Can't use GPG key
BasilYes opened this issue · comments
I just created GPG key (RSA 4096 bit). With CLI and vscode it's work fine. But when I trying to commit with gitnuro, it's return error
Log for error
Event: Ok(Event { kind: Access(Close(Write)), paths: ["/run/media/basilyes/bazik/Godot/projects/VFXResearch/.git/index.lock"], attr:tracker: None, attr:flag: None, attr:info: None, attr:source: None }) org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more Event: Ok(Event { kind: Remove(File), paths: ["/run/media/basilyes/bazik/Godot/projects/VFXResearch/.git/index.lock"], attr:tracker: None, attr:flag: None, attr:info: None, attr:source: None }) org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more 2023-12-20 15:54:31 ERROR slf4j:16 - TabState - Unable to find a public-key with key or user id: 7D29795930AD8E5A org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) at com.jetpackduba.gitnuro.git.AppGpgSigner.access$signObject$s1305249012(AppGpgSigner.kt:17) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:58) at com.jetpackduba.gitnuro.git.AppGpgSigner$signObject$1.invoke(AppGpgSigner.kt:56) at com.jetpackduba.gitnuro.git.AppGpgSigner.retryIfWrongPassphrase(AppGpgSigner.kt:74) at com.jetpackduba.gitnuro.git.AppGpgSigner.signObject(AppGpgSigner.kt:56) at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:336) at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:283) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invokeSuspend(DoCommitUseCase.kt:47) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase$invoke$2.invoke(DoCommitUseCase.kt) at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:89) at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:169) at kotlinx.coroutines.BuildersKt.withContext(Unknown Source) at com.jetpackduba.gitnuro.git.workspace.DoCommitUseCase.invoke(DoCommitUseCase.kt:25) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invokeSuspend(StatusViewModel.kt:312) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.viewmodels.StatusViewModel$commit$1.invoke(StatusViewModel.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invokeSuspend(TabState.kt:136) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1$2.invoke(TabState.kt) at com.jetpackduba.gitnuro.extensions.StateManagementUtilsKt.delayedStateChange(StateManagementUtils.kt:21) at com.jetpackduba.gitnuro.git.TabState$safeProcessing$job$1.invokeSuspend(TabState.kt:124) at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a public-key with key or user id: 7D29795930AD8E5A at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:438) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) at org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) ... 30 more Sending batched events to Kotlin side
before this, I'm don't specify key id in git, error was the same, but with my email insted of key id.
To Reproduce
I don't know how to reproduce it. Maybe
- be on NixOS
- try to commit with gpg key verifing
Expected behavior
Commit verified with GPG
Desktop (please complete the following information):
- OS: NixOS ustable, latest version nixos-24.05pre560622.91a00709aebb
- Version flatpak 1.3.1
With jar have same error as mentioned in #192
Thanks
What steps have you followed to create the GPG key? Does it work with Git CLI?
What steps have you followed to create the GPG key? Does it work with Git CLI?
I followed official github guide https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
gpg --full-generate-key
than select RSA
4096 bit
enter my email and name
enter passphrase
added it to github
than
git config --global commit.gpgsign true
I also added it in config, but with this command nor without it works only in CLI and vscode (not gitnuro)
git config --global user.signingkey
Yes, it's work with git CLI and with vscode.
Just recreate same steps on my laptop (with NixOS unstable and gitnuro 1.3.1)
[basilyes@basilyes:~/Documents/Test]$` gpg --full-generate-key
gpg (GnuPG) 2.4.1; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(9) ECC (sign and encrypt) *default*
(10) ECC (sign only)
(14) Existing key from card
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Чт 19 дек 2024 20:56:50 MSK
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: BasilYes
Email address: basilyevs@gmail.com
Comment:
You selected this USER-ID:
"BasilYes <basilyevs@gmail.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: revocation certificate stored as '/home/basilyes/.gnupg/openpgp-revocs.d/790F7B5F4AD84365A44920F2BC5042FB9C391405.rev'
public and secret key created and signed.
pub rsa4096 2023-12-20 [SC] [expires: 2024-12-19]
790F7B5F4AD84365A44920F2BC5042FB9C391405
uid BasilYes <basilyevs@gmail.com>
sub rsa4096 2023-12-20 [E] [expires: 2024-12-19]
[basilyes@basilyes:~/Documents/Test]$ git config --global commit.gpgsign true
[basilyes@basilyes:~/Documents/Test]$ git commit -m "test"
[main (root-commit) bc008a3] test
1 file changed, 1 insertion(+)
create mode 100644 some.txt
[basilyes@basilyes:~/Documents/Test]$ git log
commit bc008a37ca4978bd8778a9d7ae3db09e91b2def4 (HEAD -> main)
Author: BasilYes <basilyevs@gmail.com>
Date: Wed Dec 20 20:58:04 2023 +0300
test
And get same result when trying to commit
Trying to specify key in git config as mentioned here https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key
[basilyes@basilyes:~/Documents/Test]$ git config --global user.signingkey BC5042FB9C391405
[basilyes@basilyes:~/Documents/Test]$ git commit -m "test2"
[main 325431f] test2
1 file changed, 1 insertion(+), 1 deletion(-)
And get error again
What steps have you followed to create the GPG key? Does it work with Git CLI?
I followed official github guide https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
gpg --full-generate-keythan select RSA 4096 bit enter my email and name enter passphrase added it to githubthan
git config --global commit.gpgsign trueI also added it in config, but with this command nor without it works only in CLI and vscode (not gitnuro)
git config --global user.signingkeyYes, it's work with git CLI and with vscode.
I've followed the exact same steps in Archlinux and it works as expected. Could it be NixOS specific? Did it work before the non-flatpak version was broked?
I've followed the exact same steps in Archlinux and it works as expected. Could it be NixOS specific? Did it work before the non-flatpak version was broked?
Yes, it's could it be NixOS specific. I didn't use NixOS nor non-flatpak version before. On my old fedora install I was try to use gpg + gitnuro flatpak, it's wasn't work too (May be other issue, I don't remember). I will try it on fedora (VM or my second drive) and give you feedback.
I just tried it on fresh install (only java-17-openjdk installed, other in default state) fedora 39 on VM (flatpak and .jar both), exact same issue. I was doing step by step exactly as in comment above
Thanks for testing! I'll create a VM to test it, in case there is some additional dependency/requirement that I've already got installed/configured.
Sorry for the late response, I needed more storage to install the VM.
In any case, I've been able to reproduce the issue, I'm debugging it and I'll let you know asap.
It seems that the Bouncycastle's wrapper of JGit does not support the newest format. You can use the classic format by removing the content of ~/.gnupg/common.conf and creating a new GPG key (perhaps importing it from ~/.gnupg/public-keys.d/pubring.db is possible, I'm not sure).
It seems that the Bouncycastle's wrapper of JGit does not support the newest format. You can use the classic format by removing the content of
~/.gnupg/common.confand creating a new GPG key (perhaps importing it from~/.gnupg/public-keys.d/pubring.dbis possible, I'm not sure).
It's works, so problem solved. Thank you.