '%s', but got '%s'\n",
-		  i, fields_expected[i], fields[i]);
-	  fail (test_count * 1000 + i + 1);
-	}
-
-xfree (s2);
-  }
-
-  {
-const char *expected_result[] =
-  { "a", "bc", "cde", "fghi", "jklmn", "", "foo", "", NULL };
-test ("a:bc:cde:fghi:jklmn::foo:", ':', '\0', expected_result);
-  }
-
-  {
-const char *expected_result[] =
-  { "!a!bc!!def!", "a!bc!!def!", "bc!!def!", "!def!", "def!", "", NULL };
-test (",a,bc,,def,", ',', '!', expected_result);
-  }
-
-  {
-const char *expected_result[] = { "", NULL };
-test ("", ':', ',', expected_result);
-  }
+  struct {
+const char *s;
+char delim;
+char replacement;
+const char *fields_expected[10];
+  } tv[] = {
+{
+  "a:bc:cde:fghi:jklmn::foo:", ':', '\0',
+  { "a", "bc", "cde", "fghi", "jklmn", "", "foo", "", NULL }
+},
+{
+  ",a,bc,,def,", ',', '!',
+  { "!a!bc!!def!", "a!bc!!def!", "bc!!def!", "!def!", "def!", "", NULL }
+},
+{
+  "", ':', ',',
+  { "", NULL }
+}
+  };
+
+  int tidx;
+
+  for (tidx = 0; tidx < DIM(tv); tidx++)
+{
+  char *s2;
+  int field_count;
+  char **fields;
+  int field_count_expected;
+  int i;
+
+  /* Count the fields.  */
+  for (field_count_expected = 0;
+   tv[tidx].fields_expected[field_count_expected];
+   field_count_expected ++)
+;
+
+  /* We need to copy s since strsplit modifies it in place.  */
+  s2 = xstrdup (tv[tidx].s);
+  fields = strsplit (s2, tv[tidx].delim, tv[tidx].replacement,
+ &field_count);
+
+  if (field_count != field_count_expected)
+fail (tidx * 1000);
+
+  for (i = 0; i < field_count_expected; i ++)
+if (strcmp (tv[tidx].fields_expected[i], fields[i]) != 0)
+  {
+printf ("For field %d, expected '%s', but got '%s'\n",
+i, tv[tidx].fields_expected[i], fields[i]);
+fail (tidx * 1000 + i + 1);
+  }
+
+  xfree (s2);
+}
 }
 
 int
-- 
2.1.4

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG 2.1.3 Fails to Compile OS X

[Dominyk Tiller]

Hi Ethan,

Thanks for the quick replies today, appreciate those.

You're correct on GNU's GCC, in that it compiles successfully. It looks
like I labelled one of my Clang compiles "GCC_Comp1.txt" last night
accidentally and looked for the error rather than double checking the
compiler to make sure I'd actually labelled the output correctly. Lesson
learned there.

The Clang error on all three platforms examined, 10.8, 10.9 & 10.10
remains true. I double checked that just to make sure I wasn't being an
idiot there as well.

Thanks for the offer of the signed, pre-build tarball. That was kind of
you. Sadly in this case it wouldn't have helped because I'm trying to
update our Homebrew/Versions GnuPG21 package. I'm still using the 2.0.x
branch personally, for now.

Is the Clang error something GnuPG can fix in the coming versions or are
we going to be waiting on Apple to fix the underlying LLVM issue?

Apologies for my mess up on the GCC failure, and Thanks for the help.
Appreciated!

Dom

Sent from OS X. If you wish to communicate more securely my PGP Public
Key is 0x872524db9d74326c.

