Page MenuHome GnuPG

Bug in Kleopatra
Closed, ResolvedPublic

Description

Hi, I found a very serious bug in Keopatra that prevents me from using the program.
1 Create a new copy of keys from the menu File => New key pair,
2 Enter name and email
3 Enter password

  1. At the end of the process the attached error appears. It did not generate any key pairs.

Thank you

Denis

Details

Version
Keopatra v3.2.0

Event Timeline

werner added a subscriber: werner.

Please post the output of "gpgconf -X" and "gpgconf -V".

A common reason for this error is that you run the gpg-agent on a remote machine (e.g. over an ssh connection). There are of course other reasons but you did not gave enough information on your environment and the installed version. A screenshot of the About->Kleopatra dialog might be helpful as well (but please don't use dark mode for screenshots).

  1. I use Windows 10 Pro (19045.3996 22H2).
  2. I don't use gpg-agent on a remote machine (e.g. over an ssh connection) I'm not capable!
  3. I don't understand how to get "gpgconf -X" and "gpgconf -V". Can you explain the procedure better to me?

Thank you

gpgconf -X in cdm.exe

Microsoft Windows [Versione 10.0.19045.3996]
(c) Microsoft Corporation. Tutti i diritti sono riservati.

C:\Users\Utente>gpgconf -X

  1. Dump of all standard config files
  2. GnuPG 2.4.4 (a43271cc0)
  3. MingW32
  4. [VERSION file not found]
  5. Windows 10.0 build 19045
  6. Libgcrypt 1.10.3
  7. GpgRT 1.47
  8. Codepages: 65001 1252 850 ###

sysconfdir:C%3a\ProgramData\GNU\etc\gnupg
bindir:C%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin
libexecdir:C%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin
libdir:C%3a\Program Files (x86)\Gpg4win\..\GnuPG\lib\gnupg
datadir:C%3a\Program Files (x86)\Gpg4win\..\GnuPG\share\gnupg
localedir:C%3a\Program Files (x86)\Gpg4win\..\GnuPG\share\locale
socketdir:C%3a\Users\Utente\AppData\Local\gnupg
dirmngr-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.dirmngr
keyboxd-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.keyboxd
agent-ssh-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.gpg-agent.ssh
agent-extra-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.gpg-agent.extra
agent-browser-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.gpg-agent.browser
agent-socket:C%3a\Users\Utente\AppData\Local\gnupg\S.gpg-agent
homedir:C%3a\Users\Utente\AppData\Roaming\gnupg

PATH=C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Embarcadero\Studio\22.0\bin;C:\Users\Public\Documents\Embarcadero\Studio\22.0\Bpl;C:\Program Files (x86)\Embarcadero\Studio\22.0\bin64;C:\Users\Public\Documents\Embarcadero\Studio\22.0\Bpl\Win64;C:\Program Files (x86)\Embarcadero\Studio\21.0\bin;C:\Users\Public\Documents\Embarcadero\Studio\21.0\Bpl;C:\Program Files (x86)\Embarcadero\Studio\21.0\bin64;C:\Users\Public\Documents\Embarcadero\Studio\21.0\Bpl\Win64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;c:\Program Files\Calibre2\;C:\Program Files\nodejs\;C:\Program Files\PowerShell\7\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Users\Utente\AppData\Local\Programs\Python\Launcher\;C:\Users\Utente\AppData\Local\Microsoft\WindowsApps;C:\Users\Utente\.dotnet\tools;C:\Users\Utente\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\Utente\AppData\Local\Microsoft\WindowsApps;C:\Users\Utente\AppData\Roaming\npm

  1. global config "C:\ProgramData\GNU\etc\gnupg\common.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\common.conf": not installed ###
  1. global config "C:\ProgramData\GNU\etc\gnupg\gpg-agent.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\gpg-agent.conf" ###

--8<---------------cut here---------------start------------->8---

+++--- GPGConf ---+++

default-cache-ttl 900
max-cache-ttl 3600
no-allow-external-cache
no-allow-mark-trusted
enforce-passphrase-constraints
min-passphrase-len 9
min-passphrase-nonalpha 0

+++--- GPGConf ---+++### 08/03/21 21:21:13 ora solare Europa occidentale

  1. GPGConf edited this configuration file.
  2. It will disable options before this marked block, but it will
  3. never change anything below these lines.

