Problems with Gnus (Emacs) + GnuPG for signing a mail with S/MIME

2022-11-04 Thread Angel de Vicente 
Hello,

I've been trying to figure out why my setting (Emacs + Gnus) is giving
me trouble to sign SMIME messages. Well, the only problem seems to be
when I select the option for loopback pinentry, and only for SMIME
messags. For signing with PGP loopback seems to work fine and I get
asked the passphrase in the Emacs minibuffer, but for SMIME there seems
to be a problem. 

By setting epg-debug in Emacs to True I found that most of the moves are
OK, but that the error comes from not being able to get the passphrase:

the " *gpg-error* buffer comes with:
,
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: Note: non-critical certificate policy not allowed
| gpgsm: CRLs not checked due to --disable-crl-checks option
| gpgsm: DBG: adding certificates at level -2
| gpgsm: ignoring gpg-agent inquiry 'PASSPHRASE'
| gpgsm: error creating signature: No passphrase given 
`

while the gpg-agent.log tells me:
,
| DBG: chan_9 -> OK Pleased to meet you, process 3382246
| DBG: chan_9 <- RESET
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION ttytype=dumb
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION display=:0.0
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION xauthority=/home/angelv/.Xauthority
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION putenv=XDG_SESSION_TYPE=x11
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION 
putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION putenv=INSIDE_EMACS=28.2,epg
| DBG: chan_9 -> OK
| DBG: chan_9 <- GETINFO version
| DBG: chan_9 -> D 2.2.40
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION allow-pinentry-notify
| DBG: chan_9 -> OK
| DBG: chan_9 <- OPTION pinentry-mode=loopback
| DBG: chan_9 -> OK
| DBG: chan_9 <- HAVEKEY FC155E4BAF3DA44364C84711DA0B7137EA89D084
| DBG: chan_9 -> OK
| DBG: chan_9 <- ISTRUSTED D1EB23A46D17D68FD92564C2F1F1601764D8E349
| DBG: chan_9 -> S TRUSTLISTFLAG relax
| DBG: chan_9 -> OK
| DBG: chan_9 <- RESET
| DBG: chan_9 -> OK
| DBG: chan_9 <- SIGKEY FC155E4BAF3DA44364C84711DA0B7137EA89D084
| DBG: chan_9 -> OK
| DBG: chan_9 <- SETKEYDESC
| 
Please+enter+the+passphrase+to+unlock+the+secret+key+for+the+X.509+certificate:%0A%22/CN=Angel+M+de+Vicente/O=Instituto+de+Astrofisica+de+Canarias/STREET=Calle+Vía+Láctea,+s\x2fn/ST=Santa+Cruz+de+Tenerife/C=ES%22%0AS/N+00B4307E9B17A8814A2B5CAE68E09B520E,+ID+0x74A5504B,%0Acreated+2022-10-31,+expires+2024-10-30.%0A
| DBG: chan_9 -> OK
| DBG: chan_9 <- SETHASH 9 
96D6D02821BA0498546EF7BD466B9712FD1C8126AD583F895CD8DDA26DD07B7BBFD74F8A5A6E3087C0893C7BBDD78CCB
| DBG: chan_9 -> OK
| DBG: chan_9 <- PKSIGN
| DBG: agent_get_cache 'FC155E4BAF3DA44364C84711DA0B7137EA89D084'.0 (mode 2) ...
| DBG: ... miss
| DBG: agent_get_cache '6F4B59E5A9FBC6FB684CB55FDBB7CC30EEE197E3'.0 (mode 2) 
(stored cache key) ...
| DBG: ... miss
| DBG: chan_9 -> S INQUIRE_MAXLEN 255
| DBG: chan_9 -> [[Confidential data not shown]]
| DBG: chan_9 <- [[Confidential data not shown]]
| failed to unprotect the secret key: No passphrase given
| failed to read the secret key
| command 'PKSIGN' failed: No passphrase given
| DBG: chan_9 -> ERR 67109041 No passphrase given 
| DBG: chan_9 <- [eof]
`

I have removed gnome-keyring and seahorse in my system (in case there
was a conflict with them). 

Any ideas as to what might cause this?

Many thanks
-- 
Ángel de Vicente
 Research Software Engineer (Supercomputing and BigData)
 Tel.: +34 922-605-747
 Web.: http://research.iac.es/proyecto/polmag/

 GPG: 0x8BDC390B69033F52


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Difference between versions--Question

2022-11-04 Thread K S via Gnupg-users 
How do I run configure to get the compression routines?

I ran the build exactly like the README file indicated I should.

FYI, this is the first time I've built from source.

kcs

On Mon, Oct 31, 2022 at 9:44 AM Ingo Klöcker  wrote:
>
> On Montag, 31. Oktober 2022 10:23:10 CET K S via Gnupg-users wrote:
> > Question:
> > Why aren't those identical? I notice the source build has only
> > Uncompressed as an option.
> [...]
> > Is there something I missed in my build?
>
> configure most likely didn't find the development files of the compression
> libraries. Check the output of configure.
>
> Regards,
> Ingo
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: libgcrypt clang asm configure issue.

2022-11-04 Thread Jussi Kivilinna 

Hello,

On 28.10.2022 22.00, Dmytro Kovalov via Gnupg-users wrote:

Hello,

I found a strange libgcrypt behavior on ARM with clang built.

There is a big gap in performance of libgcrypt, built by clang, in comparison 
with gcc on my ARM target machine.
The simple profile test shows 100-500% advantage of gcc gcrypt.
I found an awkward workaround to beat this issue, but need your help to find 
the best way to fix it.

The root cause is next:
Due to clang strict assembler syntax rules the unified assembler ARM check 
doesn't pass.
Assembler check fails while ./configure for flags:
HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS
HAVE_GCC_INLINE_ASM_NEON

As a workaround I remove '%' from registers names in
configure.ac ,
arm mips lib *.S files,
cipher/*arm.S,*armv7-neon.S files.

Could you please help with a more correct - polite way to compile libgcrypt 
with assembler code?


This looks correct fix for improving compatibility with clang. It seems that 
GNU assembler works with those extra '%', but clang arm assembler does not. 
Only some of the arm assembly in libgcrypt have those extra '%' on register 
names but not all.

-Jussi



Tested on:
libgcrypt-1.8.6
libgcrypt-1.9.3

Equipment:

build machine:
intel based cpu x86_64
Ubnuntu-20.04

Software
compiler        : clang 11.1.0
linker lld      : lld 11.1.0
assembler       : llvm-as 11.1.0
cflags          : "-m32 -march=armv7-a -mthumb -mfpu=vfpv3-d16 
--target=arm-linux-gnueabihf"

arm-linux-gnueabihf sysroot based on glibc 2.31

libgcrypt configuring:
CC="arm-linux-gnueabihf-clang" \
./configure \
   --with-libgpg-error-prefix= \
   --prefix= \
   --host=arm-linux-gnueabihf \
   --enable-static \
   --disable-doc


target machine:
hardware:
model name : ARMv7 Processor rev 4 (v7l)
BogoMIPS : 2304.00
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 
lpae aes pmull sha1 sha2 crc32


Best Regards,
Dmytro Kovalov
dmytro.a.kova...@globallogic.com 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users