Yesterday
Yesterday
ikloecker placed T5708: Kleopatra: Configure expiration date default in config up for grabs.
ikloecker placed T5690: Kleopatra: Custom placeholder text in newcertificatewizard up for grabs.
ikloecker placed T5689: Kleopatra: Make config pages hideable again up for grabs.
ikloecker placed T5688: Kleopatra: Configure to hide CSR creation up for grabs.
ikloecker changed the status of T5715: Kleopatra: After importing a secret key and setting ownertrust in the dialog the key is not updated from Open to Testing.
Should be fixed. It's possible that the changes in KeyCache now cause unwanted recursion if some listener to keyListingDone() triggers a new key listing by some operation. This needs to be fixed for each listener separately.
ikloecker committed rLIBKLEOf5f757504454: Allow new refresh job if the previous job is done (authored by ikloecker).
Allow new refresh job if the previous job is done
ikloecker committed rKLEOPATRAfb35bf858ded: Prevent recursion if post processing triggers another key listing (authored by ikloecker).
Prevent recursion if post processing triggers another key listing
ikloecker moved T5715: Kleopatra: After importing a secret key and setting ownertrust in the dialog the key is not updated from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker changed the status of T5711: Kleopatra: Keyserver config does not fallback to default from Open to Testing.
ikloecker committed rKLEOPATRA721e9825d2ac: Reset OpenPGP keyserver to default on empty value (authored by ikloecker).
Reset OpenPGP keyserver to default on empty value
ikloecker moved T5711: Kleopatra: Keyserver config does not fallback to default from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a comment to T5713: Kleopatra: PKCS#12 Import no Error on bad passphrase.
@aheinecke Please provide an example of a PKCS#12 certificate.
Reassigning to Andre to check why the build system doesn't pick up kconfig_compiler from kconfig-5.77 which is used/built for gpg4win and the appimage.
ikloecker added a comment to T5716: Kleopatra: Compile error on debian buster.
Or are you trying to compile Kleopatra against KF5 that comes with Debian buster?
ikloecker added a comment to T5716: Kleopatra: Compile error on debian buster.
Hmm, cmake should find the right executable of kconfig_compiler. Are you sure that there is no development package of kconfig installed on the build system?
ikloecker added a comment to T5716: Kleopatra: Compile error on debian buster.
The is*Immutable members were added with version 5.68. And the current packages use KF5 5.77. So this should work. Unless ...
werner triaged T5717: Case insensitive algo compare in Kleopatras new key dialog as Normal priority.
Jakuje added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.
Thanks. I did some git archeology and found the first mention of this in the following commit in 2011 without
aheinecke committed rW352682df0d3f: Add dist-self as dependency to all uploads (authored by aheinecke).
Add dist-self as dependency to all uploads
gniibe committed rCe4a450d1d966: rsa: Allow e=0 to select 65537 for keygeneration under X931. (authored by gniibe).
rsa: Allow e=0 to select 65537 for keygeneration under X931.
gniibe added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.
Adding the case for == 0 only might be problematic, because I don't think it's an alias for a secure value; I think that == 0 means that it's up to libgcrypt to select the value (just like other generate_* functions).
gniibe committed rC78ce1f9e0afe: random: Add missing header file to the release tarball (authored by Jakuje).
random: Add missing header file to the release tarball
gniibe added a comment to T5523: jitter entropy RNG update.
Thank you, applied.
werner added a comment to T5712: Yubikey 5 NFC only recognized immediately after it is inserted.
There is a "sharing violatation", error which means another process got access to the card. You can try to put
Thu, Dec 2
Thu, Dec 2
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAab0d7953413e: GIT_SILENT Upgrade release service version to 21.12.0. (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Upgrade release service version to 21.12.0.
dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.
I sent a copy to gcrypt-devel@gnupg.org. Hope this is the right process. Thanks.
jukivili added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.
Please read doc/HACKING carefully on the process of sending DCO the right way.
