Page MenuHome GnuPG
Feed Advanced Search

Mar 25 2016

bernhard added a comment to T2293: gpg-agent + smartcard not asking for PIN with PUTTY.

Thanks for testing 2.1 and for reporting the results.
Good to know that it works now.

Mar 25 2016, 11:36 AM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
bernhard closed T2293: gpg-agent + smartcard not asking for PIN with PUTTY as Resolved.
Mar 25 2016, 11:36 AM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
timtim added a comment to T2293: gpg-agent + smartcard not asking for PIN with PUTTY.

I have good news : gpg 2.1 rocks !
Problem solved and here is the solution :

As Sijie said, the "smartcard compatible" pageant was loading the SIG key and
the AUTH key.

Unfortunately, under gpg 2.0.x, when you export a public key and use gpg2ssh,
the output is the ssh key for the SIG key (and not the auth).

So when using gpg-agent, it was waiting for putty to request the AUTH key and
not the SIG key (as it should !). The "smartcard enabled" pageant was sending
the SIG key so it was working with it.

Now for the good part : with gpg 2.1, we can now natively use --export-ssh-key,
and this command export the AUTH key, so in the end, it works :)

Thank you everyone for the help, and I hope it can helps other people too !

Can we close this bug please ?

Regards

Mar 25 2016, 9:07 AM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg

Mar 24 2016

timtim added a comment to T2293: gpg-agent + smartcard not asking for PIN with PUTTY.

For history purpose, and trying to maximize information, I have been asked to post some part of the discussion I have
on the mailing list about this problem. Here it is :

I tried older version (of gpg4win) (which, at the time, worked for people with the
same setup as myself), but I can try new version too of course.

That is helpful, because development right now is concentrating more
on Gpg4win 3 with the new GnuPG 2.1 (to become 2.2) and this is where
gpg-agent and pinentry is handled slightly differently. So making sure that
it works with the new version is better for the future.

Ok, I installed gpg4win 3.0.0 BETA 128.
The problem stay the same, no pin is asked.

In the mean time, I tried this tool : http://smartcard-auth.de/ssh-en.html
It replace the pageant.exe that ships with putty. And it works. When I
log on the server with putty, I got asked for the PIN. So I think this
is not a problem with the smartcard or with keys. It seems that it's
only that gpg-agent doesn't trigger the pinentry.

I tried witht gpg-agent on another computer (fresh install) running Windows 7 x64, and
with another smartcard, same problem : no pinentry asked.

Mar 24 2016, 5:40 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
timtim added a comment to T2293: gpg-agent + smartcard not asking for PIN with PUTTY.

Yes gpg-agent is started before, I can see it in the process list (and even the scdaemon process).

In fact, pageant can't be started at the same time as gpg-agent (I suppose it share the same mutex because it
says "pageant is already running" when I try to start pageant while gpg-agent is already running).

Mar 24 2016, 5:33 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
werner updated subscribers of T2293: gpg-agent + smartcard not asking for PIN with PUTTY.
Mar 24 2016, 5:15 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
werner added a comment to T2293: gpg-agent + smartcard not asking for PIN with PUTTY.

Did you start gpg-agent before putty or pageant?

Mar 24 2016, 5:15 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
bernhard updated subscribers of T2293: gpg-agent + smartcard not asking for PIN with PUTTY.
Mar 24 2016, 2:26 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg
bernhard added projects to T2293: gpg-agent + smartcard not asking for PIN with PUTTY: Windows, gpg4win, gnupg (gpg20), Windows 64.
Mar 24 2016, 2:26 PM · Windows 64, gnupg (gpg20), Bug Report, gpg4win, Windows, Not A Bug, gnupg

Mar 19 2016

jcross added a comment to T2289: UI says “Secret key is available.” in gpg when it is not.

I took a look at the source code and now understand what is going on here.
The code indicates: One or more secret keys (primary or sub) were found.
But the UI message suggests that the secret key of the current (primary) key was
found, hence my confusion.

Here are some ideas:

  1. EASY: Update the message to indicate it is generic and not specific to the key

being edited.

OR

  1. HARDER: Improve the logic so the message is specific to the key being edited.

Thoughts?

Mar 19 2016, 10:43 AM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)

Mar 18 2016

jcross changed Version from 2.0.28 to 1.4.19 on T2289: UI says “Secret key is available.” in gpg when it is not.
Mar 18 2016, 11:54 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
jcross added a comment to T2289: UI says “Secret key is available.” in gpg when it is not.