On 12/04/2015 23:00, Ethan Sherriff wrote:
> Sorry didn't see what you said about the error occuring with GNU GCC,
> what version are you using? On OS X Yosemite 10.10.3 (Latest Public Beta
> 14D131, XCode 6.3 6D570), with GNU GCC 4.9.2 installed from source,
> gnupg-2.1.3 builds fine.
> 
> From: Dominyk Tiller 
> Sent: ‎12/‎04/‎2015 21:01
> To: gnupg-users@gnupg.org 
> Subject: GnuPG 2.1.3 Fails to Compile OS X
> 
> Hey Werner,
> 
> Thanks for the new release!
> 
> I'm having some issues making it compile on OS X, right across
> 10.8-10.10.3. Tried both Apple's Clang and GNU's GCC so I'm presuming
> the error isn't compiler-specific.
> 
> It's throwing slightly different errors on OS X 10.8 than it is on 10.9
> and 10.10. The 10.8 error is:
> 
> =
> t-stringhelp.c:488:3: error: function definition is not allowed here
>   {
>   ^
> t-stringhelp.c:536:4: error: expected ';' at end of declaration
>   }
>^
>;
> 2 errors generated.
> make[3]: *** [t-stringhelp.o] Error 1
> =
> 
> 
> 
> And the 10.9 - 10.10.3 error is just:
> 
> =
> t-stringhelp.c:488:3: error: function definition is not allowed here
>   {
>   ^
> 1 error generated.
> make[3]: *** [t-stringhelp.o] Error 1
> =
> 
> Have attached various compile logs.
> 
> Cheers,
> 
> Dom
> 
> -- 
> Sent from OS X. If you wish to communicate more securely my PGP Public
> Key is 0x872524db9d74326c.



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Blind signatures for simple election

[Peter Lebbing]

On 08/04/15 20:57, Jan Svensson wrote:
> What do you think about me trying to use Libgcrypt instead?

Personally, if I was actually going to use the program, I wouldn't write
it myself. I'd only write it myself if it was purely for the learning
experience.

I'd look for an existing project that makes me feel confident about it.
I'd want the code to have been looked at by as many cryptographers as
possible.

But it depends on your threat model. It could be enough to merely
obscure the data, not protect it against a determined attacker with
knowledge of cracking crypto.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unusable secret key (adduid)

[Werner Koch]

On Sat, 11 Apr 2015 23:01, ivansun...@gmail.com said:
> Hello!
>
> I'm using OpenPGP card to store my secret keys on it. Now I'm adding a
> new UID to my key by running gpg2 --edit-key. What I've got is this

You need to insert your card to create a new UID.

> gpg: secret key parts are not available
> gpg: signing failed: Unusable secret key
>
> How to solve this?

Insert the card.   Check out that the card works by running 

  gpg --card-status



Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Windows installer for 2.1.3 (was: GnuPG 2.1.3 released)

[Werner Koch]

Hi,

I just uploaded an _experimental_ Windows installer with GnuPG 2.1.3:

 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.exe  (2539k)
 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.exe.sig

The exe has a SHA-1 checksum of

d5630904b3d68eddc2730a00bfc67d52658cbe7e  gnupg-w32-2.1.3_20150413.exe

I did only some quick tests and some basic stuff worked for me.

WARNING: This is a command line only version which does not even provide
a Pinentry.  Thus it is pretty useless unless you have installed your
own Pinentry.  A libgpgme is however included so that it can be used for
development.

A Pinentry is not provided so to avoid dependency problems with the Gtk+
or Qt+ libraries.  It would have been possible to include a simple
Windows pinentry and thus avoid dependencies on external libraries but
the one we have is too horrible for actual use.  A statically linked
version of a Pinentry is also too large.


Salam-Shalom,

   Werner


p.s.

The installer has been build using this complete source tarball:

 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.tar.xz  (9013k)
 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.tar.xz.sig

and the command 

  make -f ./build-aux/speedo.mk this-w32-installer

You need a complete and working mingw tool chain to do this.  You may
also prefer not to use the above source tarball but build it directly in
the same way I generated the source tarball, namely using

  make -f ./build-aux/speedo.mk w32-installer
  make -f ./build-aux/speedo.mk w32-source

which downloads all required packages, verifies their checksums, builds
the installer, and finally a complete source tarball.

