Page MenuHome GnuPG
Create Task
Maniphest T5504

git commit signing fails due to git's included gpg version.
Closed, ResolvedPublic
Actions

Description

When attempting to sign a commit, the following error occurs (keys held on a USB stick and changed with GNUPGHOME environment variable):

C:\Users\[username]\StorySite\app>gpg-agent
gpg-agent[11216]: gpg-agent running and available

C:\Users\[username]\StorySite\app>git commit -m "feat: Add partially complete author dashboard"
gpg: invalid size of lockfile 'D:\gnupg/pubring.kbx.lock'
gpg: cannot read lockfile
gpg: can't lock 'D:\gnupg/pubring.kbx'
gpg: invalid size of lockfile 'D:\gnupg/gnupg_spawn_agent_sentinel.lock'
gpg: cannot read lockfile
gpg: can't connect to the agent: Invalid argument
gpg: keydb_search failed: No agent running
gpg: skipped "[fingerprint]": No agent running
gpg: signing failed: No agent running
error: gpg failed to sign the data
fatal: failed to write commit object

Details

Version
gpg4win 3.1.16 | GnuPG 2.2.28

Event Timeline

redstonedesigner created this task.Jun 22 2021, 10:52 AM
werner added a subscriber: werner.Jun 22 2021, 11:37 AM

You are not using gpg4win with its included GnuPG 2.2 but some broken gpg version. The error message
"invalid size of lockfile" can only be emitted by the Unix version of GnuPG. Check for other installed gpg versions - there are sites which allows the download of for example a Cygwin version - these version can't work properly on Windows.

werner added a comment.Jun 22 2021, 11:38 AM
gpgconf --show-versions

may give you some clues.

redstonedesigner added a comment.Jun 22 2021, 11:50 AM

The only download I have executed with regard to gpg4win is from the gpg4win website. You can see the output of the command you specified below.

C:\Users\[username]>gpgconf --show-versions
* GnuPG 2.2.28 (9f6076868)
MingW32
Windows 10.0 build 19042

* Libgcrypt 1.8.8 (d3d4803c)
version:1.8.8:10808:1.42:12a00:
cc:80300:gcc:8.3-win32 20190406:
ciphers:arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:
pubkeys:dsa:elgamal:rsa:ecc:
digests:crc:gostr3411-94::md4:md5:rmd160:sha1:sha256:sha512:sha3:tiger:whirlpool:stribog:blake2:
rnd-mod:w32:
cpu-arch:x86:
mpi-asm:i386/mpih-add1.S:i386/mpih-sub1.S:i386/mpih-mul1.S:i386/mpih-mul2.S:i386/mpih-mul3.S:i386/mpih-lshift.S:i386/mpih-rshift.S:
hwflist:intel-cpu:intel-bmi2:intel-ssse3:intel-sse4.1:intel-pclmul:intel-aesni:intel-rdrand:intel-avx:intel-avx2:intel-fast-vpgather:intel-rdtsc:
fips-mode:n:n:
rng-type:standard:1:2010000:1:

* GpgRT 1.42 (303062b)

* Libassuan 2.5.5 (f8cfb56)

* KSBA 1.6.0 (6b3573a)

* NTBTLS 0.2.0 (6a4ffcc)
redstonedesigner changed Version from 3.1.16 to gpg4win 3.1.16 | GnuPG 2.2.28.Jun 22 2021, 12:57 PM
werner added a comment.Jun 22 2021, 1:13 PM

That looks all fine.

There is definitely another gpg version installed somewhere which is used by git. I have never used git under Windows so I can't tell you where to look. Git uses the config item gpg.program to allow specification of a non-PATH found gpg. Maybe you also want to search for gpg.exe or gpg2.exe on your disk

redstonedesigner added a comment.Jun 22 2021, 1:18 PM

It appears that Git ships with its own GnuPG program set, as can be seen in the attached image. I'll attempt to set the gpg.program setting in Git and see if that helps.

redstonedesigner added a comment.Jun 22 2021, 1:23 PM

Setting the gpg.program configuration value to "C:\\Program Files (x86)\\GnuPG\\bin\\gpg.exe" appears to resolve the issue.

werner edited projects, added FAQ; removed Bug Report.Jun 22 2021, 5:32 PM

So let's close this task.

werner renamed this task from Commit signing fails to git commit signing fails due to git's included gpg version..Jun 22 2021, 5:33 PM
werner closed this task as Resolved.