Here you go:

My master key is offline and I have subkeys on a Yubikey. As expected, I see sec# when listing keys when using the
online system:

gpg -K
sec# 4096R/2FFA7695 2016-02-01 [expires: 2020-01-31]
uid NAME <EMAIL@ADDRESS.COM>
ssb> 2048R/EA7CCF1B 2016-02-01
ssb> 2048R/1E8DA9B9 2016-02-01
ssb> 2048R/5BA60C24 2016-02-01
However, when I go into edit mode, gpg indicates that the "Secret is available":

gpg --edit-key 2FFA7695
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub 4096R/2FFA7695 created: 2016-02-01 expires: 2020-01-31 usage: C

trust: ultimate      validity: ultimate

sub 2048R/EA7CCF1B created: 2016-02-01 expires: 2018-01-31 usage: S
sub 2048R/1E8DA9B9 created: 2016-02-01 expires: 2018-01-31 usage: E
sub 2048R/5BA60C24 created: 2016-02-01 expires: 2018-01-31 usage: A
[ultimate] (1). NAME <EMAIL@ADDRESS.COM>
[ultimate] (2) [jpeg image of size 1234]

Tested with several recent versions of GnuPG. Am I misunderstanding this message?

Mar 18 2016, 11:53 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
werner added a comment to T2289: UI says “Secret key is available.” in gpg when it is not.

Please describe the error _here_ and do not link to an external page.

Mar 18 2016, 6:18 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)

Mar 16 2016

PRab added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

I believe I have also seen this issue (or something very similar) on my Windows
7 64bit machine. I am running gpg 2.1.11. I hope this isn't redundant, but it
seems that I need to restart scdaemon anytime I unplug/replug my yubikey or
suspend/resume my computer.

Sometimes it doesn't recover even after restarting scdaemon. In those cases, I
am able to fix it by stopping scdaemon, removing the yubikey, starting scdaemon,
and finally reinserting the yubikey.

Mar 16 2016, 9:01 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
jcross changed External Link from http://security.stackexchange.com/questions/115230/why-do-i-see-secret-key-is-available-in-gpg-when-it-is-not to http://security.stackexchange.com/q/115230/16036 on T2289: UI says “Secret key is available.” in gpg when it is not.
Mar 16 2016, 3:59 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
jcross added a comment to T2289: UI says “Secret key is available.” in gpg when it is not.

Bug system broke the link URL. Here is a shorter one:
http://security.stackexchange.com/q/115230/16036

Mar 16 2016, 3:59 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
jcross added projects to T2289: UI says “Secret key is available.” in gpg when it is not: gnupg (gpg14), gnupg (gpg20), gnupg, Bug Report.
Mar 16 2016, 3:56 PM · Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)

Feb 24 2016

aheinecke added a comment to T2135: Keyring locking on Windows broken.

I've tested it with pubring now too and it works.
Justus mentioned in jabber that he noticed some more errors after this patch in
the scheme tests. I've not tried them.

Feb 24 2016, 3:39 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner lowered the priority of T2135: Keyring locking on Windows broken from High to Normal.
Feb 24 2016, 2:24 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a comment to T2135: Keyring locking on Windows broken.

Okay, so I can backport this to 2.0 ?

Feb 24 2016, 2:24 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Feb 22 2016

aheinecke added a comment to T2135: Keyring locking on Windows broken.

Tested this with keybox and it appears to be working. When running a keylist
while importing the import holds for a bit and continues after the keylist.
Not tested this with keyring yet.

Feb 22 2016, 11:14 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Jan 28 2016

bernhard updated subscribers of T2232: Option faked-system-time not available for gpg2, but documented..
Jan 28 2016, 3:28 PM · Bug Report, gnupg, gnupg (gpg20), Documentation
bernhard added projects to T2232: Option faked-system-time not available for gpg2, but documented.: Documentation, gnupg (gpg20), gnupg, Bug Report.
Jan 28 2016, 3:28 PM · Bug Report, gnupg, gnupg (gpg20), Documentation

Jan 21 2016

werner closed T1501: Public part of a R4096(S)-Subkey lost when imported from an armored backup file. as Resolved.
Jan 21 2016, 4:56 PM · Won't Fix, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
werner added a project to T1501: Public part of a R4096(S)-Subkey lost when imported from an armored backup file.: Won't Fix.
Jan 21 2016, 4:56 PM · Won't Fix, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)
werner added a comment to T1501: Public part of a R4096(S)-Subkey lost when imported from an armored backup file..