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpnoi1CEe6xw.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unusable secret key (adduid)

[Ivan Markin]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 04/13/2015 07:37 PM, Werner Koch wrote:> On Sat, 11 Apr 2015 23:01,
ivansun...@gmail.com said:
>> Hello!
>> 
>> I'm using OpenPGP card to store my secret keys on it. Now I'm
>> adding a new UID to my key by running gpg2 --edit-key. What I've
>> got is this
> 
> You need to insert your card to create a new UID.
> 
>> gpg: secret key parts are not available gpg: signing failed:
>> Unusable secret key
>> 
>> How to solve this?
> 
> Insert the card.   Check out that the card works by running
> 
> gpg --card-status
> 

Thank you for the reply, Werner.
Yes, card works perfectly. I've tried gpg2 --card-status. Nothing.
It forced me to find my backup key and add a UID with it (works as it
should).
As you may notice, GPG tells that "Secret key is available." because
my card is present.

Thanks,
Ivan
> 
> 
> Shalom-Salam,
> 
> Werner
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCAAGBQJVLBebAAoJEAkv0TW1VhaDmu4IAIPxbvyL/q1HSEnp3YgF4xEk
aAqeC5/wQO+pS51vNSJiXHWD+Cu4B5SA8g4MmGvs9uIRPdPAGG5xpSEpcJF82qmg
mKYM5EFGZGWX/UUaGSOYt+WA/ghYw0LSSUO+gjPLJLXSkZmH1m7bBjjIyfE19TiC
4bK0Dg6VoGov2RiYoFdV3jjbKXn/osLmYZV4hZP40p+LT1EDhnXHETzMWVAKGIYY
KX1dpfrR26TAxAaMHvtJohn3BC1sUNtm/p2DqFeWOEaagltxAhbibS8WEfFHvwI4
PfgLPW76QZ/v36TeclhDyYvfCAhqkvAPpmTj7or4lpM9DCwg4vS2olA8L/s9kCM=
=lhgm
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

can not decrypt file suddenly

[jason zhang]

Any clue? Where should I start to investigate?

I checked another encrypted file. I cloud not decrypt it, either.
But I can encrypt /decrypt new file successfully.

I remembered my laptop was shut down abruptly due to out of power while I
edit the file in email. Could this cause the problem?

Thanks



On Sun, Apr 12, 2015 at 7:31 PM, jason zhang 
wrote:

> I have a encrypted file in Fedora 15 system.
> I have decrypted the file repeatedly many times for two years.
>
> Today, I could not decrypt it suddenly.
> Here is what a decrypt session looks like
> --
> /usr/local/bin/gpg j.gpg
> gpg: CAST5 encrypted data
> gpg: encrypted with 1 passphrase
> gpg: decryption failed: bad key
> --
>
> I reboot my machine several times. I updated gpg from 1.4.12 to 1.4.19.
> But I still cann't decrypt my file.
>
> Help is really appreciated.
> This is an important file. That is why I encrypt it.
>
>
> Thanks
>
> --
> -jiesheng
>
>


-- 
-jiesheng
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Windows installer for 2.1.3 (was: GnuPG 2.1.3 released)

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Monday 13 April 2015 at 7:12:52 PM, in
, Werner Koch wrote:



> A Pinentry is not provided so to avoid dependency
> problems with the Gtk+ or Qt+ libraries.  It would have
> been possible to include a simple Windows pinentry and
> thus avoid dependencies on external libraries but the
> one we have is too horrible for actual use.  A
> statically linked version of a Pinentry is also too
> large.

I copied pinentry.exe from my existing GnuPG 2.1 install and it works,
at least to sign/encrypt/decrypt/verify a file and an email.

- --
Best regards

MFPA  

Editing is a rewording activity
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJVLERPXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwxWkH/1ouNy6GADAGWmVjLUY4lobP
umK1R4cn0YWjEl876jnTTLLl/sbIA2Fqe9Yrhrq56+8nUqSIcvqCfkSoe5PfAVkz
k1DCadRBJOPsP/zLnWdtk6h//Zp+4GwjQ7KR7jNvvd3PNKFlqABRhv6IvLx73c/j
s1+9773Xf4b1/Uy0B/bR44UFxklr0k+O09tzt7D7DxSv+bSlTkaK38VPdqnFsHud
Xo2sbD570KCvveHzgN+xFNAtUMX+/ZpRoqeXzMNMBKIGgEMevH5RIZ+ceUSl6ID2
CFQtjPl4woE8tEo7IAzjgeqvS1XitnVjO3zYUWM/AgjIk+xX8Nng0qTLOCP4qnKI
vgQBFgoAZgUCVSxEXV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45PmZAQCBt0hySZGBpZDZh8nzmhiLVG8e
bI9uRv+mJJpVkg+0CgEAmaTOcjMFzK6jMRYLovMuf+c2MJB10/wm6O6/N9vvZwY=
=I0JY
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unusable secret key (adduid)

