Feed All Stories

Today

Laurent Montel <montel@kde.org> committed rLIBKLEOe58340acdbe8: GIT_SILENT: add cmake (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add cmake
Sun, May 31, 8:35 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRAe599927a0a25: GIT_SILENT: add cmake (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add cmake
Sun, May 31, 8:34 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA152295370850: GIT_SILENT: add cmake (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add cmake
Sun, May 31, 8:31 AM

Fri, May 29

dkg updated the task description for T4961: ship gpgrt.pc.
Fri, May 29, 7:01 PM · gpgrt
dkg created T4961: ship gpgrt.pc.
Fri, May 29, 7:01 PM · gpgrt
Laurent Montel <montel@kde.org> committed rKLEOPATRA6b76c55b6b8f: GIT_SILENT: fix package name (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: fix package name
Fri, May 29, 5:28 PM
Laurent Montel <montel@kde.org> committed rLIBKLEOfc62fd34acf1: GIT_SILENT: fix package name (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: fix package name
Fri, May 29, 5:27 PM
werner triaged T4959: confusing output when running `gpg --delete-secrete-keys` without name as Normal priority.

Although this is a standard behaviour for Unix tools, you are right that it makes sense to tell the user about the problems. And well, the version info should not appear either.

Fri, May 29, 5:12 PM · gnupg (gpg22), Bug Report
werner committed rEa20f9530be8d: Post release updates (authored by werner).
Post release updates
Fri, May 29, 3:58 PM
werner committed rE71d278824c5f: Release 1.38 (authored by werner).
Release 1.38
Fri, May 29, 3:58 PM
werner committed rE1143b2d36199: po: Update Ukrainian translation (authored by Yuri Chornoivan <yurchor@ukr.net>).
po: Update Ukrainian translation
Fri, May 29, 3:58 PM
werner committed rEa6104a9ab717: po: Update and proofread Russian translation (authored by Ineiev <ineiev@gnu.org>).
po: Update and proofread Russian translation
Fri, May 29, 3:58 PM
werner committed rE4f9fcb117ed0: po: Auto update (authored by werner).
po: Auto update
Fri, May 29, 3:58 PM
werner committed rD3b3e22082944: swdb: Release gpgrt 1.38 (authored by werner).
swdb: Release gpgrt 1.38
Fri, May 29, 3:48 PM
werner committed rDda23af3268a5: drafts,openpgp-webkey-service: Publish revision -10 (authored by werner).
drafts,openpgp-webkey-service: Publish revision -10
Fri, May 29, 3:48 PM
werner closed T4623: pkg-config for mingw needs to emit -lws2_32 as Resolved.
Fri, May 29, 3:16 PM · Testing, Windows, gpgrt, Bug Report
werner added a comment to T4788: System wide configuration of the GnuPG system.

The required libgpg-error 1.38 has now been released.

Fri, May 29, 3:16 PM · gnupg (gpg23), Feature Request, gpg4win, g10code
werner closed T4859: Release libgpg-error 1.38 as Resolved.
Fri, May 29, 3:15 PM · gpgrt, Release Info
werner added a comment to T4635: ship gpgscm and necessary *.scm files from gpgrt.

FYIL This is delayed because there are some dependencies to internals of gnupg.

Fri, May 29, 2:32 PM · Tests, gpgrt, Feature Request
werner closed T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS as Resolved.

Merged. Thanks.

Fri, May 29, 2:29 PM · gpgrt, Feature Request
werner created T4960: Disable tests if required components are disabled.
Fri, May 29, 1:51 PM · Bug Report, gnupg (gpg22)
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Ok. However, I don't think that the fingerprint is really important. We can compute it anyway as long as we have the creation date. The keygrip is meanwhile more important but that is also easy to compute.