This is caused by gpg inability of merging the secret keys. We can't fix that
in 1.4 or 2.0. 2.1 does not have this problem anymore.

Jan 21 2016, 4:56 PM · Won't Fix, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14)

Jan 15 2016

werner closed T1954: Password too long as Resolved.
Jan 15 2016, 4:46 PM · Info Needed, gnupg (gpg20), Bug Report, gnupg
werner added a project to T2126: gpgsm-2.0.x does not work with option --homedir, needs GNUPGHOME: Won't Fix.
Jan 15 2016, 1:22 PM · Won't Fix, gnupg (gpg20), Bug Report, gnupg
werner closed T2126: gpgsm-2.0.x does not work with option --homedir, needs GNUPGHOME as Resolved.
Jan 15 2016, 1:22 PM · Won't Fix, gnupg (gpg20), Bug Report, gnupg
werner added a comment to T2126: gpgsm-2.0.x does not work with option --homedir, needs GNUPGHOME.

We wont fix that because it has been fixed in 2.1 and backporting make no sense
given that an easy workaround is available.

Jan 15 2016, 1:22 PM · Won't Fix, gnupg (gpg20), Bug Report, gnupg
werner added a project to T2135: Keyring locking on Windows broken: In Progress.
Jan 15 2016, 9:54 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a project to T2135: Keyring locking on Windows broken: backport.
Jan 15 2016, 9:54 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a comment to T2135: Keyring locking on Windows broken.

I have pushed chnages to master to fix this problem. One drawback is that
during an import another process "gpg -k" may rarely see no keys at all. A full
fix would either require that we lock the keyrings during all read-only
operations, which would severely hit on the performance of all common
operations, or change the whole system to use a new key access daemon.

If this works the changes need to be backported to 2.0.

Jan 15 2016, 9:54 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Jan 5 2016

aheinecke added a comment to T2135: Keyring locking on Windows broken.

No Kleopatra does not open the pubring. Let's leave kleopatra out of this.

This bug is about multiple GnuPG processes that conflict with each other. See
msg7466 for an example.

Jan 5 2016, 2:37 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke removed a project from T2135: Keyring locking on Windows broken: kleopatra.
Jan 5 2016, 2:37 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a comment to T2135: Keyring locking on Windows broken.

Do you mean Kleo opens the pubring file itself?

Jan 5 2016, 2:33 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a comment to T2209: minimal dsa/elg bitsize during expert keygen outdated.

Commit e70f7a5 fixes this for 2.1.
Should be backported.
Thanks.

Jan 5 2016, 2:01 PM · backport, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14), gnupg (gpg21)
werner added a project to T2209: minimal dsa/elg bitsize during expert keygen outdated: backport.
Jan 5 2016, 2:01 PM · backport, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14), gnupg (gpg21)
werner claimed T2209: minimal dsa/elg bitsize during expert keygen outdated.
Jan 5 2016, 1:50 PM · backport, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14), gnupg (gpg21)
aheinecke added a comment to T2135: Keyring locking on Windows broken.

Renamed the issue to my current understanding of this problem. Locking on
Windows does not work properly.

Jan 5 2016, 11:05 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke renamed T2135: Keyring locking on Windows broken from Bulk key import fails on Windows if Kleopatra is running to Keyring locking on Windows broken.
Jan 5 2016, 11:05 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke updated subscribers of T2135: Keyring locking on Windows broken.
Jan 5 2016, 11:03 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke added a comment to T2135: Keyring locking on Windows broken.

Yesterday I had a failed Keygeneration while GpgOL's certificate selection
dialog in Kleopatra was open. Tried again and it worked. I did not get Debug
output but the pattern suggests to me that the Certificate selection dialog
looked for changes in the pubring while generating a key and the locking broke
again.

This problem is rising in my priority of Windows Issues as it causes random
failures. There is also a load of similar reports on various channels to be
found through google https://www.google.at/search?q=pubring.bak

Jan 5 2016, 11:03 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke raised the priority of T2135: Keyring locking on Windows broken from Normal to High.
Jan 5 2016, 11:03 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Dec 31 2015

rnd added projects to T2209: minimal dsa/elg bitsize during expert keygen outdated: gnupg (gpg21), gnupg (gpg14), gnupg (gpg20), gnupg, Bug Report.
Dec 31 2015, 6:09 PM · backport, Bug Report, gnupg, gnupg (gpg20), gnupg (gpg14), gnupg (gpg21)

Dec 22 2015

gniibe added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Thank you again.

