3

I have an error with signing my commits by git commit -S -m 'test' and getting these errors:

error: gpg failed to sign the data
fatal: failed to write commit object

I already tried this solution and still not working right.

Also tried this and still nothing.

I have Macbook Pro 2017 with the latest macOS.

Is there any other solution how I can fix it and properly commit my commits to Github or Gitlab?

Matúš Rebroš
  • 115
  • 1
  • 9
  • Please add the results of showing your key with gpg; I suspect the key has expired. – U. Windl Dec 02 '21 at 09:26
  • @U.Windl The gpg key was today created and today set. It can be still expired? If yes how I can check it? – Matúš Rebroš Dec 02 '21 at 09:36
  • Would git display exact information about the GnuPG invocation via `GIT_TRACE=1 git commit -S -m 'test'` ? – Nickolay Olshevsky Dec 02 '21 at 11:26
  • @NickolayOlshevsky Terminal display this. 16:27:37.452431 git.c:455 trace: built-in: git commit -S -m test 16:27:37.466454 run-command.c:668 trace: run_command: gpgsm --status-fd=2 -bsau xxxxxxxxxxxxxxx error: gpg failed to sign the data fatal: failed to write commit object – Matúš Rebroš Dec 02 '21 at 15:28
  • Looks like you are trying to use S/MIME instead of OpenPGP signatures, is it by intention? This article should be helpful on further troubleshooting: https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key – Nickolay Olshevsky Dec 02 '21 at 15:34
  • Does this answer your question? ['Git: gpg failed to sign the data' in visual studio code](https://stackoverflow.com/questions/61067967/git-gpg-failed-to-sign-the-data-in-visual-studio-code) – starball Aug 15 '23 at 18:49

4 Answers4

6

I had the same issue. I solved it by:

  1. First ensure that the key is not expired: gpg --list-keys
  2. If it is still valid restart the gpg-agent: gpgconf --kill gpg-agent
  3. It should work now.
user3265569
  • 175
  • 2
  • 11
0

First, make sure to use Git 2.40 (Q1 2023), which clarifies the error message.

Git 2.36 (Q2 2022) also improves that use case: newer version of GPGSM changed its output in a backward incompatible way to break our code that parses its output.
Adjustments have been made to accommodate these changes.

See commit b0b70d5, commit fa47dd6 (04 Mar 2022) by Todd Zullinger (tmzullinger).
See commit a075e79 (04 Mar 2022) by Fabian Stelzer (FStelzer).
(Merged by Junio C Hamano -- gitster -- in commit 21b839e, 13 Mar 2022)

gpg-interface/gpgsm: fix for v2.3

Helped-By: Junio C Hamano
Helped-By: Todd Zullinger

Checking if signing was successful will now accept '[GNUPG]: SIG_CREATED' on the beginning of the first or any subsequent line.
Not just explictly the second one anymore.

Gpgsm v2.3 changed its output when listing keys from fingerprint to sha1/2 fpr.
This leads to the gpgsm tests silently not being executed because of a failed prerequisite.
Switch to gpg's --with-colons output format when evaluating test prerequisites to make parsing more robust.
This also allows us to combine the existing grep/cut/tr/echo pipe for writing the trustlist.txt into a single awk expression.

git merge --no-ff -m msg signed_tag_x509_nokey &&
GNUPGHOME=. git log --graph --show-signature -n1 plain-x509-nokey
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
0

I already had GPG on my Windows PC, and gpg --list-keys would successfully list my key in Git Bash (not in the standard Windows Command Line), however, GitHub Desktop wasn't working for me.

The solution was to add Git's GPG binary to my PATH variable. So I added C:\Program Files\Git\usr\bin to the PATH, and GitHub Desktop began working.

NOTE: If you have Git installed on your PC, you likely already have GPG installed at: C:\Program Files\Git\usr\bin\gpg.exe.

Raphael Setin
  • 557
  • 5
  • 10
0

Fixed here using this command of topic: https://github.com/microsoft/vscode/issues/130415

$ export GPG_TTY=$(tty)
$ echo "test" | gpg2 --clearsign
João Eudes Lima
  • 755
  • 1
  • 11
  • 21