[Gpg4win-users-en] gpg4win 3.0.0 - post-install errors, Qt5, Vista-32bit

Andrew Skretvedt andrew.skretvedt at gmail.com
Wed Sep 27 03:01:00 CEST 2017


Update:

TL;DR - Edit gpg-agent.conf to use an alternate pinentry program if it's 
crashing due to the Qt5 issue I hit as described in my original post. 
This doesn't fix Kleopatra (or thus make shell extensions work), but 
does make GnuPG fully functional (e.g. for command prompt use or use via 
Enigmail, etc.).

----------

Others who find themselves in the same situation as I in my original 
post can make their install of 3.0.0 more functional by editing their 
gpg-agent.conf to change which of the included pinentry executables the 
distribution is using.

This does /not/ address problems using Kleopatra, it remains broken. 
But, I hardly use it myself, preferring to do most of my interaction 
with GnuPG from a command prompt. Enigmail is unaffected. However, under 
these ways of use, you'll still have occasions where you need to enter 
passphrases set on keys, which makes use of a separate executable, 
"pinentry.exe".

The default in 3.0.0 is one which uses Qt5, a library that seems broken 
at least for Vista-32bit systems and appears responsible for Kleopatra 
not working. When you hit an operation which requires pinentry.exe, you 
get an error and the operation fails.

But, a little curious inspection showed that the maintainers have 
helpfully included other variants of pinentry that use other libraries 
instead. To get GnuPG to use one of the functional variants, you can 
supply a configuration option.

My installation's gpg-agent.conf was located at:

%USERPROFILE%\AppData\Roaming\gnupg\gpg-agent.conf

yours may be slightly different place, depending on Windows version. 
Inside, look for an option "pinentry-program", or if it doesn't exist, 
add a line at the bottom.

pinentry-program "C:\Program Files\gpg4win\bin\pinentry-w32.exe"

Adjust the exact path to match your gpg4win installation. Visiting the 
directory, you'll see that there are several pinentry variants to select 
from. Experiment to find one that suits you best. If gpg-agent was 
already running in the background due to previous activity, you will 
have to force it to reload to get the new configuration. Do that from 
the command prompt with:

 >gpgconf --reload gpg-agent

You can test your pinentry is working by asking gpg to do a symmetric 
encryption:

 >gpg -c

Which will launch pinentry to obtain a passphrase to use. Proceeding 
further is not important, all you want to know is that pinentry launched 
successfully, just click cancel.

Pinentry will inform you on its dialog of the key whose passphrase is 
being requested, when not doing symmetric encryption. I found on my 
system, the combination of dialog box size and font cause this prompting 
information to run underneath the text entry box and be obscured when 
using pinentry-w32.exe. This did not happen when I tried the GTK2 
variant. So, experiment if you see any issues.

This has fixed things well enough for me that I will just keep 3.0.0 
installed while waiting to see if the maintainers can confirm my 
experience, Kleopatra is almost never needed for the way I usually use 
GnuPG. Users wanting that GUI experience however will be following this 
thread's development.

Hope this helps!

Any list member who knows, please confirm the Qt5 issue from the OP, thanks.

-Andrew

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 558 bytes
Desc: OpenPGP digital signature
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20170927/8a189da6/attachment.asc>


More information about the Gpg4win-users-en mailing list