It is likely that the token itself doesn't work well after wakeup from sleep
mode. In this case, all that we can do is re-inserting the token manually.

I'm not sure how PC/SC service handles USB reset after wakeup.

Dec 22 2015, 8:43 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Dec 22 2015, 7:52 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Sorry to say, but mapping the error to "no reader" doesn't help. The first
reset event doesn't get handled. Later it trys to remove the reader but it's
not getting correctly resetted/reinserted again.

I've attached the debug log again

Dec 22 2015, 7:52 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
gniibe added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Thank you for further testing.
I think that current code doesn't handle the case when card goes inactive/reset
while reader keeps working. Current code only goes to the reset sequence for a
card again when it detects reader failure. So, although the concept is
different, I think mapping PSCS_W_CARD_RESET to SW_HOST_NO_READER (for now) will
work. Given the situation we don't yet support multiple cards, this workaround
would be OK for a while.

Dec 22 2015, 2:10 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Dec 22 2015, 12:35 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Nope. Neither mapping the "reset card" event to SW_HOST_CARD_INACTIVE or
SW_HOST_NO_CARD helps. It seems that somewhere in the code the return code
SW error codes are not being handled correctly and the card doesn't get
resetted.

I've attached a small log where you can see that pcsc returns the error
reason "reset card" which then gets remapped to "Card reset required" (was
general error before). I also can see that the error is getting mapped to
GPG_ERR_CARD_RESET (because of the error message "Card reset required")
leaving the daemon around with no working card and reporting general errors
again (0x100b).

Additional Info: This bug only happens when you put your computer/laptop
into sleep mode while the smartcard/reader (yubikey) is plugged in. If I
remove the reader before putting it to sleep and attaching it after getting
out of the sleep mode, the scdaemon works fine.

Dec 22 2015, 12:35 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report

Dec 21 2015

dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

D338: 740_0002-scd-map-card-reset-event.patch

Dec 21 2015, 11:29 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Maybe it's more appropriate to map the PSCS_W_CARD_RESET event to the
SW_HOST_CARD_INACTIVE error code which later gets mapped to GPG_ERR_CARD_RESET
error code.

I've attached the patch file. It would make sense to backport this mapping as
well. Right now it's not yet tested.

Dec 21 2015, 11:29 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

I found another problem with the smartcard service under windows. Putting
the system into sleep mode and waking it up again creates an 0x80100068
error code (aka PCSC_W_RESET_CARD).

I'll test if it helps to map the RESET_CARD event to the same REMOVE_CARD
event to get the card reactivated after sleep mode.

Logfile:
2015-12-21 22:16:57 scdaemon[10040] DBG: send apdu: c=00 i=CA p1=00 p2=C4
lc=-1 le=256 em=0
2015-12-21 22:16:57 scdaemon[10040] DBG: PCSC_data: 00 CA 00 C4 00
2015-12-21 22:16:57 scdaemon[10040] pcsc_transmit failed: reset card
(0x80100068)
2015-12-21 22:16:57 scdaemon[10040] apdu_send_simple(0) failed: general
error

Dec 21 2015, 10:35 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report

Dec 15 2015

gniibe added a project to T1686: GPG Smartcard daemons not detecting card change Windows 8.1: Restricted Project.
Dec 15 2015, 5:23 AM · gnupg, Windows 32, gnupg (gpg20), Windows, Bug Report
gniibe added a comment to T1686: GPG Smartcard daemons not detecting card change Windows 8.1.

I think that this was fixed in:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=d1a97585c5e73fbc7d4cf90e38f76ffc5aea305f

It will be in 2.1.11 and 2.0.30.

Dec 15 2015, 5:23 AM · gnupg, Windows 32, gnupg (gpg20), Windows, Bug Report

Dec 14 2015

aheinecke changed Version from 2.0.29 to 2.1.10 on T2135: Keyring locking on Windows broken.
Dec 14 2015, 12:27 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke reassigned T2135: Keyring locking on Windows broken from aheinecke to werner.
Dec 14 2015, 12:27 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke added a comment to T2135: Keyring locking on Windows broken.

I've checked that 2.1.10 still has the problem. So back to you.

You can ping me directly if you need any debug logs or so.

Dec 14 2015, 12:27 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Dec 11 2015

aheinecke added a comment to T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.

Thanks for helping keep track of all these issues.

Yes this only fixes the problem that has already been fixed in the last Gpg4win
Versions. So that this will be fixed in future gnupg-2.1 versions.

Still to help us better seperate the problems I would like to close this as for
me this bug was about "Wrong encoding in a localized version".

