search

flathub / org.gnu.emacs

https://flathub.org/apps/details/org.gnu.emacs
14 stars 17 forks source link

Using gpg from Emacs #75

Open sajith opened 1 month ago

sajith commented 1 month ago

Since Emacs 28 has a bug that affects me, I'm trying to use Emacs 29.3 flatpak on Debian 12. Debian 12 has Flatpak 1.14.4. I'm stuck a little, because I can't sign my commit messages, which is a requirement in some of the projects that I work on.

When I try to do git commits using magit from Emacs flatpak, I get this error message:

error: gpg failed to sign the data:
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.5)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
[GNUPG:] WARNING server_version_mismatch 0 server 'gpg-agent' is older than us (2.2.40 < 2.4.5)
gpg: problem with fast path key listing: IPC parameter error - ignored
[GNUPG:] KEY_CONSIDERED 22D9BFBA256B7BFA7B16187C0C6DA6A29D5F02BA 2
[GNUPG:] BEGIN_SIGNING H10
[GNUPG:] PINENTRY_LAUNCHED 740866 gnome3 1.2.1 - dumb :0 - 1000/1000 -
gpg: signing failed: pinentry error
[GNUPG:] FAILURE sign 83886166
gpg: signing failed: pinentry error

fatal: failed to write commit object

Another problem: my (setq auth-sources '("~/.authinfo.gpg")) line also do not work.

Error while decrypting with "/usr/bin/gpg":

gpg: encrypted with rsa4096 key, ID 0x33E4FE3E31593C6C, created 2015-04-22
      "Sajith <sajith@example.com>"
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.5)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: using "0x0C6DA6A29D5F02BA" as default secret key for signing
gpg: problem with fast path key listing: IPC parameter error - ignored
gpg: public key decryption failed: pinentry error
gpg: decryption failed: pinentry error

I don't quite understand this. It seems to me that flatpak Emacs ships its own gpg, which is newer than what's on Debian 12. Can't the gpg in Emacs flatpak talk to its own gpg-agent then?

How can I make this work?

sajith commented 1 month ago

Adding (setq epg-pinentry-mode 'loopback) to .emacs seems to help. This causes Emacs to read gpg passphrase from minibuffer.

sajith commented 1 month ago

Turns out that (setq epg-pinentry-mode 'loopback) does not help. I'm still getting the first error message when doing a git commit.