Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not support a GPG key without passphrase? #175

Open
y-yu opened this issue Jun 6, 2020 · 0 comments
Open

Not support a GPG key without passphrase? #175

y-yu opened this issue Jun 6, 2020 · 0 comments

Comments

@y-yu
Copy link

y-yu commented Jun 6, 2020

steps

  1. Create a GPG key without passphrase

    $ echo -n "" | gpg --batch --yes --pinentry-mode loopback --generate-key --passphrase-fd 0
    • We can show the key which was created by the above 👆 command: 
      $ gpg --list-key
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2022-06-06
/Users/yyu/.gnupg/pubring.kbx
-----------------------------
pub   rsa2048 2020-06-06 [SC]
      79A59AA4B803AC2E84AD07CB94EAC92505728B03
uid           [ultimate] Yoshimura Hikaru <yyu@mental.poker>
sub   rsa2048 2020-06-06 [E]
 
pub   rsa2048 2020-06-06 [SC] [expires: 2022-06-06]
      847ED2CFC1CA4A87C8940A267EB6F97B499527B3
uid           [ultimate] Password Less <passwordless@exapmle.com>
sub   rsa2048 2020-06-06 [E] [expires: 2022-06-06]
    • Or if you have already had a PGP key without passphrase then run this command to import it 
      $ gpg --batch --import $HOME/.sbt/gpg/secring.asc

  2. Write build.sbt:

    Global / pgpPassphrase := Some(Array())

    or

    Global / pgpPassphrase := None

  3. Run sbt release

  4. Fail to sign

Information

sbt-pgp version: 2.0.1
sbt version: 1.3.12
gnupg version: 2.2.20

Initial gpg keys state:

$ gpg --list-key
/Users/yyu/.gnupg/pubring.kbx
-----------------------------
pub   rsa2048 2020-06-06 [SC]
      79A59AA4B803AC2E84AD07CB94EAC92505728B03
uid           [ultimate] Yoshimura Hikaru <yyu@mental.poker>
sub   rsa2048 2020-06-06 [E]

And run those command for gpg output

export GPG_TTY=$(tty)
export LANG=C

problem

sbt-pgp will not sign by the key and fail due to GPG error.

When Global / pgpPassphrase := None 
[error] gpg: using "89E12D0E3E013585D82565D91EE07D3261CE4CA6" as default secret key for signing
[error] gpg: signing failed: No passphrase given
[error] gpg: signing failed: No passphrase given
[error] java.lang.RuntimeException: Failure running 'gpg --detach-sign --armor --use-agent --output /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom.asc /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom'.  Exit code: 2
[error]         at scala.sys.package$.error(package.scala:30)
[error]         at com.jsuereth.sbtpgp.CommandLineGpgSigner.sign(PgpSigner.scala:48)
[error]         at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$2(PgpSettings.scala:151)
[error]         at scala.collection.TraversableLike.$anonfun$flatMap$1(TraversableLike.scala:245)
[error]         at scala.collection.immutable.Map$Map4.foreach(Map.scala:236)
[error]         at scala.collection.TraversableLike.flatMap(TraversableLike.scala:245)
[error]         at scala.collection.TraversableLike.flatMap$(TraversableLike.scala:242)
[error]         at scala.collection.AbstractTraversable.flatMap(Traversable.scala:108)
[error]         at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$1(PgpSettings.scala:146)
[error]         at scala.Function1.$anonfun$compose$1(Function1.scala:49)
[error]         at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:62)
[error]         at sbt.std.Transform$$anon$4.work(Transform.scala:67)
[error]         at sbt.Execute.$anonfun$submit$2(Execute.scala:281)
[error]         at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:19)
[error]         at sbt.Execute.work(Execute.scala:290)
[error]         at sbt.Execute.$anonfun$submit$1(Execute.scala:281)
[error]         at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:178)
[error]         at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error]         at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error]         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error]         at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error]         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error]         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error]         at java.lang.Thread.run(Thread.java:748)
[error] (signedArtifacts) Failure running 'gpg --detach-sign --armor --use-agent --output /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom.asc /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom'.  Exit code: 2
When Global / pgpPassphrase := Some(Array()) 
[error] gpg: using "89E12D0E3E013585D82565D91EE07D3261CE4CA6" as default secret key for signing
[error] gpg: signing failed: No passphrase given
[error] gpg: signing failed: No passphrase given
[error] java.lang.RuntimeException: Failure running 'gpg --batch --passphrase  --detach-sign --armor --use-agent --output /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom.asc /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom'.  Exit code: 2
[error]         at scala.sys.package$.error(package.scala:30)
[error]         at com.jsuereth.sbtpgp.CommandLineGpgSigner.sign(PgpSigner.scala:48)
[error]         at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$2(PgpSettings.scala:151)
[error]         at scala.collection.TraversableLike.$anonfun$flatMap$1(TraversableLike.scala:245)
[error]         at scala.collection.immutable.Map$Map4.foreach(Map.scala:236)
[error]         at scala.collection.TraversableLike.flatMap(TraversableLike.scala:245)
[error]         at scala.collection.TraversableLike.flatMap$(TraversableLike.scala:242)
[error]         at scala.collection.AbstractTraversable.flatMap(Traversable.scala:108)
[error]         at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$1(PgpSettings.scala:146)
[error]         at scala.Function1.$anonfun$compose$1(Function1.scala:49)
[error]         at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:62)
[error]         at sbt.std.Transform$$anon$4.work(Transform.scala:67)
[error]         at sbt.Execute.$anonfun$submit$2(Execute.scala:281)
[error]         at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:19)
[error]         at sbt.Execute.work(Execute.scala:290)
[error]         at sbt.Execute.$anonfun$submit$1(Execute.scala:281)
[error]         at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:178)
[error]         at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error]         at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error]         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error]         at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error]         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error]         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error]         at java.lang.Thread.run(Thread.java:748)
[error] (signedArtifacts) Failure running 'gpg --batch --passphrase  --detach-sign --armor --use-agent --output /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom.asc /Users/yyu/Desktop/excel-reads/target/scala-2.13/excel-reads_2.13-0.2.1.pom'.  Exit code: 2
  • In these two cases: pgpPassphrase := Some(Array()) or None, there is a bit differences for gpg commands
    • If None, --batch and --passphrase is gone away
    • but if Some(Array()) then those options exist
  • The GPG wizard to enter the passphrase was shown in the both cases
    • image

expectation

  • Get the same result on useGpg := false

notes

  • Use Global / useGpg := false, the key work well
  • It would be caused by GPG's problem? 🤔
    • I tried to find the way how to sign a key without passphrase using --yes, --pinentry-mode loopback and --passphrase-fd 0 but still fail
    • Likewise I cannot add a passphrase to the key without passphrase generated by step (1)
      • Is there any reason why gpg cannot add passphrase even though it can generate keys without passphrase? I don't see it
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@y-yu