  • the more critical "passphrase with non ASCII characters" problem (as reported

only here, see T1691 (andreaerdna on Aug 19 2014, 02:36 AM / Roundup)); does this bug need a
dedicated new Issue to be addressed and solved?

I actually overlooked this in this issue. Can you please open another issue for
that. And add me to the Nosy.

  • the "utf-8 encoding of encrypted filenames" / "strange behaviour of --utf8-

strings, --no-utf8-strings and --charset options" (as reported in Issue 1409 ad
probably similar to Gpgtar Issue 1624 / Gpa Issue 2185)

If this problem was still existing with gpg4win this is still a problem.

  • the "charset weirdness searching keyserver for some non-ASCII user IDs under

non-UTF-8 locales" (as reported in Issue 1514).

This appears not to be windows specific. Also I think this works except for
cases where the Key in question is problematic. If I search on windows for
emanuel@intevation.de I get the correct Umlauts shown. Might be a Problem though
for characters that are unrepresentable in the 8 Bit codepage.

Dec 11 2015, 4:21 PM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
andreaerdna reopened T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows as "Open".
Dec 11 2015, 3:43 PM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
andreaerdna added a comment to T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.

It sounds great!

So this patch, as the previous one, solves the "incorrect display of GPG 2
output translated into another language" (as reported here and previously also
in Issue 1373 and Issue 1674).

Does this patch solve also the "incorrect display of filenames with non ASCII
characters" (as reported here and previously also in Issue 1409)?

By the way, as I understand, this patch doesn't fix:

  • the more critical "passphrase with non ASCII characters" problem (as reported

only here, see T1691 (andreaerdna on Aug 19 2014, 02:36 AM / Roundup)); does this bug need a
dedicated new Issue to be addressed and solved?

  • the "utf-8 encoding of encrypted filenames" / "strange behaviour of --utf8-

strings, --no-utf8-strings and --charset options" (as reported in Issue 1409 ad
probably similar to Gpgtar Issue 1624 / Gpa Issue 2185)

  • the "charset weirdness searching keyserver for some non-ASCII user IDs under

non-UTF-8 locales" (as reported in Issue 1514).

Dec 11 2015, 3:43 PM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
aheinecke closed T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows as Resolved.
Dec 11 2015, 1:10 PM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
aheinecke added a comment to T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.

After some more discussion and testing in the development jabber channel werner
agreed to include this patch. Pushed to libgpg-error with 823e858. So this will
hopefully be part of the first gnupg modern release that will include localization.

Dec 11 2015, 1:10 PM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
aheinecke added a comment to T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.

D210: 737_0001-Fix-windows-8bit-encoding-conversion.patch

Dec 11 2015, 11:32 AM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
aheinecke changed Version from 2.0.26 to 2.1 on T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.
Dec 11 2015, 11:32 AM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
aheinecke added a comment to T1691: Charset / codepage problems in GnuPG 2.0.26 on MS Windows.

Updated Patch against libgpg-error where this code now lives.

Please apply this patch or something similiar.

The problem I can see is that with this code in libgpg-error now GUI
applications may use it which want to get "GUI Native".

Probably better to introduce a new function "wchar_to_console" ? And use it from
GnuPG. Does GPA use that conversion function?

Might be a good time for this now where gnupg master already depends on new
symbols in libgpg-error.

Dec 11 2015, 11:32 AM · gnupg (gpg14), Windows 32, gnupg (gpg20), gpg4win, Windows, Bug Report, gnupg
gniibe added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Thank you for your testing.

Your change is pushed with my comment:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=d1a97585c5e73fbc7d4cf90e38f76ffc5aea305f

I'll backport this to GnuPG 2.0.

Dec 11 2015, 1:07 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report

Dec 10 2015

dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Dec 10 2015, 3:33 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Here's the logfile with all the errors (guru debug level) vanilla 2.1.10

Dec 10 2015, 3:33 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Dec 10 2015, 3:32 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

After some time spending fighting with the build tools of gnupg (cross compile
for windows under debian) I managed to build the installer with my patched
file.

Most important: The most common error thrown is the 0x8010001e
(E_SERVICE_STOPPED) This is the important one. The other error 0x8010001d
(E_NO_SERVICE) is only thrown in the transition from ok to stopped. So only
sometimes.

