Package Details: gnupg-git 2.1.0beta3+220+g82c25e6-1

Git Clone URL: https://aur.archlinux.org/gnupg-git.git (read-only)
Package Base: gnupg-git
Description: GNU Privacy Guard 2 - a PGP replacement tool. Development version. Do not use in production environments. Test new ECC algorithm by using --expert with --gen-key
Upstream URL: http://www.gnupg.org/
Licenses: GPL
Conflicts: dirmngr, gnupg, gnupg2
Provides: dirmngr, gnupg=2.1.0beta3+220+g82c25e6
Replaces: dirmngr, gnupg, gnupg2
Submitter: alphazo
Maintainer: alphazo
Last Packager: alphazo
Votes: 1
Popularity: 0.000000
First Submitted: 2013-06-30 19:25
Last Updated: 2015-06-10 14:22

Required by (117)

Sources (1)

Latest Comments

alphazo commented on 2014-10-03 09:05

@flick, secret key export of ECC keys seems to be working now.

djhaskin987 commented on 2014-09-15 17:57

This build is asking for libgpg-error 1.15+ now. Currently the core/ repo has 1.14 . I have added a library in the AUR for this library that works off of git: https://aur.archlinux.org/packages/libgpg-error-git/ Using that library should solve the problem.

flick commented on 2014-06-10 02:34

I experience similar results to AdrianCohea, specifically with regards to "--export-secret-keys" and "--export-secret-subkeys". These options fail, causing the password prompt to open repeatedly before (key-ids changed to 0x):

> gpg --export-secret-keys me@me.com
gpg: key 0x: error receiving key from agent: Missing item in object - skipped
gpg: key 0x/0x: error receiving key from agent: Missing item in object - skipped
gpg: key 0x/0x: error receiving key from agent: Missing item in object - skipped
gpg: WARNING: nothing exported

These errors occur for all ECC secret-key material it seems. Appears to be a development problem, noted in the mailing list:

http://permalink.gmane.org/gmane.comp.encryption.gpg.user/37232

If one follows that thread Werner Koch is himself involved (although it seems he didn't anticipate the errors).

AdrianCohea commented on 2014-03-08 04:12

The Brainpool curves over P-256, P-384, and P-512 appear to be implemented. I was able to generate two keypairs over each curve.

I could clearsign with all keys I generated. I could verify messages signed by all keys I generated.

I could encrypt a message using all keys I generated with recipients being any one of the keys I generated, and I was able to have recipients using keys generated over curves different from the sender's key.

However, all decryption operations failed. I could not export any of the keys. I could not remove the keys from my keyring.

alphazo commented on 2014-02-02 21:19

I asked on gnupg mailing list regarding this issue and it appears that code for some of the ECC curves is just implemented yet. Stay tuned!

clpwn commented on 2014-02-02 11:54

Could not generate ECC key with a build done today, Feb 2.

# gpg --expert --key-gen

[Curve 25519]
gpg: writing self signature
gpg: signing failed: No such file or directory
gpg: make_keysig_packet failed: No such file or directory
Key generation failed: No such file or directory

[NIST P-384]
gpg: key_from_sexp failed: Invalid object
Key generation failed: Invalid object

alphazo commented on 2014-01-23 14:45

I had the same issue but compiling the git version today (Jan 23) worked and I could generate an ECC key.

AdrianCohea commented on 2014-01-18 21:09

libgcrypt is now version 1.6 in [core], and this package now builds, but it still doesn't work for me unfortunately. I can't do anything with the ECC functionality:

# ECDSA and ECDH Key Generation Testing
# gpg --expert --gen-key

# [Curve 25519] FAIL
gpg: agent_genkey failed: Invalid S-expression
Key generation failed: Invalid S-expression

# [NIST P-256] FAIL
gpg: key_from_sexp failed: Invalid object
Key generation failed: Invalid object

# [NIST P-384] FAIL
gpg: key_from_sexp failed: Invalid object
Key generation failed: Invalid object

# [NIST P-521] FAIL
gpg: key_from_sexp failed: Invalid object
Key generation failed: Invalid object

# [Brainpool P-256] FAIL
gpg: signing failed: Provided object is too short
gpg: make_keysig_packet failed: Provided object is too short
Key generation failed: Provided object is too short

# [Brainpool P-384] FAIL
gpg: signing failed: Provided object is too short
gpg: make_keysig_packet failed: Provided object is too short
Key generation failed: Provided object is too short

# [Brainpool P-512] FAIL
gpg: signing failed: Provided object is too short
gpg: make_keysig_packet failed: Provided object is too short
Key generation failed: Provided object is too short

AdrianCohea commented on 2013-12-06 03:12

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6286d01ba33b963be30fbb4fba6f35f1b05acd17

Regrettably, per the October 8th commit by Werner Koch, ECC is unsupported by GnuPG at this time. That might have explained why I was having such difficulty getting it to work. So I agree with your assessment that we'll just have to wait.
It seems that the GnuPG git branch relies on libgcrypt 1.6 (inasmuch as ./configure fails on it), but it is not stable yet. I am still unable to build libgcrypt from source in a way that doesn't break my system.

I'll let you know if I have a breakthrough or something, but I think we're probably waiting on Mr. Koch at this point.

Cheers!

alphazo commented on 2013-11-29 08:51

Thanks for the feedback. I tried to create a libcrypt-git package but found out that 1.6.0 is not available either from ftp://ftp.gnupg.org/gcrypt/libgcrypt/ or the git repository. I guess we have to wait a little bit.

All comments