trezor-agent icon indicating copy to clipboard operation
trezor-agent copied to clipboard
verified publisher icon romanz

gpg: signing failed: End of file

Open Pandapip1 opened this issue 2 years ago • 4 comments

On windows, when I try to use trezor-agent, I get the following error:

(trezor) PS C:\Users\gavin\source\bin\trezor> gpg --sign .\pyvenv.cfg
gpg: using "[REDACTED]" as default secret key for signing
gpg: signing failed: End of file
gpg: signing failed: End of file

When the command window opens, it lasts for about 5 seconds before throwing the following error (yes, I ran it about 10 times until I was able to get a screenshot after it errored before it closed.)

image

Pandapip1 avatar Sep 23 '23 03:09 Pandapip1

@SlugFiller could you please take a look?

romanz avatar Sep 23 '23 13:09 romanz

At a glance, it seems to be trying to run pinentry, and failing. It's not failing very gracefully, which is unfortunate (and will be fixed by an upcoming PR). But a fail is a fail regardless.

On Windows, pinentry is bundled with Gpg4Win. You can try to debug if and why yours is missing as so:

C:\Docs\Programs\trezor-agent>gpgconf --list-components
gpg:OpenPGP:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\gpg.exe
gpgsm:S/MIME:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\gpgsm.exe
keyboxd:Public Keys:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\keyboxd.exe
gpg-agent:Private Keys:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\gpg-agent.exe
scdaemon:Smartcards:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\scdaemon.exe
dirmngr:Network:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\bin\dirmngr.exe
pinentry:Passphrase Entry:D%3a\Program Files (x86)\Gpg4win\..\GnuPG\..\Gpg4win\bin\pinentry.exe
C:\Docs\Programs\trezor-agent>"D:\Program Files (x86)\Gpg4win\..\GnuPG\..\Gpg4win\bin\pinentry.exe"
Please note that you don't have secure memory on this system
OK Pleased to meet you
SETDESC test
OK
MESSAGE
OK
^Z

If there is no pinentry entry, or gpgconf does not run, there may be an issue with your Gpg4Win installation.

SlugFiller avatar Sep 23 '23 15:09 SlugFiller

Looking at it more carefully, there's indeed a bug. The cause is in libagent/gpg/__init__.py in run_agent. This

         p.add_argument('--daemon', default=False, action='store_true',
                        help='daemonize the agent')
 
    p.add_argument('--pin-entry-binary', type=str, default='pinentry',
                    help='path to PIN entry UI helper')
    p.add_argument('--passphrase-entry-binary', type=str, default='pinentry',
                    help='path to passphrase entry UI helper')
    p.add_argument('--cache-expiry-seconds', type=float, default=float('inf'),
                    help='expire passphrase from cache after this duration')
 
     args, _ = p.parse_known_args()

Needs to be changed to this:

         p.add_argument('--daemon', default=False, action='store_true',
                        help='daemonize the agent')
 
    p.add_argument('--pin-entry-binary', type=str, default=argparse.SUPPRESS,
                    help='path to PIN entry UI helper')
    p.add_argument('--passphrase-entry-binary', type=str, default=argparse.SUPPRESS,
                    help='path to passphrase entry UI helper')
    p.add_argument('--cache-expiry-seconds', type=float, default=argparse.SUPPRESS,
                    help='expire passphrase from cache after this duration')
 
     args, _ = p.parse_known_args()

I'll add this fix to my GPG PR, since I'm in the process of rebasing and retesting it anyway.

SlugFiller avatar Sep 23 '23 18:09 SlugFiller

Can confirm; that code is what causes the error. For now, I've manually edited that relevant file.

Pandapip1 avatar Sep 27 '23 23:09 Pandapip1