Package: libgpgme11 Version: 1.6.0-1 Severity: normal libgpgme seems to have problems handling my new RSA 4096 bit key. In my case, this is breaking reprepro (CC'ing maintainer of that).
Having the same problem as this person on Server Fault: http://serverfault.com/questions/770130/reprepro-export-could-not-find-signing-key Using gpg-connect-agent's KEYINFO command, and the logging suggestion from that serverfault post, it seems like gpgme is computing the wrong keygrip(s) for the key. It sends a HAVEKEY with two keygrips, neither of which match the keygrips listed by KEYINFO --list. In the context of reprepro, I'm providing it the SignWith option and giving the 8 digit hex ID of my new key. This works fine when passed to e.g. gpg --list-secret-keys. But reprepro complains: Could not find any key matching '4A3CC4E9'! Based on the gpgme failure. If I give the hex ID for my old DSA key, it works fine. -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.3.0-1-amd64 (SMP w/12 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libgpgme11 depends on: ii gnupg2 2.1.11-6 ii libassuan0 2.4.2-3 ii libc6 2.22-6 ii libgpg-error0 1.21-2 libgpgme11 recommends no packages. Versions of packages libgpgme11 suggests: pn gpgsm <none> -- no debconf information
