In general there always might be problems with incompatibilities of other addins installed on a system.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Nov 30 2020
The error comes form using READKEY which is processed by gpg-agent. At this time the agent does not yet know the stub key and thus returns ENOENT. At the places before we used "SCD READKEY" which works directly with scdameon and does not need a stub file. We need to review the new(?) way of creating stub files, describe that and then fix this by either making sure tha the stub key is created first or that we use SCD READKEY there too.
Done.
I am running in a setup where my GnuPG 2.3 is connected to a gpg-agent / scdaemon running at GnuPG 2.2.12.
Okay, I usually only keep hitting crl+w in that case. But I see the point when doing imports this can be annoying.
there was an issue that has been fixed in 3.1.14 which was creating problems / crashes when the home directory of a user had a unicode character in it. So maybe your one user had such a username?
Seems to work now. I'm not sure whether I should close this issue because it's marked for backport.
Works now. Thanks.
Another issue that comes in to mind is that current ARM/ARM64 HW feature detection most likely wont work on MacOS. Thus HW accelerated AES&SHA&GHASH implementation wont be used.
IIUC, for the build of Homebrew, it is the issue of in: https://github.com/Homebrew/homebrew-core/commit/e7da1e2157b2e8373c3b39ea6398f51588ea537c
Please have a look at T5024: libtool problem for some platforms for 'make check' (program built with -no-install won't work without installation), if make check works after the installation of libgcrypt.
See T2056: libgcrypt: make check fails "random" test on OS X 10.11 with link error, if test with 'random' fails.
HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS is never defined on ARM64 as it depends on "$mpi_cpu_arch" == "x86". Instead I think new check for GCC assembly ELF directives would be needed in configure.ac, similar to HAVE_GCC_ASM_CFI_DIRECTIVES check. Following check should work, but I have not yet tested it:
ARM64 has been only tested on platforms which support ELF.
Nov 29 2020
I confirm I have tried with latest 3.1.14 on two different computers (Windows) where I had this "Unknown version" bug going on and they both properly show 3.1.14 version as it should.
I am quite aware of that each user has there own keys and configurations.
I added a third user to the computer, configured them the same as the first user, and was not able to sign or encrypt any emails.
When I clicked on the lock nothing happened.
Yes, I did. Identical result.
Why the hell do they that? The standard compiler on a system is called cc which may translated to whatever the system installs for it. gcc is a specific implementation with certain properties. Di you try CC=clang to override this?
And the arm64 cross-compiler:
Sorry, I forgot to mention that Apple ships a gcc-wrapper for clang. It just accepts gcc command lines parameters and translates them to clang parameters.
Here is the output of gcc --version:
You say that you build using clang but the log shows that you invoke gcc.
Nov 28 2020
The problem is meanwhile solved. Thanks a lot
Heinrich
Nov 27 2020
No more problems reported, so I assume like @aheinecke that it has been resolved in Windows.
This has been fixed for Unix on 2.2 and 2.3. The command line fix for Windows is a larger thing already tracked by T4398.
We changed the fallback to utf-8 in 2.2 and 2.3 and thus this bug can be closed. On Windows there is still the problem with the command line. However, this is better tracked with T5038 and its related tasks.
Regarding a backport I think that I will eventually backport all app-*c to stable by source copying them. We have a quite stable internal API and thus it is easier to keep at least the card specific code in sync. I did some local work in this directory some time ago.
Finally, with the physical device, I figure out what's going on.
The error handling in bulk_in in ccid-driver.c is not good for pinpad input.
It doesn't return an error when it is cancelled or timeout (for the user interaction).
And it calls libusb_clear_hald which causes screwed up situation.
Nov 26 2020
Recall that each user has their own keys and configuration. This seems to be a general question on how to use GpgOL. Please use the help resources listed at gpg4win.org instead of this bug tracker.
You are right, the new 3.4 cards support brainpool curves in addition to the nist curves.
Sorry, I realized this myself this morning and did couple of fixes. rG7113263a00d8 does this all however I forgot to mention the bug number.
Argh. The following patch replaces the previous patch. It fixes the calculation of the display serial number.
I think the calculation of the OpenPGP s/n is not correct. As you write, "Yubico seems to use the decimalized version of their S/N as the OpenPGP card S/N." This matches my observation for my Yubikey:
s/n printed on Yubikey: 9074582
Yubikey s/n (with our prefix): FF020001008A7796
OpenPGP AID: D2760001240102010006090745820000
If you mean OpenPGP Card v3 standard, no it did not support cv25519 ed25519, but some other curves up until v3.4. So if there is a specific specification bringing this feature, can you might refer to the specific version? Otherwise, I think this task is still valid.
I remember the problem being the card manufacturers that are not interesting in cv25519 (yet).
Or it might be related issue of name server access like in T3168: dirmngr: gpg: keyserver receive failed: No keyserver available.
As of November 2020, the redirect problem has gone.
And we addressed that as "Legacy GnuPG MiniHOWTO" in rDd51cd2013e66: web: Add warning notes to most HOWTOS..
This must be an issue of SRV record retrieval.
Merging.
Support was added in version 3 card.
Because the original problem of EAFNOSUPPORT has been fixed, I am going to close this bug.
It is likely that EPERM (Operation not permitted) occurs by a system call connect(2) if you have some firewall rule(s) which forbids network access.
The dirmngr use libdns resolver which directly connects name servers.
If this is the case, you can use `--standard-resolver\ to use system's standard DNS resolver instead.
The log file specified in .gnupg/dirmngr.conf is created at the start of dirmngr.
dirmngr is invokded by the first call of gpg, and it keeps running and handle next request from second invocation of gpg.
So, nothing is problem.
On Debian, please see: /usr/share/doc/g++-mingw-w64-i686-win32/README.Debian
IIUC, the error occurred when Kleo is exiting and a destructor (in libKF5ConfigWidgets) is called with null pointer.
Version 3.1.14 released 2020-11-25
Kleopatra / GnuPG: Unicode home directories are now supported. (T5055)