[NIIBE Yutaka]

On 04/14/2015 04:23 AM, Ivan Markin wrote:
> On 04/13/2015 07:37 PM, Werner Koch wrote:> On Sat, 11 Apr 2015 23:01,
> ivansun...@gmail.com said:
>>> Hello!
>>>
>>> I'm using OpenPGP card to store my secret keys on it. Now I'm
>>> adding a new UID to my key by running gpg2 --edit-key. What I've
>>> got is this
> 
>> You need to insert your card to create a new UID.
> 
>>> gpg: secret key parts are not available gpg: signing failed:
>>> Unusable secret key
>>>
>>> How to solve this?
> 
>> Insert the card.   Check out that the card works by running
> 
>> gpg --card-status
> 
> 
> Thank you for the reply, Werner.
> Yes, card works perfectly. I've tried gpg2 --card-status. Nothing.

I don't understand the reason why you could say "card works perfectly"
here.

Please give us the output of 'gpg2 --card-status'.  If it is nothing,
it means that your card **doesn't** work well for GnuPG.

Please check your gpg-agent works well not interfered by
gnome-keyring.  If it's real gpg-agent, you can get the output like:

  $ gpg-connect-agent "help SCD" /bye
  # SCD 
  #
  # This is a general quote command to redirect everything to the
  # SCdaemon.
  OK

> It forced me to find my backup key and add a UID with it (works as it
> should).

Sorry, I don't understand this sentence.  What's "it"?  Could you
please elaborate if this matters for your bug report?  I think that it
would be better to show us bigger picture to share your situation.

> As you may notice, GPG tells that "Secret key is available." because
> my card is present.

Sorry, no, it means that OpenPGP secret block of your private key is
available on your host PC.  It doesn't mean card is present or secret
key is on your smartcard.

If possible, please give us complete session log of yours, not
removing information by your interpretations (or hope).
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[NIIBE Yutaka]

On 04/14/2015 07:27 AM, jason zhang wrote:
> Any clue? Where should I start to investigate?
> 
> I checked another encrypted file. I cloud not decrypt it, either.
> But I can encrypt /decrypt new file successfully.

Please let us know your configuration.  I think that it's
~/.gnupg/gpg.conf on Fedora.

> Today, I could not decrypt it suddenly.
> Here is what a decrypt session looks like
> --
> /usr/local/bin/gpg j.gpg
> gpg: CAST5 encrypted data
> gpg: encrypted with 1 passphrase
> gpg: decryption failed: bad key
> --

Please include the version output of gpg --version in your report.

Is it complete session log of yours?  I mean, GnuPG should ask you
passphrase here.

Possible case: If you enable gpg-agent by the configuration of
use-agent, passphrase handling (and others) is done by gpg-agent.  And
when your gpg-agent doesn't work and returns "", and it is failed and
caused "bad key" error.  If so, please try with --no-use-agent.  To
investigate what's going on with gpg-agent, please also let us know
the output of:

$ echo $GPG_AGENT_INFO

Thanks,
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[jason zhang]

Hi NIIBE

Thank you very much for the help.

Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data"
line, and I gave the passphrase. The passphrase is definitely right since I
used it very 2 or 3 days.