Update Kleopatra to latest master
aheinecke committed rW90952e4e0b37: Update NEWS and READMEs for todays 3.x release (authored by aheinecke).
Update NEWS and READMEs for todays 3.x release
aheinecke committed rWbda6b54adc9a: Add git betaversion to VS-Desktop filenames (authored by aheinecke).
Add git betaversion to VS-Desktop filenames
Add GUIDs for kgrp reg keys
Update kleopatra, libkleo and l10n
aheinecke committed rW9ea735c2ff57: Fix make dist for non existing appimage patches (authored by aheinecke).
Fix make dist for non existing appimage patches
aheinecke committed rWdc694bf93079: Add registry entries for "kgrp" file type (authored by aheinecke).
Add registry entries for "kgrp" file type
Remove obsolete gpgol patch
Move l10n script from src to packages
Jakuje added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.
Let me get back to this once more as one of the parts for RSA was initially missed:
diff -up libgcrypt-1.8.4/cipher/rsa.c.fips-keygen libgcrypt-1.8.4/cipher/rsa.c --- libgcrypt-1.8.4/cipher/rsa.c.fips-keygen 2017-11-23 19:16:58.000000000 +0100 +++ libgcrypt-1.8.4/cipher/rsa.c 2019-02-12 14:29:25.630513971 +0100 @@ -696,7 +696,7 @@ generate_x931 (RSA_secret_key *sk, unsig
aheinecke added a comment to rLIBKLEO51f2bd618677: Prevent cycles in graph of certificate issuers.
Ui, Kudos to you for seeing that possibility in Boost Graph and applying that. *Thumbs up*
aheinecke triaged T5715: Kleopatra: After importing a secret key and setting ownertrust in the dialog the key is not updated as Normal priority.
Jakuje added a comment to T5523: jitter entropy RNG update.
I went through some more testing and noticed one missing file in the release tarball, that prevents building libgcrypt now. Should be fixed with the attached patch.
Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.
I did go through a bit more testing too and the selftests still initialize and use the secure memory (and the t-secmem fails in FIPS mode if we invoke selftests from constructor). Now from run_random_selftests() -> _gcry_random_selftest() -> drbg_healthcheck() -> _gcry_rngdrbg_healthcheck_one(). So this means that we either need to de-initialize secure memory after the constructor selftests or prevent its initialization as I suggested in some of the previous comments.
aheinecke triaged T5711: Kleopatra: Keyserver config does not fallback to default as Normal priority.
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.
What would be setting those? And how do I disable it?
pzich added a comment to T5693: GPG sign in corrupts larger terminal sizing.
It does have them defined!
$ gpg-connect-agent "getinfo getenv COLUMNS" /bye D 80 OK $ gpg-connect-agent "getinfo getenv LINES" /bye D 24 OK
What would be setting those? And how do I disable it?
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.
A possibility is that gpg-agent which invokes pinentry happens have COLUMNS and LINES defined, then, pinentry misbehaves.
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.
Thanks again for further information.
pzich added a comment to T5693: GPG sign in corrupts larger terminal sizing.
Hmm, I added that to my formula, and see ncurses 6.3 now, however the issue still occurs.