This was my process:

git clone git://git.gnupg.org/gnupg.git
cd gnupg
git checkout tags/gnupg-2.1.10
./autogen.sh
cat ../0001-scd-Fix-removal-of-unplugged-usb-readers.patch | patch -p1
sed -i -e 's/^SELFCHECK=1/SELFCHECK=0/' build-aux/speedo.mk
make -f build-aux/speedo.mk w32-installer

I've created new logfiles (vanilla 2.1.10 und patched 2.1.10) to show the
difference and confirm that it'S actually working now :-)

Dec 10 2015, 3:32 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

I'm okay with signing off the commit. I can test this for Windows 8.1 or 10,
my only problem is that I'm not able to compile gpg for windows right now. Or
are there instructions somewhere on how to achieve this?

Dec 10 2015, 9:11 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
gniibe added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Thank you again.

I think that Windows 8 (and later) changed the PC/SC service. The service is
only available when smartcard is there, and after the removal, it returns
PCSC_E_NO_SERVICE error. This is not expected for current code.

I'm applying your patch with my comment like above. Do you agree to put the
line in the commit log?:

   Signed-off-by: Daniel Hoffend <dh@dotlan.net>

I don't have Windows 8 machine. So, I leave this issue as testing.

Dec 10 2015, 3:15 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
gniibe added a project to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon: Restricted Project.
Dec 10 2015, 3:15 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend changed Version from 2.1.9 to 2.1.10 on T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.
Dec 10 2015, 12:54 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

No, I just installed version 2.1.10 (which included your mentioned fix). But the
error still applies.

In my case the smartcard reader never gets closed, cause the error thrown by the
pcsc/scd gets only mapped to a general_error which does not result in
removing/closing the reader interface.

I've the feeling that we've to take a closer look at the errors thrown (at least
those 2 in my patch). Maybe there're even more possible events.

If you like I can upload the debug log of scdaemon 2.1.10 ... (if that helps).

Somehow I don't have any issues when running linux, this bug applies to windows
only atm. Maybe it's just that windows is throwing different errors or events
compared to linux.

Dec 10 2015, 12:54 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
gniibe claimed T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.
Dec 10 2015, 12:39 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
gniibe added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

Thank you for the bug report with log.

It could be related to the bug which was just fixed:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=f42c50dbf00c2e6298ca6830cbe6d36805fa54a3

I'm backporting this to 2.0.x.

Dec 10 2015, 12:39 AM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report

Dec 9 2015

aheinecke claimed T2135: Keyring locking on Windows broken.
Dec 9 2015, 8:54 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32
bernhard added a comment to T1817: Changing expiration on subkeys breaks subkeys.

Some more infos:

https://www.openkeychain.org/faq/#importing-your-own-key-from-gnupg-fails
says that this is a problem for a number of people.

Werner told me that porting the fix back would mean to basically
migrate 2.0 to 2.1, which is useless because 2.1 is already 2.1.

Another possibility would be to change --export to mix public keys (certs)
with secret keys. This would create other problems and thus is not
adviable for a stable version.

So I think this is "won't fix" because it (technically) does not make
sense to fix in 1.4 or 2.0. Solutions: Use 2.1 or wait for 2.2.
As importing implementation: Be tolerant for this problem man use the cert
information if you can.

Dec 9 2015, 3:55 PM · Won't Fix, gnupg (gpg20), gnupg (gpg14), Bug Report, gnupg
bernhard closed T1817: Changing expiration on subkeys breaks subkeys as Resolved.
Dec 9 2015, 3:55 PM · Won't Fix, gnupg (gpg20), gnupg (gpg14), Bug Report, gnupg
bernhard removed projects from T1817: Changing expiration on subkeys breaks subkeys: Stalled, maybe.
Dec 9 2015, 3:55 PM · Won't Fix, gnupg (gpg20), gnupg (gpg14), Bug Report, gnupg
bernhard changed Version from 1.4.18 & 2.0.26 to 1.4.18, 2.0.26 on T1817: Changing expiration on subkeys breaks subkeys.
Dec 9 2015, 3:55 PM · Won't Fix, gnupg (gpg20), gnupg (gpg14), Bug Report, gnupg
bernhard added projects to T1817: Changing expiration on subkeys breaks subkeys: gnupg (gpg20), Won't Fix.
Dec 9 2015, 3:55 PM · Won't Fix, gnupg (gpg20), gnupg (gpg14), Bug Report, gnupg

Dec 7 2015

dhoffend added a comment to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon.