--8<---------------cut here---------------end--------------->8---

  1. global config "C:\ProgramData\GNU\etc\gnupg\scdaemon.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\scdaemon.conf" ###

--8<---------------cut here---------------start------------->8---

+++--- GPGConf ---+++

+++--- GPGConf ---+++### 08/03/21 20:34:48 ora solare Europa occidentale

  1. GPGConf edited this configuration file.
  2. It will disable options before this marked block, but it will
  3. never change anything below these lines.

--8<---------------cut here---------------end--------------->8---

  1. global config "C:\ProgramData\GNU\etc\gnupg\dirmngr.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\dirmngr.conf" ###

--8<---------------cut here---------------start------------->8---

+++--- GPGConf ---+++

allow-version-check
allow-ocsp
keyserver https://keys.openpgp.org/

+++--- GPGConf ---+++### 02/10/21 11:47:38 ora legale Europa occidentale

  1. GPGConf edited this configuration file.
  2. It will disable options before this marked block, but it will
  3. never change anything below these lines.

--8<---------------cut here---------------end--------------->8---

  1. global config "C:\ProgramData\GNU\etc\gnupg\gpg.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\gpg.conf" ###

--8<---------------cut here---------------start------------->8---

+++--- GPGConf ---+++

utf8-strings
compliance de-vs

+++--- GPGConf ---+++### 08/03/21 21:21:13 ora solare Europa occidentale

  1. GPGConf edited this configuration file.
  2. It will disable options before this marked block, but it will
  3. never change anything below these lines.

--8<---------------cut here---------------end--------------->8---

  1. global config "C:\ProgramData\GNU\etc\gnupg\gpgsm.conf": not installed # #
  2. local config "C:\Users\Utente\AppData\Roaming\gnupg\gpgsm.conf" ###

--8<---------------cut here---------------start------------->8---

+++--- GPGConf ---+++

compliance de-vs
enable-crl-checks

+++--- GPGConf ---+++### 02/10/21 11:47:42 ora legale Europa occidentale

  1. GPGConf edited this configuration file.
  2. It will disable options before this marked block, but it will
  3. never change anything below these lines.

--8<---------------cut here---------------end--------------->8---

  1. Registry entries: # #
  2. GnuPG Desktop related:
  3. HKLM\Software\Gpg4win:Install Directory
  4. ->C:\Program Files (x86)\Gpg4win<- ###
  5. Outlook related:
  6. \Software\Microsoft\Office\Outlook\Addins\GNU.GpgOL:LoadBehavior
  7. ->3<- [hklm] ###
  8. \Software\GNU\GpgOL related:
  9. enableDebug=0 ###

C:\Users\Utente>

gpgconf -V in cdm.exe

C:\Users\Utente>gpgconf -V

MingW32
Windows 10.0 build 19045

version:1.10.3:10a03:1.47:12f00:
cc:100000:gcc:10-win32 20210110:
ciphers:arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:sm4:
pubkeys:dsa:elgamal:rsa:ecc:
digests:crc:gostr3411-94::md4:md5:rmd160:sha1:sha256:sha512:sha3:tiger:whirlpool:stribog:blake2:sm3:
rnd-mod:w32:
cpu-arch:x86:
mpi-asm:i386/mpih-add1.S:i386/mpih-sub1.S:i386/mpih-mul1.S:i386/mpih-mul2.S:i386/mpih-mul3.S:i386/mpih-lshift.S:i386/mpih-rshift.S:
hwflist:intel-cpu:intel-fast-shld:intel-bmi2:intel-ssse3:intel-sse4.1:intel-pclmul:intel-aesni:intel-rdrand:intel-avx:intel-avx2:intel-rdtsc:
fips-mode:n:::
rng-type:standard:1:3030000:1:
compliance:::

C:\Users\Utente>

aheinecke claimed this task.
aheinecke added a subscriber: aheinecke.

Hi, you have "compliance de-vs" in your %APPDATA%\gnupg\gpg.conf. But have installed Gpg4win. The default key pair algorithm of Gpg4win is not VS-NfD compliant, in fact the whole Gpg4win version was not approved for VS-NfD. So just remove that compliance line from your config and everything should be fine. Otherwise the forbidden indicates that you are trying to generate a non-compliant key with a version configured for compliant operation.