dyld[20991]: <55AFFB3D-2011-35CC-9486-B30BC1CA12F7> /opt/homebrew/Cellar/pinentry/1.2.0/bin/pinentry-curses dyld[20991]: <AAD35EC9-FC8A-3ED4-A829-C59E710CEA8A> /opt/homebrew/Cellar/libassuan/2.5.5/lib/libassuan.0.dylib dyld[20991]: <59683137-0511-3681-8BA6-04A78592B197> /opt/homebrew/Cellar/libgpg-error/1.43/lib/libgpg-error.0.dylib dyld[20991]: <A9DA1A80-D101-339B-9637-85A65285E050> /opt/homebrew/Cellar/ncurses/6.3/lib/libncursesw.6.dylib dyld[20991]: <679CDB15-D472-38E8-8840-B38874010D51> /usr/lib/libSystem.B.dylib dyld[20991]: <BB47A721-69A7-3EEA-9D9B-82F88FFF2641> /usr/lib/system/libcache.dylib dyld[20991]: <E6CCD148-5E91-3111-BE37-1C19402F4637> /usr/lib/system/libcommonCrypto.dylib dyld[20991]: <92001FF7-799E-3BA8-BF46-5FA01FFB952C> /usr/lib/system/libcompiler_rt.dylib dyld[20991]: <6BE94DC2-F363-3D76-B056-F45D4B56E152> /usr/lib/system/libcopyfile.dylib dyld[20991]: <881973B2-0426-325F-8D1A-17D60AE0CBFA> /usr/lib/system/libcorecrypto.dylib dyld[20991]: <9C4116F5-B8EB-3A00-B4B5-54AF6A76F66B> /usr/lib/system/libdispatch.dylib dyld[20991]: <96ECED73-F10C-3941-91A7-00254B907499> /usr/lib/system/libdyld.dylib dyld[20991]: <F7CDC52B-7961-3283-A30F-B06E2E6ED6AB> /usr/lib/system/libkeymgr.dylib dyld[20991]: <8D2BECEF-1038-3F2C-B8EF-B02C03092286> /usr/lib/system/libmacho.dylib dyld[20991]: <3D861651-91A7-3D78-B43B-ECAA41D63D9E> /usr/lib/system/libquarantine.dylib dyld[20991]: <FA2D8F89-D9C4-316F-9FDC-BFF1A791BD4E> /usr/lib/system/libremovefile.dylib dyld[20991]: <61963381-E322-3D0F-855D-CE1EA31FA4E1> /usr/lib/system/libsystem_asl.dylib dyld[20991]: <770FEB1F-FE27-3670-810F-A063D281CC8D> /usr/lib/system/libsystem_blocks.dylib dyld[20991]: <660D7866-E2A2-3651-A0A5-806E9217736B> /usr/lib/system/libsystem_c.dylib dyld[20991]: <1F580793-A1C3-30C6-A9BC-7789C14677AE> /usr/lib/system/libsystem_collections.dylib dyld[20991]: <8370E8A5-EADF-3A2C-9D5B-CA148723A5CA> /usr/lib/system/libsystem_configuration.dylib dyld[20991]: <30C492F6-C9E6-3C1D-BE52-CA4F4FC824D6> /usr/lib/system/libsystem_containermanager.dylib dyld[20991]: <F2A34B01-C264-3B7E-B3C9-1671E9E3C185> /usr/lib/system/libsystem_coreservices.dylib dyld[20991]: <01C0D793-E5FB-3141-95D6-32A973F9FFF8> /usr/lib/system/libsystem_darwin.dylib dyld[20991]: <AED9DAFC-7AB1-31CF-96A1-14C87B614DD3> /usr/lib/system/libsystem_dnssd.dylib dyld[20991]: <F0456F65-B4DF-3E14-91DC-C0C2A7954233> /usr/lib/system/libsystem_featureflags.dylib dyld[20991]: <5E36F087-5EF7-33B7-ACDA-CAE1C4A97621> /usr/lib/system/libsystem_info.dylib dyld[20991]: <6AB180A4-1D1E-3FA1-88B7-A7866EFACFC8> /usr/lib/system/libsystem_m.dylib dyld[20991]: <7C9F7726-62C1-3B03-8130-03E8A2A68DDF> /usr/lib/system/libsystem_malloc.dylib dyld[20991]: <2F331637-80F6-3208-816F-618DA9081899> /usr/lib/system/libsystem_networkextension.dylib dyld[20991]: <3701D756-7023-30C0-9A36-852971092AA9> /usr/lib/system/libsystem_notify.dylib dyld[20991]: <4234FAEC-7D18-30E7-AEAD-E9FB6922AFE9> /usr/lib/system/libsystem_product_info_filter.dylib dyld[20991]: <1214F568-24BF-379F-8A86-FF947EE5F18A> /usr/lib/system/libsystem_sandbox.dylib