After looking at the gnupg 2.0 branch I would say the patch could be applied
to the 2.0 and 2.1 branch to fix the issue in both branches stable/modern
since both version are affected (tested with 2.1.9 and 2.0.29 from gpg2win)

Dec 7 2015, 10:49 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report
dhoffend added projects to T2167: Unplugging USB Smartcard/Yubikey causes problems with scdaemon: Windows 32, Windows, scd, gnupg (gpg21), gnupg (gpg20), Windows 64, patch.
Dec 7 2015, 10:49 PM · gnupg (gpg22), Restricted Project, patch, Windows 64, scd, Windows, Windows 32, Bug Report

Nov 30 2015

werner added a comment to T2135: Keyring locking on Windows broken.

I just double checked the code from 2.1 - it looks really okay.
I need to look at the 2.x branch, though.

Nov 30 2015, 9:01 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Nov 27 2015

aheinecke added a comment to T2135: Keyring locking on Windows broken.

Test data from: http://keyserver.borgnet.us/dump/sks-dump-0000.pgp.bz2

In one console window:
mkdir c:\test-issue2135
set GNUPGHOME=c:\test-issue2135
gpg2 --import c:\users\aheinecke\Desktop\sks-dump-0000.pgp

in another:
set GNUPGHOME=c:\test-issue2135
gpg2 -k

Triggers this: (And the error messages also look wrong)

gpg: waiting for lock c:/test-issue2135/pubring.gpg.lock...
gpg: renaming c:/test-issue2135/pubring.gpg' to c:/test-issue2135/pubring.bak'
failed: Permission
denied
gpg: error writing keyring `c:/test-issue2135/pubring.gpg': Permission denied
gpg: key CBB511F4: public key "[User ID not found]" imported
gpg: error reading `c:\\Users\\aheinecke\\Desktop\\sks-dump-0000.pgp':
Permission denied
gpg: import from `c:\\Users\\aheinecke\\Desktop\\sks-dump-0000.pgp' failed:
Permission denied
gpg: Total number processed: 278
gpg: w/o user IDs: 14
gpg: imported: 265 (RSA: 82)
gpg: renaming c:/test-issue2135/pubring.gpg' to c:/test-issue2135/pubring.bak'
failed: Permission
denied
gpg: failed to rebuild keyring cache: Permission denied
gpg: no ultimately trusted keys found

Nov 27 2015, 11:35 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
aheinecke added a comment to T2135: Keyring locking on Windows broken.

In this case I'm pretty sure that it does not. I check that I can come up with a
testcase that does not involve kleo.

Nov 27 2015, 9:31 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32
werner added a comment to T2135: Keyring locking on Windows broken.

Is Kleopatra messing around with files in ~/.gnupg in any way? IIRC, Kleo
sometimes bypasses gpgme. For example does it open pubring.gpg ?

Nov 27 2015, 9:28 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Nov 23 2015

neal updated subscribers of T2019: Order of magnitude degradation in performance in gpg2 cf gpg.

@guilhem, @dkg I've cc'd you on this since you seem to be interested in this code.

I've just updated the branch with a few small bug fixes. Most importantly, I
fixed the memory problem by limiting the read-ahead cache to 20 MB. @guilhem:
I'd be interested to hear whether this fixes the problem that you observed.

@bernhard Sorry for not getting back to you sooner. If you checkout neal/kdb,
you'll get the latest code for the kdb format. Set --homedir or GNUPGHOME
appropriately, import your keyring and then try some operations:

$ mkdir /tmp/gnupg-kbx

$ gpg2 --export | time gpg2 --homedir /tmp/gnupg-kbx --no-default-keyring

--keyring gnupg-kdb:pubring.kdb --import /tmp/keys 2>/dev/null

This makes 6.5 seconds on my box using the kdb format and just under 2 min using
kdb. See
https://lists.gnupg.org/pipermail/gnupg-devel/2015-November/030525.html for some
example benchmarks.

I'm particularly interested to hear whether this fixes the major performance
problem that you're experiencing.

Thanks.

Nov 23 2015, 3:13 PM · Stalled, Bug Report, gnupg

Nov 18 2015

neal closed T1763: gpg ... delete key failed: Unknown system error as Resolved.
Nov 18 2015, 11:23 AM · gnupg (gpg20), Bug Report, gnupg
neal added a comment to T1763: gpg ... delete key failed: Unknown system error.

As I understand the problem, a key appeared in multiple keyrings and this was
causing confusion. I don't think there is a bug here so I'm marking this issue
as resolved.

Nov 18 2015, 11:23 AM · gnupg (gpg20), Bug Report, gnupg

Nov 13 2015

aheinecke added a comment to T2135: Keyring locking on Windows broken.