Fri, May 29, 11:33 AM · scd
gniibe committed rGe285b1197b93: scd: Fix condition for C5 data object for newer Yubikey. (authored by gniibe).
scd: Fix condition for C5 data object for newer Yubikey.
Fri, May 29, 4:22 AM
gniibe committed rGab724d3206c8: dirmngr: dns: Fix allocation of string buffer in stack. (authored by gniibe).
dirmngr: dns: Fix allocation of string buffer in stack.
Fri, May 29, 4:22 AM
gniibe added a commit to T4934: Returning automatic variable buffer from a function : rGab724d3206c8: dirmngr: dns: Fix allocation of string buffer in stack..
Fri, May 29, 4:22 AM · dirmngr, Testing, Bug Report
gniibe added a commit to T4957: OpenPGP card protocol 3.4 with Yubikey: rGe285b1197b93: scd: Fix condition for C5 data object for newer Yubikey..
Fri, May 29, 4:22 AM · scd
gniibe committed rGf3df8dbb696f: scd: Fix condition for C5 data object for newer Yubikey. (authored by gniibe).
scd: Fix condition for C5 data object for newer Yubikey.
Fri, May 29, 4:20 AM
gniibe added a commit to T4957: OpenPGP card protocol 3.4 with Yubikey: rGf3df8dbb696f: scd: Fix condition for C5 data object for newer Yubikey..
Fri, May 29, 4:20 AM · scd
gniibe added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Perhaps, no change would be required.
My major concern is that: the data object for fingerprints C5 and C6 were defined as fixed-size 60-byte objects (and actually _is_ defined still in the current specification of 3.4), but it's 80-byte, which might cause problem(s).

Fri, May 29, 4:04 AM · scd

Thu, May 28

PWRzTOtacorTPq7KNW4oFec8F added a comment to T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).

Is there a blogpost or similar where the use of several smartcards following this improvement is explained to n00bs like me? :) For now all I find is this thread and some SE answers saying it does not work yet (https://security.stackexchange.com/questions/154702/gpg-encryption-subkey-on-multiple-smart-cards-issue) . If somebody could post a new answer on SE / write a small blog post or similar that would be great. Useful would be to have 1) from which versions and over is that available 2) how this works / how to use.

Thu, May 28, 10:18 PM · Testing, Feature Request, gnupg
PWRzTOtacorTPq7KNW4oFec8F renamed T4959: confusing output when running `gpg --delete-secrete-keys` without name from confusing output when running ```gpg --delete-secrete-keys``` without name to confusing output when running `gpg --delete-secrete-keys` without name.
Thu, May 28, 10:08 PM · gnupg (gpg22), Bug Report
PWRzTOtacorTPq7KNW4oFec8F created T4959: confusing output when running `gpg --delete-secrete-keys` without name.
Thu, May 28, 10:07 PM · gnupg (gpg22), Bug Report
werner triaged T4958: Document different use of pubring.gpg in newer versions as Normal priority.
Thu, May 28, 9:11 PM · gnupg (gpg22), Documentation
werner committed rK5cdf0b5b0f19: Let ksba_cms_identify detect the new OpenPGP keyblock content. (authored by werner).
Let ksba_cms_identify detect the new OpenPGP keyblock content.
Thu, May 28, 3:59 PM
werner committed rG2d9592e78f49: card: Allow to store and retrieve keyblocks in OpenPGP cards. (authored by werner).
card: Allow to store and retrieve keyblocks in OpenPGP cards.
Thu, May 28, 3:56 PM
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Why do you think that we need to care about the attestation key? Where possible I take in new code in account that we will have more OpenPGP keys, but right now I don't think that is makes sense to replace our data structures for that the 3 element arrays we currently use are okay for the 3 standard keys. We can latter see how to replace them. At one place I already introduced something new:

Thu, May 28, 2:25 PM · scd
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Here is a dump of my token (Yubikey 5.2.6). I used the new apdu command of gpg-card along with "undump | dumpasn1 -", which saves quite some time:

Thu, May 28, 2:19 PM · scd
werner committed rGed0759f39be0: card: New command "apdu" (authored by werner).
card: New command "apdu"
Thu, May 28, 1:01 PM
bernhard created T4958: Document different use of pubring.gpg in newer versions.
Thu, May 28, 12:45 PM · gnupg (gpg22), Documentation
gniibe added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Hand parsing the data object content:

fa 82 01 e2
   c1 06
      010800001100
   c1 06
      010c00001100
   c1 06
      011000001100
   c1 09
      132a8648ce3d030107
   c1 06
      132b81040022
   c1 06
      132b81040023
   c1 06
      132b8104000a
   c1 0a
      132b2403030208010107
   c1 0a
      132b240303020801010b
   c1 0a
      132b240303020801010d
   c1 0a
      162b06010401da470f01
   c1 0b
      162b060104019755010501
   c2 06
      010800001100
   c2 06
      010c00001100
   c2 06
      011000001100
   c2 09
      122a8648ce3d030107
   c2 06
      122b81040022
   c2 06
      122b81040023
   c2 06
      122b8104000a
   c2 0a
      122b2403030208010107
   c2 0a
      122b240303020801010b
   c2 0a
      122b240303020801010d
   c2 0a
      162b06010401da470f01
   c2 0b
      162b060104019755010501
   c3 06
      010800001100
   c3 06
      010c00001100
   c3 06
      011000001100
   c3 09
      132a8648ce3d030107
   c3 06
      132b81040022
   c3 06
      132b81040023
   c3 06
      132b8104000a
   c3 0a
      132b2403030208010107
   c3 0a
      132b240303020801010b
   c3 0a
      132b240303020801010d
   c3 0a
      162b06010401da470f01
   c3 0b
      162b060104019755010501
   da 06
      010800001100
   da 06
      010c00001100
   da 06
      011000001100
   da 09
      132a8648ce3d030107
   da 06
      132b81040022
   da 06
      132b81040023
   da 06
      132b8104000a
   da 0a
      132b2403030208010107
   da 0a
      132b240303020801010b
   da 0a
      132b240303020801010d
   da 0a
      162b06010401da470f01
   da 0b
      162b060104019755010501
Thu, May 28, 8:34 AM · scd
gniibe added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

And here is (raw) dump of the data object FA:

Thu, May 28, 8:25 AM · scd
Laurent Montel <montel@kde.org> committed rLIBKLEO08899d53438b: GIT_SILENT: It compiles fine against kf5.71 without deprecated methods (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: It compiles fine against kf5.71 without deprecated methods
Thu, May 28, 8:24 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA5b238c127a5c: GIT_SILENT: It compiles fine against kf5.71 without deprecated methods (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: It compiles fine against kf5.71 without deprecated methods
Thu, May 28, 8:20 AM
gniibe triaged T4957: OpenPGP card protocol 3.4 with Yubikey as Normal priority.

Here is the dump of "Application Related Data" (6E):

6e 82 01 47
   4f 10
      d2760001240103040006106160490000
   5f 52 08
      00730000e0059000
   7f 74 03
      810120
   73 82 01 20
      c0 0a
         7d000bfe080000ff0000
      c1 0b
         162b06010401da470f0100
      c2 0c
         122b06010401975501050100
      c3 0b
         162b06010401da470f0100
      da 06  <-------------------------------------- This is algorithm attributes for Attestation key (Yubikey specific)
         010800001100
      c4 07
         ff7f7f7f030003
      c5 50
         eeeed1b50b1b1d9c669033fe019e94a27992b44c
         d00b630fdcb5c4397d5ffbd69aa68a3ff9f8ed10
         1b2a3d46f4f0c5afd0115e7eb858d476daf64cdb
         0000000000000000000000000000000000000000  <--- This appears to be fingerprint of Attestation key
      c6 50
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000  <--- This appears to be fingerprint of some key related to Attestation key???
      cd 10
         5e58b1e65e58b1c55e58b1f900000000
      de 08
         0102020203028102
   7f 66 08
      02020bfe02020bfe
   d6 02
      0020
   d7 02
      0020
   d8 02
      0020
   d9 02
      0020
Thu, May 28, 8:15 AM · scd
gniibe created T4957: OpenPGP card protocol 3.4 with Yubikey.
Thu, May 28, 8:11 AM · scd

Wed, May 27

aheinecke committed rO3c486a6468fa: Add accessor to hidden "Dirty" property (authored by aheinecke).
Add accessor to hidden "Dirty" property
Wed, May 27, 5:22 PM
aheinecke committed rO33f8c7b8b1d5: Add helper to put a byte array into OOM (authored by aheinecke).
Add helper to put a byte array into OOM
Wed, May 27, 5:22 PM
aheinecke committed rO12b4298b40a4: Accept input from older keyresolver (authored by aheinecke).
Accept input from older keyresolver
Wed, May 27, 5:22 PM
aheinecke committed rO2139d77a3fd8: Minor formatting fix (authored by aheinecke).
Minor formatting fix
Wed, May 27, 5:22 PM
aheinecke committed rO90c3e6b7836d: Change message format to HTML when RTF (authored by aheinecke).
Change message format to HTML when RTF
Wed, May 27, 5:22 PM
werner committed rG94d31660c6db: card: Update card info after "generate". (authored by werner).
card: Update card info after "generate".
Wed, May 27, 1:48 PM
werner committed rG21496761226c: scd:openpgp: New KEY-STATUS attribute. (authored by werner).
scd:openpgp: New KEY-STATUS attribute.
Wed, May 27, 1:48 PM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In the SOS branch, rG1c4291c3951d: ecc-sos: Add special leading zero octet removal. should be reverted.
Instead, the S_KEY should be fixed up in read_key_file in findkey.c,
and merge_lists in protect.c.
(Then, no need to be fixed up in extract_private_key.)

