Revocation certificates consist of *only* the revocation packet, right? Claiming that the revocation cert contains more than the revocation packet (when it doesn't) seems more troubling from an API perspective than just telling people to expect a single rev: line if they are looking at a revocation certificate.

thanks for looking into this so quickly. where is your patch? i don't see it on the master branch yet.

That will be a bit of work. We can't list a standalone key yet because the the key listing code expects a public or secret key as first packet. Further it would be advisable to insert a dummy "pub" key record before the "rev" record because the advise as always been to use "pub" or "sec" as start of a key keyblock.

ee1fc420fb9741b2cfaea6fa820a00be2923f514 contains a proposed fix for this.

Thanks for reporting and your patch. However, I used a different way to solve this bug.

see e051c279216ecd4ec9a48e13ccc695f5ab667b2a

I note that --import-options show-only --import has the same effect as --show-keys -- that is, the revocation cert is imported. so the error is in the import-options code itself. I'll push a fix-T4017 branch shortly with a proposed correction.

Yes, closing.

I'm having the same issue. I read somewhere that it's likely caused by using an online Windows account to login with. So I converted to local log in. Issue persists. As a test, I've just set up a VM with a local account set up at install, and GPG4Win works perfectly fine. So I'm guessing that there may be an issue which stays in the files system caused by online account users. I'm not a programmer and have no idea how or where to look to see what's causing it and how to fix it though.

So we had two releases with the fist. Can we set this bug to resolved?

fwiw, i agree that if there's any security vulnerability here, it is in the verification side, not the creation side.

Unfortunately 2.2.8 does not build with older libgpg-error versions. Commit rG18274db32b5dea7fe8db67043a787578c975de4d should fix this.

2.2.8. with a fix has been released. Announcement

Yep. ?

[Better use the gnupg tag. Specific versions end up on the workboard and there may only be one.]

@dkg can you please take this up with Debian and other distros? See the commit for a brief description.

Fixed in 1.4, 2.2 and master. New releases will be done soon. Note that there is no need for a new gpg4win release because GPGME is not affected.

Okay. Thanks for looking into this.

In the meantime, I upgraded my Fedora installation so I won't be able to reproduce in the same circumstances. I suggest we close the issue for now. I will reopen if I manage to reproduce.

I tried this with the current 2.2 branch and master and was not able to replicate it. The stubs are all deleted as expected. I also checked the commit log since 2.2.6 and didn't found anything which indicated that such a bug was fixed.

See rG26bce2f01d2029ea2b8a8dbbe36118e3c83c5cba for a description of the problem and its fix.
Thanks for reporting.

Hi Werner,
The issue is the following:
I have 2 certificates in the trusted-certificates folder that is searched by gpgsm (C:\ProgramData\Gnu\etc\gnupg\trusted-certs) which I want to trust. When dirmngr starts, it reads the Windows trusted certifcate store (certlm.msc for both system and user - I don't know the path / location of the windows certificates folder outside certlm) and builds the list of certificates to use. Once this list is read and if any duplicates are found in the trusted-certificate folder, it ignores them - they are already present.

Thanks. I added all standard names to that list.

I do not fully understand your problem. Can you please explain it with an example and also state the full file names of the mentioned folders?

Better?

Here is a sequence of operations/commands that permits to setup or update KDF-DO and align PIN codes accordingly:

Please add

Please dee the commit for a description of this fix.

I don't think this is an error in Debian. Debian Squeeze is packed with libgpg-error 1.26 in the latest stable release [1].
According to the list of changes, gpgrt.h is addes as an alias for gpg-error.h in 1.27 [2].
I think a quick (and correct) fix is to increase the NEED_GPG_ERROR_VERSION in configure.ac to at least 1.27 [3], so the build will fail nicely in the configure-step with a correct error.

Yeah, that's not good enough. You also need to check if literals_seen is 0 before BEGIN_DECRYPTION to catch the case where the plaintext packet comes before the encrypted packet. See https://github.com/das-labor/neopg/commit/30623bcd436a35125f21fe6f29272a5fa7212d3f

Thanks. Yes, I think that's it. Here's a video just in case.

Ok You could notice it because if the year changes there was no "blue" selected date in the current page.

Had a bit trouble reproducing it. It worked for me.

I've noticed during testing that GpgOL would not send valid PGP/Inline signed only messages and also failed to verify such messages itself when special characters were in the mix.

