Re: cv25519 key support on devotee

To: debian-vote@lists.debian.org
Subject: Re: cv25519 key support on devotee
From: Shengjing Zhu <zhsj@debian.org>
Date: Thu, 29 Sep 2022 00:29:32 +0800
Message-id: <[🔎] YzR2bIwjPVo6vMeB@local.zhsj.me>
In-reply-to: <[🔎] YzReZn56ZUkgs0BG@roeckx.be>
References: <[🔎] CAFyCLW8T1ZOFVx_vpR9GpsUOHQiiTw+9KGpmnHrNqm6-w2t_rw@mail.gmail.com> <[🔎] YzPaHpPy81dUUZAK@roeckx.be> <[🔎] YzQFjKVFVOM30Kjg@local.zhsj.me> <[🔎] YzReZn56ZUkgs0BG@roeckx.be>

On Wed, Sep 28, 2022 at 04:47:02PM +0200, Kurt Roeckx wrote:
> On Wed, Sep 28, 2022 at 04:27:56PM +0800, Shengjing Zhu wrote:
> > On Wed, Sep 28, 2022 at 07:22:38AM +0200, Kurt Roeckx wrote:
> > > On Mon, Sep 26, 2022 at 12:51:48AM +0800, Shengjing Zhu wrote:
> > > > Hi,
> > > > 
> > > > Is there any plan to support cv25519 key on devotee?
> > > > 
> > > > Or could devotee send unencrypted ack to the voter?  I really don't
> > > > mind the vote secrecy... But I want to see my vote hash. I see dvt-ack
> > > > has something like Encrypted_Ack option, but I'm not sure if it can be
> > > > run manually to send individual ack (I'm not good at reading perl
> > > > scripts).
> > > > 
> > > > Please CC me as I don't subscribe -vote.
> > > 
> > > I've been unable to get encrypting using libgnupg-interface-perl to
> > > work with gnupg 2. In bullseye it at least claims the support both
> > > 1.4 and 2.2, but I can't get it to work with either. So I'm
> > > currently stuck with the libgnupg-interface-perl version from buster
> > > and gnupg 1.4.
> > > 
> > > As far as I understand of what is going wrong is that gnupg tries to
> > > write to the status fd, but libgnupg-interface-perl is trying to read
> > > gnupg's stdout and they just deadlock.
> > > 
> > 
> > After a quick checking the changelog of libgnupg-interface-perl,
> > I think it is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016125
> > 
> > It has been fixed in bullseye-backports(1.02-2~bpo11+1).
> > Could you try with that?
> 
> That doesn't fix anything.
> 

I did some hack on dvt-ack in a sid chroot, now I get something working.

1. As you said, there's some deadlock in the status fd. But I find the status
   value is not used anywhere except for logging.

   So just removing `status => $status_fh` in `GnuPG::Handles->new`.
   And anything about status_fh.

2. The `--secret-keyring` option is obsolete in gnupg2.

   So I hacked it by removing it, and point homedir to the real home, which
   should have private-keys-v1.d directory.

   And remove `--no-default-keyring` option.

Now dvt-ack can encrypt and sign with gnupg2.

Hope this can help someone to come up with a clean patch.

Reply to:

References:
- cv25519 key support on devotee
  - From: Shengjing Zhu <zhsj@debian.org>
- Re: cv25519 key support on devotee
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: cv25519 key support on devotee
  - From: Shengjing Zhu <zhsj@debian.org>
- Re: cv25519 key support on devotee
  - From: Kurt Roeckx <kurt@roeckx.be>

Prev by Date: Re: cv25519 key support on devotee
Next by Date: Re: cv25519 key support on devotee
Previous by thread: Re: cv25519 key support on devotee
Next by thread: Re: cv25519 key support on devotee
Index(es):
- Date
- Thread