Here is a whole debug session:

gpg  -v --debug-all --no-use-agent j.gpg
gpg: NOTE: no default option file `/home/jason/.gnupg/gpg.conf'
gpg: DBG: fd_cache_open (j.gpg) not cached
gpg: DBG: iobuf-1.0: open `j.gpg' fd=3
gpg: DBG: iobuf-1.0: underflow: req=8192
gpg: DBG: iobuf-1.0: underflow: got=6705 rc=0
gpg: DBG: parse_packet(iob=1): type=3 length=13 (parse.mainproc.c.1261)
gpg: CAST5 encrypted data :==ASK passphrase here
gpg: DBG: free_packet() type=3
gpg: DBG: iobuf-1.1: push `block_filter'
gpg: DBG: iobuf chain: 1.1 `block_filter' filter_eof=0 start=0 len=0
gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=17 len=6705
gpg: DBG: init block_filter 0x8a398d0
gpg: DBG: parse_packet(iob=1): type=9 length=0 (new_ctb)
(parse.mainproc.c.1261)
gpg: encrypted with 1 passphrase
gpg: DBG: iobuf-1.1: underflow: req=8192
gpg: DBG: iobuf-1.1: underflow: got=6685 rc=0
gpg: decryption failed: bad key
gpg: DBG: free_packet() type=9
gpg: DBG: iobuf-1.1: underflow: req=8192
gpg: DBG: iobuf-1.1: underflow: got=0 rc=-1
gpg: DBG: free block_filter 0x8a398d0
gpg: DBG: iobuf-1.1: pop in underflow (!len)
gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=6705
len=6705
gpg: DBG: iobuf-1.0: underflow: eof
gpg: DBG: iobuf-1.0: underflow: req=8192
gpg: DBG: iobuf-1.0: underflow: got=0 rc=-1
gpg: DBG: j.gpg: close fd 3
gpg: DBG: fd_cache_close (j.gpg) new slot created
gpg: DBG: iobuf-1.0: underflow: eof
gpg: DBG: iobuf-1.0: underflow: eof (due to filter eof)
gpg: DBG: iobuf-1.0: close `?'
random usage: poolsize=600 mixed=0 polls=0/2 added=10/176
  outmix=0 getlvl1=0/0 getlvl2=0/0
secmem usage: 1472/2240 bytes in 3/6 blocks of pool 2240/32768
[jason@f15 ~]$ echo $GPG_AGENT_INFO

EMPTY GPG_AGENT_INFO. To avoid possible issue from genome,
I login in as ssh.

my gpg version is 1.4.19


Can I move the encrypted file to another machine? Since I use symmetric
encryption, it should not depend on the machine it is on. Right?

thanks



On Mon, Apr 13, 2015 at 6:06 PM, NIIBE Yutaka  wrote:

> On 04/14/2015 07:27 AM, jason zhang wrote:
> > Any clue? Where should I start to investigate?
> >
> > I checked another encrypted file. I cloud not decrypt it, either.
> > But I can encrypt /decrypt new file successfully.
>
> Please let us know your configuration.  I think that it's
> ~/.gnupg/gpg.conf on Fedora.
>
> > Today, I could not decrypt it suddenly.
> > Here is what a decrypt session looks like
> > --
> > /usr/local/bin/gpg j.gpg
> > gpg: CAST5 encrypted data
> > gpg: encrypted with 1 passphrase
> > gpg: decryption failed: bad key
> > --
>
> Please include the version output of gpg --version in your report.
>
> Is it complete session log of yours?  I mean, GnuPG should ask you
> passphrase here.
>
> Possible case: If you enable gpg-agent by the configuration of
> use-agent, passphrase handling (and others) is done by gpg-agent.  And
> when your gpg-agent doesn't work and returns "", and it is failed and
> caused "bad key" error.  If so, please try with --no-use-agent.  To
> investigate what's going on with gpg-agent, please also let us know
> the output of:
>
> $ echo $GPG_AGENT_INFO
>
> Thanks,
> --
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>



-- 
-jiesheng
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[Doug Barton]

On 4/13/15 8:07 PM, jason zhang wrote:

Hi NIIBE

Thank you very much for the help.

Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data"
line, and I gave the passphrase. The passphrase is definitely right
since I used it very 2 or 3 days.


You mentioned that you had an unscheduled shutdown recently. Did the 
problem start shortly thereafter? Do you have an archived version of the 
file that you can compare this one too? It's not impossible that the 
encrypted file was corrupted.


Doug

--
I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[jason zhang]

Hi Doug
Yes, the problem started after the unscheduled shutdown. Unfortunately, I
don't have an archived version. The problem is that another encrypted,
which I have not touched for sometime, cann't be opened either.



