Page MenuHome GnuPG

gpgsm: Signature verificaton fails
Closed, ResolvedPublic


Release: 1.9.18, 1.9.20cvs


x86_64, Linux


With recent versions of gpgsm, I can't verify signatures. The log file says:

gpgsm[30572.0x53e830] DBG: <- VERIFY
2005-12-15 14:32:57 gpgsm[30572] detached signature
gpgsm[30572.0x53e830] DBG: -> S NEWSIG
2005-12-15 14:32:57 gpgsm[30572] DBG: signer 0 - issuer: `1.2.840.113549.1.9.1=#
737570706F7274406361636572742E6F7267,CN=CA Cert Signing Authority,OU=http://www.,O=Root CA'
2005-12-15 14:32:57 gpgsm[30572] DBG: signer 0 - serial: 013E91
2005-12-15 14:32:57 gpgsm[30572] DBG: signer 0 - digest algo: 2
2005-12-15 14:32:57 gpgsm[30572] DBG: signer 0 - content-type attribute: 1.2.840
2005-12-15 14:32:57 gpgsm[30572] no signature value available

Version 1.9.14 works fine, with the same setup. CRL checking and OCSP disabled (can't get dirmngr to read Cacert's CRL or contact via OCSP to it).




Related Objects

Event Timeline

Bernd suggested:

Sourceforge has a compile farm for building and testing software, which
includes two amd64 boxes.

We have seen other build failures on x86_64 which could only be resolved by
disabling optimization. Can you please try this again with the latest GnuPG and
passing --disable-optimization to libksba and gnupg's configure?

werner added a project: Info Needed.

User alonb asked to re-open this because a bug is filed also against gentoo and
that reporter is willing to help. Seems to be a libksba problem.

werner removed projects: Info Needed, gnupg.
werner added a project: libksba.
werner set External Link to

That was just a stupid error, not catched for unknown reasons by gcc. Already
marked as resolved in Gentoo, so we can set it to resolved too. 1.0.3 will be
released RSN.

2008-01-11 Werner Koch <>

  • ber-decoder.c (decoder_next): Initialize NODE.
werner set Version to 1.0.2.