Wed, May 27, 11:57 AM · OpenPGP, gnupg
werner committed rG08310849a280: card: Add command "bye" (authored by werner).
card: Add command "bye"
Wed, May 27, 11:45 AM
werner committed rG46a3de4b5acb: card: Take care of removed and re-inserted cards. (authored by werner).
card: Take care of removed and re-inserted cards.
Wed, May 27, 11:45 AM
cryptobit added a comment to T4953: Some email recipients respond with: hey, why did you send me an empty mail...?.

I observe the same problem since I installed gpg4win 3.1.11 (german) in Outlook, Office Professional Plus 2019, Version 2004: Occasionally "zero byte mails" are sent by replying to an s/mine certified and encrypted mail. In my case the option s/mine support is disabled in GpgOL menu.

Wed, May 27, 10:56 AM · Bug Report, gpg4win
werner changed the end date for E654: Weekly Standup from Mon, Jun 1, 11:00 AM to Tue, Jun 2, 11:00 AM.
Wed, May 27, 10:37 AM
werner added a comment to T4098: GpgSM: Add ECC support.

GnuTLS seems to have some CMS support; see https://gitlab.com/gnutls/gnutls/-/issues/227 .

Wed, May 27, 10:35 AM · gnupg (gpg23), Feature Request, S/MIME
gniibe committed rG2fc7fbc46b59: ecc-sos: SOS as Strange Octet String. (authored by gniibe).
ecc-sos: SOS as Strange Octet String.
Wed, May 27, 9:16 AM
gniibe committed rG1c4291c3951d: ecc-sos: Add special leading zero octet removal. (authored by gniibe).
ecc-sos: Add special leading zero octet removal.
Wed, May 27, 5:34 AM
gniibe committed rC33c972b6a6fe: sexp: Fix coding of line break. (authored by gniibe).
sexp: Fix coding of line break.
Wed, May 27, 4:29 AM
gniibe updated the task description for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:09 AM · libgcrypt, gpgagent, gnupg
gniibe edited projects for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned, added: gpgagent, libgcrypt; removed OpenPGP.
Wed, May 27, 3:08 AM · libgcrypt, gpgagent, gnupg
gniibe added a comment to T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.

Exactly same problem is there in libgcrypt.
In the definitions of curves, it uses negative constant internally in some specific places, but for other parts, we have same problems.

Wed, May 27, 3:08 AM · libgcrypt, gpgagent, gnupg
gniibe updated the task description for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:03 AM · libgcrypt, gpgagent, gnupg
gniibe created T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:03 AM · libgcrypt, gpgagent, gnupg

Tue, May 26

werner committed rGc2a47475ba0f: card: Implement UID command and print capabilities. (authored by werner).
card: Implement UID command and print capabilities.
Tue, May 26, 4:24 PM
werner committed rG20090886706e: scd: Fix Yubikey app switching problem (authored by werner).
scd: Fix Yubikey app switching problem
Tue, May 26, 4:24 PM
werner committed rG11f0700282c1: scd:openpgp: Add attribute "UIF" for convenience. (authored by werner).
scd:openpgp: Add attribute "UIF" for convenience.
Tue, May 26, 4:24 PM
aheinecke committed rO23158ad86a2f: Also learn about smartcards for OpenPGP (authored by aheinecke).
Also learn about smartcards for OpenPGP
Tue, May 26, 3:10 PM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

I should concentrate the case of ECC, in particular, ECC with modern curves.
Removing leading zero from RSA/ECC/ELGamal assuming unsigned integer would result more work.

Tue, May 26, 8:23 AM · OpenPGP, gnupg
gniibe committed rG6d226ec8bd02: ecc-sos: Fix SOS handling and revert change of cvt protocol. (authored by gniibe).
ecc-sos: Fix SOS handling and revert change of cvt protocol.
Tue, May 26, 8:21 AM
Laurent Montel <montel@kde.org> committed rLIBKLEOb442a0ff307e: GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13
Tue, May 26, 7:37 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRAb3dd7a187457: GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13
Tue, May 26, 7:34 AM
gniibe committed rG85acf0699e4d: ecc-sos: Unsigned integer for SSH, more. (authored by gniibe).
ecc-sos: Unsigned integer for SSH, more.
Tue, May 26, 7:21 AM
gniibe committed rGdf3628f9587e: ecc-sos: Use unsigned integer format for SSH. (authored by gniibe).
ecc-sos: Use unsigned integer format for SSH.
Tue, May 26, 7:20 AM
gniibe committed rG324dbe3eb551: ecc-sos: When reading private key, it's unsigned. (authored by gniibe).
ecc-sos: When reading private key, it's unsigned.
Tue, May 26, 7:20 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In libgcrypt, we have another problem of GCRYSEXP_FMT_ADVANCED formatting, which is used by gpg-agent of GnuPG 2.3 with name-value list.

