Can't use GPG key

[BasilYes]

I just created GPG key (RSA 4096 bit). With CLI and vscode it's work fine. But when I trying to commit with gitnuro, it's return error

Log for error Event: Ok(Event { kind: Access(Close(Write)), paths: ["/run/media/basilyes/bazik/Godot/projects/VFXResearch/.git/index.lock"], attr:tracker: None, attr:flag: None, attr:info: None, attr:source: None }) org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more Event: Ok(Event { kind: Remove(File), paths: ["/run/media/basilyes/bazik/Godot/projects/VFXResearch/.git/index.lock"], attr:tracker: None, attr:flag: None, attr:info: None, attr:source: None }) org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more 2023-12-20 15:54:31 ERROR slf4j:16 - TabState - Unable to find a public-key with key or user id: 7D29795930AD8E5A org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more Sending batched events to Kotlin side before this, I'm don't specify key id in git, error was the same, but with my email insted of key id.

To Reproduce I don't know how to reproduce it. Maybe

1. be on NixOS
2. try to commit with gpg key verifing

Expected behavior Commit verified with GPG

Desktop (please complete the following information):

• OS: NixOS ustable, latest version nixos-24.05pre560622.91a00709aebb
• Version flatpak 1.3.1

With jar have same error as mentioned in #192 Thanks

[JetpackDuba]

What steps have you followed to create the GPG key? Does it work with Git CLI?

[BasilYes]

What steps have you followed to create the GPG key? Does it work with Git CLI?

I followed official github guide https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key gpg --full-generate-key than select RSA 4096 bit enter my email and name enter passphrase added it to github

than git config --global commit.gpgsign true

I also added it in config, but with this command nor without it works only in CLI and vscode (not gitnuro) git config --global user.signingkey

Yes, it's work with git CLI and with vscode.

[BasilYes]

Just recreate same steps on my laptop (with NixOS unstable and gitnuro 1.3.1)

[basilyes@basilyes:~/Documents/Test]$` gpg --full-generate-key 
gpg (GnuPG) 2.4.1; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (14) Existing key from card
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Чт 19 дек 2024 20:56:50 MSK
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: BasilYes
Email address: [email protected]
Comment: 
You selected this USER-ID:
    "BasilYes <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: revocation certificate stored as '/home/basilyes/.gnupg/openpgp-revocs.d/790F7B5F4AD84365A44920F2BC5042FB9C391405.rev'
public and secret key created and signed.

pub   rsa4096 2023-12-20 [SC] [expires: 2024-12-19]
      790F7B5F4AD84365A44920F2BC5042FB9C391405
uid                      BasilYes <[email protected]>
sub   rsa4096 2023-12-20 [E] [expires: 2024-12-19]


[basilyes@basilyes:~/Documents/Test]$ git config --global commit.gpgsign true

[basilyes@basilyes:~/Documents/Test]$ git commit -m "test"
[main (root-commit) bc008a3] test
 1 file changed, 1 insertion(+)
 create mode 100644 some.txt

[basilyes@basilyes:~/Documents/Test]$ git log
commit bc008a37ca4978bd8778a9d7ae3db09e91b2def4 (HEAD -> main)
Author: BasilYes <[email protected]>
Date:   Wed Dec 20 20:58:04 2023 +0300

    test

And get same result when trying to commit Trying to specify key in git config as mentioned here https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key

[basilyes@basilyes:~/Documents/Test]$ git config --global user.signingkey BC5042FB9C391405

[basilyes@basilyes:~/Documents/Test]$ git commit -m "test2"
[main 325431f] test2
 1 file changed, 1 insertion(+), 1 deletion(-)

And get error again

[JetpackDuba]

What steps have you followed to create the GPG key? Does it work with Git CLI?

I followed official github guide https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key gpg --full-generate-key than select RSA 4096 bit enter my email and name enter passphrase added it to github

than git config --global commit.gpgsign true

I also added it in config, but with this command nor without it works only in CLI and vscode (not gitnuro) git config --global user.signingkey

Yes, it's work with git CLI and with vscode.

I've followed the exact same steps in Archlinux and it works as expected. Could it be NixOS specific? Did it work before the non-flatpak version was broked?

[BasilYes]

I've followed the exact same steps in Archlinux and it works as expected. Could it be NixOS specific? Did it work before the non-flatpak version was broked?

Yes, it's could it be NixOS specific. I didn't use NixOS nor non-flatpak version before. On my old fedora install I was try to use gpg + gitnuro flatpak, it's wasn't work too (May be other issue, I don't remember). I will try it on fedora (VM or my second drive) and give you feedback.

[BasilYes]

I just tried it on fresh install (only java-17-openjdk installed, other in default state) fedora 39 on VM (flatpak and .jar both), exact same issue. I was doing step by step exactly as in comment above

[JetpackDuba]

Thanks for testing! I'll create a VM to test it, in case there is some additional dependency/requirement that I've already got installed/configured.

[JetpackDuba]

Sorry for the late response, I needed more storage to install the VM.

In any case, I've been able to reproduce the issue, I'm debugging it and I'll let you know asap.

[JetpackDuba]

It seems that the Bouncycastle's wrapper of JGit does not support the newest format. You can use the classic format by removing the content of ~/.gnupg/common.conf and creating a new GPG key (perhaps importing it from ~/.gnupg/public-keys.d/pubring.db is possible, I'm not sure).

[BasilYes]

It seems that the Bouncycastle's wrapper of JGit does not support the newest format. You can use the classic format by removing the content of ~/.gnupg/common.conf and creating a new GPG key (perhaps importing it from ~/.gnupg/public-keys.d/pubring.db is possible, I'm not sure).

It's works, so problem solved. Thank you.

[julius-boettger]

This does not seem to be entirely NixOS specific, as I just experienced this issue on Windows 10. ~/.gnupg/common.conf doesn't exist on this system, so I can not use your mentioned work-around.

[JetpackDuba]

Uh, I haven't tested it on windows. I'll give it a try and get back to you.