From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:306:f42::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id 0F8sEjKCyGG44gAAgWs5BA (envelope-from ) for ; Sun, 26 Dec 2021 15:54:42 +0100 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id aGrJDjKCyGFaOQEAauVa8A (envelope-from ) for ; Sun, 26 Dec 2021 15:54:42 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id CB4911FE79 for ; Sun, 26 Dec 2021 15:54:41 +0100 (CET) Received: from localhost ([::1]:48808 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1n1Uv2-0006o7-Mw for larch@yhetil.org; Sun, 26 Dec 2021 09:54:40 -0500 Received: from eggs.gnu.org ([209.51.188.92]:51504) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n1Uus-0006ni-D3 for help-guix@gnu.org; Sun, 26 Dec 2021 09:54:30 -0500 Received: from marvid.fr ([163.172.81.107]:58608 helo=courriel.marvid.fr) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n1Uuq-0002j9-CT for help-guix@gnu.org; Sun, 26 Dec 2021 09:54:30 -0500 Received: from localhost (schwifty.marvid.fr [51.159.4.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by sahkopoika (Postfix) with ESMTPSA id 2BEC568609CD for ; Sun, 26 Dec 2021 15:53:48 +0100 (CET) User-agent: mu4e 1.6.10; emacs 27.2 From: Sergiu Ivanov To: help-guix@gnu.org Subject: gnupg 2.2.29 -> 2.2.30 breaks symmetric decryption (and gpg-agent?) Date: Sun, 26 Dec 2021 14:31:01 +0100 Message-ID: <874k6v1kp0.fsf@colimite.fr> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: none client-ip=163.172.81.107; envelope-from=sivanov@colimite.fr; helo=courriel.marvid.fr X-Spam_score_int: -3 X-Spam_score: -0.4 X-Spam_bar: / X-Spam_report: (-0.4 / 5.0 requ) BAYES_00=-1.9, FORGED_SPF_HELO=1.498, SPF_HELO_PASS=-0.001, SPF_NONE=0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1640530482; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=UBDd1X8/pwJavLaIeNzd6S48HESLXPpkaPtn2/krsbo=; b=UXo24jUu0AQ/b+yUxfZd/5hPlPdSOkhyxGMR/tE1TA82SvdawN+QV4KZh2WZuUFJArzIFG rDRsH+pfKQSX22IE5q4DpLMlPOe9LIleAxzbpO+uLIWuqQmY/cSHt8XrXump/jy70jy6+d mTgYwh/r7Za+th+QQCv0ThggKjBmgR/GJiEv6WnNc32TkCcaRXm0TGpGXandqTz5GAcRap GxG/yfL4rukIbq7mCjXryWu19gHa17kBB/6a358CF3D0rwthH7orkTWkYhx5uncZeU64Up zH60Dtwb7WIAZja9XSRJ8t7kXFx2QVeuQDnRYqX7kQmlTS3BQIdtqaKSDLVIKA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1640530482; a=rsa-sha256; cv=none; b=uFQZ5G8jtuRY63W4XtihE2LX7alYOy5pCEaWqFbk/1VUNVeOnY22AsR1VrOE3Wf0j4nteh oqfq2RiQACFHgY6FCgBbnlXHl5YsG0sJkv7w8JEFAjfXOrKO5lmvyeenetgDspaq4fWjrK NAp7eKnjdoNIxgmyB2aCtX/ApcAkZdtsk05Ezj/RqUVCwEC1S964MlRU39DPHykU5GWP/e DhfVAmkrou/mEEysb/Iz9Y/kdug92JhNc/PN592xe4iH55ouSpj1zeP9mZ+dZVWHP5wSjs cKnQE6ysKyj5X1z/Scp1gyuA7f1U5//uGY+4cSG1lMGpkc3UuTW1/+4pfVsR4A== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.07 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: CB4911FE79 X-Spam-Score: -3.07 X-Migadu-Scanner: scn1.migadu.com X-TUID: P4oAWVJRH72L Hi, I have just upgraded my Guix home on a Guix System, which took gnupg from 2.2.29 to 2.2.30. When I run gpg -v --decrypt on a file with symmetric encryption, I get the following error: scolobb@quark ~/tmp$ gpg -v --decrypt world.gpg gpg: AES.CFB encrypted data gpg: no running gpg-agent - starting '/gnu/store/0snfzd41n430ddpq316j9v2z5fn2y62m-gnupg-2.2.30/bin/gpg-agent' gpg: waiting for the agent to come up ... (5s) gpg: connection to agent established gpg: pinentry launched (3287 gtk2 1.1.1 /dev/pts/0 eterm-color :0 20620/1000/996 1000/998 1) gpg: problem with the agent: End of file gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key After this procedure, gpg-agent is not running, for example: scolobb@quark ~/tmp$ gpg-agent gpg-agent[3513]: no gpg-agent running in this session If I remove world.gpg, re-encrypt world, and rerun the above decryption command, it works. However, if I try decrypting another file, or if I reboot and try decrypting the same world.gpg, I get back to the same error. gpg-agent is never running after I issue the decryption commands, even if I explicitly start it before. Does anyone experience similar issues? I did look around the internet quite a bit, but people getting similar error messages have different symptoms. My current workaround is to boot into my latest configuration (system and home), rollback home to the previous configuration, decrypt the files I need in temporary Emacs buffers, then switch home to the latest configuration. For the record, here are the outputs of gpg --version in my latest and previous home generations: # Current generation gpg (GnuPG) 2.2.30 libgcrypt 1.8.8 Copyright (C) 2021 Free Software Foundation, Inc. License GNU GPL-3.0-or-later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/scolobb/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 # Previous generation gpg (GnuPG) 2.2.29 libgcrypt 1.8.5 Copyright (C) 2021 Free Software Foundation, Inc. License GNU GPL-3.0-or-later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/scolobb/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 - Happy holidays :-) Sergiu