I've disabled the automatic keylisting while an import job is running in
Kleopatra as this is a good idea anyway.

Still this should be fixed although we might want to give it a try with 2.1
instead as it is no longer a hard issue for gpg4win with the workarond in kleo
in place.

The import with 2.0.29 is also very slow on Windows. Over two minutes to import
650 keys while the same import with 2.1.9 on GNU/Linux only takes 20seconds.

Nov 13 2015, 12:34 PM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Oct 29 2015

bernhard updated subscribers of T2019: Order of magnitude degradation in performance in gpg2 cf gpg.

@werner
Running with --no-sig-cache took 30 Minutes.
gpg2 --delete-key 52D717F3
time LANG=C gpg2 -v --no-sig-cache --recv-keys 52D717F3
real 29m38.897s

While time LANG=C gpg2 -v --recv-keys 52D717F3 took 2 minutes.
Debian gnupg2 Version: 2.0.26-6 i386.

@neal:
Thanks for working on this, if you think it may may sense to test this
with real data, can you point to the steps required to do this?
(I guess building gpg-2.1-from your git branch, ...)

@All,
any idea what the change between 2.0.25-99intevation2 on Wheezy
and 2.0.26-6 on Jessie could be that would cause this problem?
(Or is it just a few small certs or trust settings more that will cause
this one magnitude higher load)

Oct 29 2015, 3:40 PM · Stalled, Bug Report, gnupg
neal added a comment to T2019: Order of magnitude degradation in performance in gpg2 cf gpg.

I've implemented a new db format. It's still incomplete and experimental, but
it's available from the neal/next branch. Importing
/usr/share/keyrings/debian-keyring.gpg, which contains 751 keys is much faster
using this format:

$ rm pubring.kdb; time gpg2 --no-default-keyring --primary-keyring
gnupg-kdb:pubring.kdb --import debian-keyring.gpg >/dev/null
gpg: Total number processed: 751
gpg: imported: 751

real 0m7.729s
user 0m5.404s
sys 0m0.332s
$ rm pubring.kdx; time gpg2 --no-default-keyring --primary-keyring
gnupg-kbx:pubring.kdx --import debian-keyring.gpg >/dev/null
gpg: Total number processed: 751
gpg: imported: 751
gpg: public key of ultimately trusted key 2183839A not found
gpg: public key of ultimately trusted key BC15C85A not found
gpg: public key of ultimately trusted key EE37CF96 not found

real 1m52.560s
user 0m6.268s
sys 0m31.604s

Running --check-trustdb is almost an order of magnitude faster:

$ time gpg2 --no-default-keyring --primary-keyring gnupg-kdb:pubring.kdb
--check-trustdb
real 0m0.158s
user 0m0.004s
sys 0m0.004s
$ time gpg2 --no-default-keyring --primary-keyring gnupg-kbx:pubring.kbx
--check-trustdb
real 0m0.975s
user 0m0.012s
sys 0m0.032s

Doing a sequential read is a bit slower:

$ time gpg2 --no-default-keyring --primary-keyring gnupg-kdb:pubring.kdb -k |
grep ^pub | wc -l
751

real 0m2.515s
user 0m2.432s
sys 0m0.088s
$ time gpg2 --no-default-keyring --primary-keyring gnupg-kbx:pubring.kdx -k |
grep ^pub | wc -l
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
751

real 0m1.245s
user 0m1.168s
sys 0m0.076s

This is because the interface for doing a full scan of the DB is unsuitable. If
we decide to use the new format, it shouldn't be hard to improve this.

I'd be interested in any feedback and perhaps some more measurements in real
conditions.

Thanks,

Neal

Oct 29 2015, 11:31 AM · Stalled, Bug Report, gnupg

Oct 27 2015

aheinecke added projects to T2135: Keyring locking on Windows broken: kleopatra, Windows 32, gnupg, Windows, gpg4win, gnupg (gpg20), Bug Report.
Oct 27 2015, 9:25 AM · Bug Report, gpg4win, Windows, gnupg, Windows 32

Oct 19 2015

werner added a project to T2126: gpgsm-2.0.x does not work with option --homedir, needs GNUPGHOME: gnupg (gpg20).
Oct 19 2015, 7:51 PM · Won't Fix, gnupg (gpg20), Bug Report, gnupg

Sep 9 2015

werner removed a project from T2043: Gpgsm stable: gen-key triggers bug with recent libgcrypt: Restricted Project.
Sep 9 2015, 4:12 PM · gnupg (gpg20), gpg4win, Bug Report, gnupg