On Mon, Apr 13, 2015 at 8:46 PM, Doug Barton  wrote:

> On 4/13/15 8:07 PM, jason zhang wrote:
>
>> Hi NIIBE
>>
>> Thank you very much for the help.
>>
>> Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data"
>> line, and I gave the passphrase. The passphrase is definitely right
>> since I used it very 2 or 3 days.
>>
>
> You mentioned that you had an unscheduled shutdown recently. Did the
> problem start shortly thereafter? Do you have an archived version of the
> file that you can compare this one too? It's not impossible that the
> encrypted file was corrupted.
>
> Doug
>
> --
> I am conducting an experiment in the efficacy of PGP/MIME signatures. This
> message should be signed. If it is not, or the signature does not validate,
> please let me know how you received this message (direct, or to a list) and
> the mail software you use. Thanks!
>
>


-- 
-jiesheng
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[Doug Barton]

On 4/13/15 8:56 PM, jason zhang wrote:

Hi Doug
Yes, the problem started after the unscheduled shutdown. Unfortunately,
I don't have an archived version. The problem is that another
encrypted,  which I have not touched for sometime, cann't be opened either.


Well I'm sorry to say, that sounds like the files are corrupted. Run the 
following commands on both files (substitute  for the actual file 
names), and report the results:


file 
gpg --list-packets 

(Yes, the first command above is literally the word "file")

Doug

--
I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[jason zhang]

Here are the output from "file" and "gpg --list-packets"

[jason@f15 ~]$ file .jsbk.gpg
.jsbk.gpg: DOS executable (COM)
[jason@f15 ~]$ gpg --list-packets .jsbk.gpg
:symkey enc packet: version 4, cipher 3, s2k 3, hash 2
salt 51c310499a629643, count 65536 (96)
gpg: CAST5 encrypted data
:encrypted data packet:
length: unknown
gpg: encrypted with 1 passphrase
gpg: decryption failed: bad key
[jason@f15 ~]$ file .pingpin.gpg
.pingpin.gpg: DOS executable (COM)
[jason@f15 ~]$ gpg --list-packets .pingpin.gpg
:symkey enc packet: version 4, cipher 3, s2k 3, hash 2
salt a31c35cff9314421, count 65536 (96)
gpg: CAST5 encrypted data
:encrypted data packet:
length: unknown
gpg: encrypted with 1 passphrase
gpg: decryption failed: bad key

Thanks

On Mon, Apr 13, 2015 at 9:02 PM, Doug Barton  wrote:

> On 4/13/15 8:56 PM, jason zhang wrote:
>
>> Hi Doug
>> Yes, the problem started after the unscheduled shutdown. Unfortunately,
>> I don't have an archived version. The problem is that another
>> encrypted,  which I have not touched for sometime, cann't be opened
>> either.
>>
>
> Well I'm sorry to say, that sounds like the files are corrupted. Run the
> following commands on both files (substitute  for the actual file
> names), and report the results:
>
> file 
> gpg --list-packets 
>
> (Yes, the first command above is literally the word "file")
>
>
> Doug
>
> --
> I am conducting an experiment in the efficacy of PGP/MIME signatures. This
> message should be signed. If it is not, or the signature does not validate,
> please let me know how you received this message (direct, or to a list) and
> the mail software you use. Thanks!
>
>


-- 
-jiesheng
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: can not decrypt file suddenly

[NIIBE Yutaka]

On 04/14/2015 12:07 PM, jason zhang wrote:
> Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data"
> line, and I gave the passphrase. The passphrase is definitely right since I
> used it very 2 or 3 days.

I see.

> Here is a whole debug session:

Thank you for the log.

> gpg: DBG: parse_packet(iob=1): type=9 length=0 (new_ctb)

Here, it seems for me that your file (j.pgp) is malformed.
Type=9 is the encrypted data packet, but its length is 0.

Since OpenPGP format for the encrypted data packet begins with a
block-size of random bytes.  So, length 0 should not be happened.

I think that this is the cause of your trouble.

Note that the length of the encrypted data packet is data before
decryption, passphrase doesn't matter here.

> Can I move the encrypted file to another machine? Since I use symmetric
> encryption, it should not depend on the machine it is on. Right?

Yes.
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users