dyld[20991]: <49553CC1-66C3-32B1-91C6-4415DE230F58> /usr/lib/system/libsystem_secinit.dylib dyld[20991]: <17550B77-D255-389A-B779-906AF75314B6> /usr/lib/system/libsystem_kernel.dylib dyld[20991]: <8B28F7A3-6681-3D34-92AE-3688A74F50E6> /usr/lib/system/libsystem_platform.dylib dyld[20991]: <AA39FF66-B3F0-3777-99BC-F4A4C5CBD566> /usr/lib/system/libsystem_pthread.dylib dyld[20991]: <73885FA5-76B6-3AA3-8D91-60B2E0078F99> /usr/lib/system/libsystem_symptoms.dylib dyld[20991]: <362E885B-20EA-395B-BB01-6E46B864294D> /usr/lib/system/libsystem_trace.dylib dyld[20991]: <D0A538E3-7A75-395A-993C-A3EA7947F55A> /usr/lib/system/libunwind.dylib dyld[20991]: <A77B4CE2-0855-3C19-B4A6-47B094CF0DDA> /usr/lib/system/libxpc.dylib dyld[20991]: <52A50407-CD9B-3A67-A0C2-2D9D6F3043BF> /usr/lib/libc++abi.dylib dyld[20991]: <8FCA2160-F786-398A-AEAC-2B3D5BD72BB8> /usr/lib/libobjc.A.dylib dyld[20991]: <6B0DE0DE-0EA2-3948-8B7D-8BA309414B27> /usr/lib/liboah.dylib dyld[20991]: <20FBE382-CC21-324E-8813-C84B94CC04EF> /usr/lib/libc++.1.dylib dyld[20991]: <A714AC09-9E2D-3608-B8C1-D6300E852308> /usr/lib/libiconv.2.dylib dyld[20991]: <1907D41B-6D4B-3EA0-AD3B-5770431B6327> /usr/lib/libcharset.1.dylib
gniibe added a comment to T5512: Implement service indicators.
For the part 1, I created: T5710: FIPS: disable DSA for FIPS
gniibe updated subscribers of T5710: FIPS: disable DSA for FIPS.
This is the patch from @Jakuje
Wed, Dec 1
Wed, Dec 1
jukivili committed rCd5bf106468e6: gcry_mpi_sub_ui: fix subtracting from negative value (authored by jukivili).
gcry_mpi_sub_ui: fix subtracting from negative value
ikloecker committed rKLEOPATRA96928c1e4501: Enable encrypt/sign button if GnuPG is compliant (authored by ikloecker).
Enable encrypt/sign button if GnuPG is compliant
ikloecker committed rKLEOPATRAd3b9927901f5: Set up the key cache before the system tray icon (authored by ikloecker).
Set up the key cache before the system tray icon
ikloecker committed rKLEOPATRA4853bdf5fd79: Update the signing actions when the keys change (authored by ikloecker).
Update the signing actions when the keys change
ikloecker committed rKLEOPATRA010a83a6239f: Update main UI if key cache is already initialized (authored by ikloecker).
Update main UI if key cache is already initialized
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.
So, the solution is to build pinentry with newer ncurses. As I wrote in another comment, it's adding a single line to the formula.
ikloecker moved T5334: Kleopatra: Add more support for WKS / WKD from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker committed rLIBKLEO8dbf1f6bcb05: Check version of QGpgme instead of gpgme++ (authored by ikloecker).
Check version of QGpgme instead of gpgme++
aheinecke committed rKLEOPATRA7e7d6a91810f: Bump Kleopatra version to 3.1.20 (authored by aheinecke).
Bump Kleopatra version to 3.1.20
ikloecker changed the status of T5688: Kleopatra: Configure to hide CSR creation from Open to Testing.
ikloecker added a comment to T5688: Kleopatra: Configure to hide CSR creation.