Tue, May 26, 7:07 AM · OpenPGP, gnupg
gniibe committed rGf3d07c634e7b: agent: SSH clean up. (authored by gniibe).
agent: SSH clean up.
Tue, May 26, 4:56 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Confusingly, in the SSH specification, it is signed MPI.

Tue, May 26, 3:59 AM · OpenPGP, gnupg

Mon, May 25

aheinecke committed rOd0b6cf49695c: Fix invalid memdbg error (authored by aheinecke).
Fix invalid memdbg error
Mon, May 25, 10:09 AM
aheinecke committed rO43c5916f17c7: Fix two memleaks in mapihelp (authored by aheinecke).
Fix two memleaks in mapihelp
Mon, May 25, 10:09 AM
werner added a comment to E653: Weekly Standup.

Last week:

  • Just two days for me; code cleanup, release of libksba 1.4
Mon, May 25, 10:00 AM
aheinecke added a comment to E653: Weekly Standup.

Last week:

Mon, May 25, 8:46 AM
aheinecke is attending E653: Weekly Standup.
Mon, May 25, 8:42 AM
gniibe added a comment to E653: Weekly Standup.
Mon, May 25, 7:34 AM
gniibe is attending E653: Weekly Standup.
Mon, May 25, 7:28 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

There are more places for clean up in GnuPG.
While "MPI" in OpenPGP specification is based on unsigned integer, the default "MPI" handling of GnuPG/Libgcrypt is signed. This difference matters internally.
Formatting by "%m" with libgcrypt, it may result prefixed by 0x00 (so that it represents unsigned value, even if scanned as signed).
And because of this, existing private keys in private-keys-v1.d may have this leading zero-byte.
But the counting bits don't count this byte.

Mon, May 25, 7:27 AM · OpenPGP, gnupg
gniibe committed rGcbf30c1da932: ecc-sos: Backport master change for ECDH. (authored by gniibe).
ecc-sos: Backport master change for ECDH.
Mon, May 25, 7:23 AM
gniibe added a reverting commit for rG43c0c19fcae5: ecc-sos: Fix SOS handling in do_unprotect.: rGbdf0fb315868: Revert "ecc-sos: Fix SOS handling in do_unprotect.".
Mon, May 25, 7:23 AM
gniibe committed rGbdf0fb315868: Revert "ecc-sos: Fix SOS handling in do_unprotect." (authored by gniibe).
Revert "ecc-sos: Fix SOS handling in do_unprotect."
Mon, May 25, 7:23 AM

Fri, May 22

andrey_l added a comment to D500: Add Ukrainian localization to installer.

@aheinecke what is the process of new translation adding?

Fri, May 22, 2:52 PM
andrey_l abandoned D499: Add .arcconfig.
Fri, May 22, 2:51 PM
gniibe committed rG64d93271bfce: gpg: Clean up ECDH code path (4). (authored by gniibe).
gpg: Clean up ECDH code path (4).
Fri, May 22, 5:07 AM
gniibe committed rG510bda7d3754: gpg: Clean up ECDH code path (5). (authored by gniibe).
gpg: Clean up ECDH code path (5).
Fri, May 22, 5:07 AM
gniibe committed rG960d37644cbb: gpg: Clean up ECDH code path (1). (authored by gniibe).
gpg: Clean up ECDH code path (1).
Fri, May 22, 5:07 AM
gniibe committed rGa973d9113840: gpg: Clean up ECDH code path (2). (authored by gniibe).
gpg: Clean up ECDH code path (2).
Fri, May 22, 5:07 AM
gniibe committed rG80c02d13d999: gpg: Clean up ECDH code path (3). (authored by gniibe).
gpg: Clean up ECDH code path (3).
Fri, May 22, 5:07 AM
gniibe claimed T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.
Fri, May 22, 2:05 AM · gpgrt, Feature Request

Thu, May 21

Laurent Montel <montel@kde.org> committed rLIBKLEO2ba03df9b257: GIT_SILENT: add .gitlab-ci.yml (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add .gitlab-ci.yml
Thu, May 21, 9:55 AM