Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 334553 - mail-client/evolution unable to use gpg to sign mail
Summary: mail-client/evolution unable to use gpg to sign mail
Status: RESOLVED DUPLICATE of bug 324785
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-08-26 12:19 UTC by Robert Coffree
Modified: 2010-08-31 17:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Coffree 2010-08-26 12:19:50 UTC 
Gpg works fine for encrypting mail with evolution, however, when I attempt to sign mail, I get the following error. I have checked the link is to gpg2 and my gpg.conf contains an angent.

The error is (9854FE05 is the correct key id):

Because "gpg: no running gpg-agent - starting one
gpg: writing to `-'
gpg: DSA key 9854FE05 requires a 256 bit or larger hash
gpg: signing failed: General error
", you may need to select different mail options.

Reproducible: Always

Steps to Reproduce:
1. Run evloution and configure gpg etc
2. Choose to sign mail
3. Try to send, enter password if keyring has one
4. error appears

Actual Results:  
Error and mail not sent:
Because "gpg: no running gpg-agent - starting one
gpg: writing to `-'
gpg: DSA key 9854FE05 requires a 256 bit or larger hash
gpg: signing failed: General error
", you may need to select different mail options.

Expected Results:  
Not to see the error. Mail to be signed.
Comment 1 Marcio H Zuchini 2010-08-27 21:29:46 UTC 
(In reply to comment #0)
> Gpg works fine for encrypting mail with evolution, however, when I attempt to
> sign mail, I get the following error. I have checked the link is to gpg2 and my
> gpg.conf contains an angent.
> 
> The error is (9854FE05 is the correct key id):
> 
> Because "gpg: no running gpg-agent - starting one
> gpg: writing to `-'
> gpg: DSA key 9854FE05 requires a 256 bit or larger hash
> gpg: signing failed: General error
> ", you may need to select different mail options.
> 
> Reproducible: Always

Hi.

I ran into the same problem and the workaround was put into this forum, please take a look: http://forum.sabayon.org/viewtopic.php?f=59&t=21563#p121478

The workaround consists in to create a ~/.gnupg/gpg-agent.conf file, which is apparently missing.

Marcio.
Comment 2 Robert Coffree 2010-08-28 02:11:32 UTC 
Thanks, but I have tried that already. Encrypting works, signing doesn't.

I had seen that bug, that is why I mentioned that I had created the ~/.gnupg/gpg-agent.conf file.
Comment 3 Robert Coffree 2010-08-28 02:53:41 UTC 
When I add "use-agent" to the gpg.conf (and I have an gpg-agent.conf) I can no longer decrypt mail.

(In reply to comment #2)
> Thanks, but I have tried that already. Encrypting works, signing doesn't.
> 
> I had seen that bug, that is why I mentioned that I had created the
> ~/.gnupg/gpg-agent.conf file.
>
Comment 4 Robert Coffree 2010-08-28 02:59:20 UTC 
Ignore the decrypting part. That still works. But when I add the use-agent to the gpg.conf nothing happens - no agent is run.

(In reply to comment #3)
> When I add "use-agent" to the gpg.conf (and I have an gpg-agent.conf) I can no
> longer decrypt mail.
> 
> (In reply to comment #2)
> > Thanks, but I have tried that already. Encrypting works, signing doesn't.
> > 
> > I had seen that bug, that is why I mentioned that I had created the
> > ~/.gnupg/gpg-agent.conf file.
> > 
>
Comment 5 Hans de Graaff gentoo-dev Security 2010-08-28 06:45:26 UTC 
It looks to me like the gpg-agent errors are a red herring. The error seems to be the message about the hash. It might be bug 324785 but your key isn't publicly available so I couldn't check.
Comment 6 Robert Coffree 2010-08-28 07:20:59 UTC 
Thanks - yeah I have even started the agent in the .xinit and I get prompted for the keyring password (with or without the agent) - BUT the same configuration used to work with thunderbird.

The key is publically available, and yes the hash is 256 bits, as displayed. If that is the case then it is prob a duplicate. 

Thanks again.

(In reply to comment #5)
> It looks to me like the gpg-agent errors are a red herring. The error seems to
> be the message about the hash. It might be bug 324785 but your key isn't
> publicly available so I couldn't check.
>
Comment 7 Robert Coffree 2010-08-28 07:25:18 UTC 
gpg> showpref 
[ultimate] (1). chxanders <chxanders@gmail.com>
     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

I will try changing to the SHA1 and let you know if it worked.
Comment 8 Donnie Berkholz (RETIRED) gentoo-dev 2010-08-31 13:57:08 UTC 
Reporter -- any update on whether your change worked?
Comment 9 Gilles Dartiguelongue (RETIRED) gentoo-dev 2010-08-31 14:38:26 UTC 
evolution did not get any changes for supporting stronger hash yet afaik.

*** This bug has been marked as a duplicate of bug 324785 ***
Comment 10 Robert Coffree 2010-08-31 17:01:25 UTC 
hey it was bank holiday monday. seems to be related to the hash size, ie. not being sha1, which is the default, i am led to believe, for the 1024 DSA and RSA keys.

anyhow, this doesn't seem to be an issue for weak
> Reporter -- any update on whether your change worked? 
>