The functionality to create CSRs can be hidden with the setting
[CMS] AllowCertificateCreation=false
ikloecker added a comment to T5708: Kleopatra: Configure expiration date default in config.
The default validity period can be specified in the configuration file with
[CertificateCreationWizard] ValidityPeriodInDays=42
ikloecker changed the status of T5708: Kleopatra: Configure expiration date default in config from Open to Testing.
ikloecker committed rKLEOPATRAa2919db78cc2: Allow setting default validity period for new OpenPGP keys (authored by ikloecker).
Allow setting default validity period for new OpenPGP keys
ikloecker committed rKLEOPATRAaea86f8a57d9: Prefill expiration date with default if expiration is enabled (authored by ikloecker).
Prefill expiration date with default if expiration is enabled
ikloecker moved T5708: Kleopatra: Configure expiration date default in config from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Post release version bump
Auto update po files
Update NEWS for todays release
Use link for gnupg-msi sources
Add clean option to download script
Update GpgOL to 2.5.1
Switch libpng download server
Download the last used variant
swdb: Released gpgol-2.5.1
gniibe added a comment to T5512: Implement service indicators.
Also, applied the part 2, improving basic.c.
gniibe committed rCbff9ed54285b: tests: Fix basic.c to show useful information on error. (authored by gniibe).
tests: Fix basic.c to show useful information on error.
gniibe committed rCc8d2b0069e3c: tests: Improve error checking in regards to FIPS (authored by Jakuje).
tests: Improve error checking in regards to FIPS
Disable 3DES in FIPS mode
gniibe added a comment to T5512: Implement service indicators.
Applied the part 3, the 3DES is no-FIPS patch.
Tue, Nov 30
Tue, Nov 30
Nicolás Alvarez <nicolas.alvarez@gmail.com> committed rKLEOPATRA196e627e841f: Enable new GitLab CI on stable branch. (authored by Nicolás Alvarez <nicolas.alvarez@gmail.com>).
Enable new GitLab CI on stable branch.
Nicolás Alvarez <nicolas.alvarez@gmail.com> committed rLIBKLEOc1d732834740: Enable new GitLab CI on stable branch. (authored by Nicolás Alvarez <nicolas.alvarez@gmail.com>).
Enable new GitLab CI on stable branch.
aheinecke added a comment to T5708: Kleopatra: Configure expiration date default in config.
Quick gen key is only used for the keygen in GpgOL and KMail. Kleopatra itself uses the old batch generate interface.
gniibe committed rC3d38968f4b75: Implement explicit FIPS indicators for cipher modes (authored by Jakuje).
Implement explicit FIPS indicators for cipher modes
gniibe renamed T5706: libgcrypt: random: Remove the feature getting randomness from random daemon from libgcrypt: random: Remove access to random daemon to libgcrypt: random: Remove the feature getting randomness from random daemon.
gniibe added a comment to T5512: Implement service indicators.
Applied the part 4, the indicator patch.
The change for pubkey-util.c is not needed any more, because
- T5665 handles new functions rejects use of SHA-1 as approved signature.
- pubkey-util.c is used by gcry_pk_sign and gcry_pk_verify.
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.
Thank you for the info.
werner added a comment to T5708: Kleopatra: Configure expiration date default in config.
--quick-gen-key supports this but there is no general option; the 2 years are hard coded.
pzich added a comment to T5693: GPG sign in corrupts larger terminal sizing.
I ran DYLD_PRINT_LIBRARIES=1 DYLD_PRINT_LIBRARIES_POST_LAUNCH=1 DYLD_PRINT_RPATHS=1 pinentry-curses and see libncurses.5.4 (full output below).
gniibe triaged T5706: libgcrypt: random: Remove the feature getting randomness from random daemon as Normal priority.
Panel Used By
Panel Used By
| Dashboard | rtatnet2's Dashboard |