Created
February 11, 2021 13:09
-
-
Save cmoulliard/e5c56d34f690b719c66e95ec79a676ef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pkill gpg-agent | |
rm -f dummy.{txt,txt.asc} | |
echo "This is a dummy file" > dummy.txt | |
rm -rf .gnupg && mkdir -p .gnupg && chmod 700 .gnupg | |
gpg -a --export > .gnupg/pubring.gpg | |
gpg -a --export-secret-keys > .gnupg/secring.gpg | |
chmod 600 .gnupg/*.gpg | |
pkill gpg-agent | |
gpg --use-agent \ | |
--local-user 4BD5F787F27F97744BC09E019C1CA69653E98E56 \ | |
--armor --detach-sign \ | |
--no-default-keyring \ | |
--secret-keyring .gnupg/secring.gpg \ | |
--keyring .gnupg/pubring.gpg \ | |
--output dummy.txt.asc \ | |
dummy.txt | |
gpg: [don't know]: invalid packet (ctb=2d) | |
gpg: keydb_search failed: Invalid packet | |
gpg: skipped "4BD5F787F27F97744BC09E019C1CA69653E98E56": Invalid packet | |
gpg: signing failed: Invalid packet | |
gpg --use-agent \ | |
--homedir .gnupg \ | |
--local-user 4BD5F787F27F97744BC09E019C1CA69653E98E56 \ | |
--armor --detach-sign \ | |
--no-default-keyring \ | |
--secret-keyring .gnupg/secring.gpg \ | |
--keyring .gnupg/pubring.gpg \ | |
--output dummy.txt.asc \ | |
dummy.txt | |
gpg: starting migration from earlier GnuPG versions | |
gpg: porting secret keys from '/Users/cmoullia/.jenkins/workspace/.gnupg/secring.gpg' to gpg-agent | |
gpg: [don't know]: invalid packet (ctb=2d) | |
gpg: read_block: read error: Invalid packet | |
gpg: import from '/Users/cmoullia/.jenkins/workspace/.gnupg/secring.gpg' failed: Invalid keyring | |
gpg: [don't know]: invalid packet (ctb=2d) | |
gpg: keydb_search failed: Invalid packet | |
gpg: skipped "4BD5F787F27F97744BC09E019C1CA69653E98E56": Invalid packet | |
gpg: signing failed: Invalid packet |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I understand the problem now (at least on macos ;-) )
Test case 1: Same scenario as what mvn gpg:sign does on jenkins**
If we dont pass the
passphrase
, then the command is executed, gpg-agent is launched but when secret keys are imported, that will fail asno user passphrase prompt
has been asked. So we gotctb=00
Test case 2: Same but without homeDir
If now, I remove the
--homedir 50_ReleaseBOMUpstream/.gnupg
, then process will work aspasshrase
will be prompted by the gpg-agent as it uses my home gnugpg folder. Why: IDK but that will work using this command :-)Test case 3. Same as Test 2 but we echo password
We could think that passing the password will help but ....