tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/36885-dbg-armor-keys-failedGPGTools: Discussion 2016-02-24T12:28:28Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-03-29T06:46:53Z2015-03-29T06:46:56ZDBG: armor-keys-failed<div><p>I forgot to mention I receive the errors when trying to refresh
my keys.</p>
<p>Thanks.</p></div>Michaeltag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-03-29T12:30:55Z2015-03-29T12:30:55ZDBG: armor-keys-failed<div><p>Hi Michael,</p>
<p>thanks for the report. MacGPG2 2.0.27 brought some changes to
the way weak keys are handled. MD5 is broken and keys using MD5 are
considered weak and should no longer be used.</p>
<p>While the above is somewhat a nifty feature, the way this is
currently presented to the user and some other behavior is far from
ideal. We are still investigating why this is happening and how to
improve the situation.</p>
<p>We have a ticket for this problem. I connected this discussion
with the existing ticket. That means, should this discussion get
closed, it will be re-opened as soon as the ticket is closed. That
way you'll receive a notification. Feel free to open a new
discussions should you run into further problems or need
assistance.</p>
<p>All the best,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-03-31T12:16:29Z2015-03-31T12:16:29ZDBG: armor-keys-failed<div><p>Hi Michael,</p>
<p>this issue has been fixed in Libmacgpg. If you want to test the
fix, please download our <a href="https://releases.gpgtools.org/nightlies/">latest nightly GPG
Suite</a>. That page also has sig and SHA1 to verify the
download.</p>
<p>if you have <code>allow-weak-digest-algos</code>in your
gpg.conf, please remove it.</p>
<p>Best, steve</p>
<p>Disclaimer: This is a development version which has not been
thoroughly tested yet, so bugs or crashes are to be expected.
Thanks for helping us test this fix.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-09T16:19:51Z2015-04-09T16:20:01ZDBG: armor-keys-failed<div><p>I had a similar problem with a MD5 self-signed key:<br>
- I couldn't import a new UID for a key already in my keychain -
then I forced the import with the option allow-non-selfsigned-uid -
the fingerprint of the key was displayed as 0000 0000 ... 0000</p>
<p>Now I installed the nightly build, and the fingerprint is
displayed correctly. But I can not use the key to encrypt emails
(the lock button in the Apple-Mail window is disabled).</p>
<p>Is there any way to enable MD5 self-signed keys for
encryption?</p>
<p>Best</p></div>kinnlatag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-10T18:54:53Z2015-04-10T18:54:53ZDBG: armor-keys-failed<div><p>Kinnla, MD5 keys are considered weak and should not be used
anymore. The best idea is to create a stronger key.</p>
<p>Comment 3 mentions how to modify the gpg.conf and allow weak
digest algos. But this lowers overall security and is totally not
recommended to be used.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-10T22:10:01Z2015-04-12T10:35:36ZDBG: armor-keys-failed<div><p>Thx, Steve! This option works for me.<br>
My friend will update her key when there is a chance (she is not an
expert). But for now it's good we found a workaround, so we can
continue our secure communication.</p></div>kinnlatag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-12T11:46:11Z2015-04-12T11:46:11ZDBG: armor-keys-failed<div><p>ok, thanks for the feedback. Well the communication isn't really
secure if weak keys are used.</p>
<p>Maybe you can assist your friend with the key transition. Here's
our KB-article covering that: <a href="https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/add-self-signature-to-an-old-key-which-does-not-have-one">
https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/add-self-signatu...</a></p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-15T02:09:12Z2015-04-15T02:09:13ZDBG: armor-keys-failed<div><p>I've updated to the latest nightly build (1317n) but I still
receive the error:</p>
<p>gpg: Note: signatures using the MD5 algorithm are rejected</p>
<p>The error occurs when refreshing my keychain and is not
associated with my key pair, but other's.</p>
<p>Is there a way to quickly identify keys using the MD5
algorithm?</p>
<p>Thanks for the help!</p></div>Michaeltag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-15T21:51:04Z2015-04-15T21:51:05ZDBG: armor-keys-failed<div><p>I get this error on Windows</p>
<p>C:\Users\ccook\AppData\Roaming\gnupg>gpg --version<br>
gpg (GnuPG) 2.0.27 (Gpg4win 2.2.4)<br>
libgcrypt 1.6.3<br>
[...] Home: C:/Users/ccook/AppData/Roaming/gnupg<br>
Supported algorithms:<br>
Pubkey: RSA, RSA, RSA, ELG, DSA<br>
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256,
TWOFISH,<br>
CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: MD5, SHA1, RIPEMD160,
SHA256, SHA384, SHA512, SHA224<br>
Compression: Uncompressed, ZIP, ZLIB, BZIP2</p>
<p>I'm not using md5.</p>
<p>gpg/card> fetch<br>
gpg: requesting key 1010D2A0 from https server codycook.us<br>
gpg: DBG: armor-keys-failed (KEY
0xF540DB52FCF5143FF3CB270DEB6932081010XXXX BEGIN<br>
) ->0 gpg: DBG: armor-keys-failed (KEY
0xF540DB52FCF5143FF3CB270DEB6932081010XXXX FAILED 1<br>
) ->1 gpg: no valid OpenPGP data found.<br>
gpg: Total number processed: 0<br>
gpg: keyserver communications error: keyserver helper internal
error<br>
gpg: keyserver communications error: General error</p></div>Codytag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-04-15T21:53:27Z2015-04-15T21:53:30ZDBG: armor-keys-failed<div><p>I think I know my problem though, so nevermind. I think I saw it
right as I hit comment.</p></div>Codytag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-05-13T11:11:52Z2015-05-25T15:22:27ZDBG: armor-keys-failed<div><p>To identify keys using md5 you can run the following
command:</p>
<pre>
<code>gpg2 --fingerprint</code>
</pre>
<p>Every key which a fingerprint only consisting zeros, is a weak
key.<br>
This works only, if you haven't set allow-weak-digest-algos in your
gpg.conf.</p></div>Mentotag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-05-25T15:25:42Z2015-05-25T15:25:42ZDBG: armor-keys-failed<div><p>Are issues persisting for anybody using the latest <a href="https://releases.gpgtools.org/nightlies/">nightly build</a>?</p>
<p>Michael where you able to identify the problematic key?</p>
<p>All the best, steve</p>
<p>Disclaimer: This is a development version which has not been
thoroughly tested yet - bugs or crashes are to be expected. Thanks
for helping us test.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-07-18T15:17:07Z2015-07-19T04:25:42ZDBG: armor-keys-failed<div><p>I had the same problem when receiving keys using the 2015.06
release, but the 1382n nightly seems to have fixed the problem.</p></div>hcbtag:gpgtools.tenderapp.com,2011-11-04:Comment/364151572015-07-20T22:36:57Z2015-07-20T22:36:57ZDBG: armor-keys-failed<div><p>Hi hcb,</p>
<p>there were several issues with key import and the nightly GPG
Suite has become a lot more tolerant, when it comes to odd
formatted public keys.</p>
<p>Thanks for your feedback and glad things did work out fine using
the nightly build.</p>
<p>I'm closing this discussion. If you need further assistance or
have questions you can re-open this discussion here or open a new
one any time.</p>
<p>Best, steve</p></div>Steve