Thanks for your report, but as JJworx already said this is sadly one of the known issues to which we don't yet have a good idea how to fix it. In T3459 there is an animation what is meant by "unselecting" the mails.

In addition GnuPG master and 2.2.8 now always create MDC messages (except with option --rfc2440) and always fail for messages without an MDC. For old algorithms a hint is printed:

gpg: WARNING: message was not integrity protected
gpg: Hint: If this message was created before the year 2003 it is
     likely that this message is legitimate.  This is because back
     then integrity protection was not widely used.
gpg: Use the option '--ignore-mdc-error' to decrypt anyway.
gpg: decryption forced to fail!

I need to revise my statement (partly because fixing gpgme would be quite complicated). Marcus is right in that using the the literals_seen counter is the straightforward way to get this right. And it will fix it also for non-GPGME applications.

[We do things in the public unless explicitly requested by a bug reporter writing to security.]

I have changed visibility of the bug, as I think you can do a lot more with this than Marcus imagined.

Do you have a need for doing a new release immediately?

The set of information returned by gpg is too large to be mapped on an exit code. Thus we have status codes and the gpgv tool.

The impact is low to our current understanding, that's why I didn't report it as a security vulnerability. I tried to use this for signatures, but GnuPG has more verification for signatures, so it doesn't work there as far as I can see. So that's good.
If you allow for a BADMDC, you can easily downgrade the content of an encrypted data packet from, for example, compressed to private packet type, and then you don't even need the public key, just an encrypted message. The MDC will notice this, and since Efail the clients should have strict MDC checking, so I didn't include that variation in my report.
By the way, there are other clients I didn't test which are probably affected, such as kmail, claws, gpgtools.
I only have Outlook 2007 and no funds to buy software I don't use, as I am unemployed and using up my savings. So, next time I won't be able to do the testing, sorry!

Can you help me understand what the impact of this is? AFAIK Back in 2007 the problem was that it could be faked that data looked like it was signed.

Oh dear, adding new keywords which have not been reserved in the past was a bad idea by C11. This will eventually require fixes at lot of places because the noreturn attribute is widely used ( other common headers may include the noreturn header as well).

The primary function of those other tools is not securely encrypting data. If the message is too large to keep in memory at once, then there is indeed no choice to process it as a stream, but users should be aware of this. Perhaps a flag can be used, along the lines of --stream-without-verification? The man page could explain: "GPG computes an MDC over the whole message, so it can only check at the end whether the message was tampered with. This flag can be used to stream the output, so that the entire message does not have to be kept in memory. You must check the exit status to verify that decryption was successful and that the message was not tampered with, because with this flag, the data returned by GPG may be incorrect or even malicious. If the exit status is zero, then the MDC is correct and the message was not tampered with."

This looks similar to the "multiple plaintext" issue that we had in Feb. / March 2007.

Maybe the off_t mess comes from following line

I would also recommend that GPGME does a sanity check on the status fd output for people with new GPGME but old GnuPG binary.

Sadly deselecting a mail doesn't help always. Most of the time I cannot move the mails even then. So the only reliable workaround is to deactivate the Addin - what cannot be the goal, at least it is not mine ;-).

This is well-known and can't be changed without a lot of hassle. There is a work-around:

• Deselect the mail by selecting another mail.
• Drag-n-drop the mail to be moved.

The gpgme c api already had a convenience function gpgme_data_rewind to do data.seek (0, SEEK_SET); As this is by far the most common seek operation. KMymoney also only uses such seeks.

Sorry. gpg is a real software and not some memory hog. real software runs under Unix and complies with the Unix rules, where one of them is to allow the use in a pipeline. All standard Unix tools have this feature and you need to check the error code ("set -e" in the simplest case). It is not different from gzip, tar, curl, rsync, ...

In T3996#114721, @aheinecke wrote:

Uhm, yeah I would be willing to help. But I tried to understand it and don't see the problem.

So what the error tells us is that "off_t" is defined as long in the declaration but as something else in the definition.

But how can that be? data.cpp includes the data.h header so they both should have the same definition of off_t.

The only thing I could imagine is that something which is included in the cpp but not in the header undef's off_t and defines it to something else.

Or more likely that the archive was compiled with a different definition of off_t then what is included in the headers when kmymoney is built.

Are you using the same mingw version as the buildchain which compiles the gpgme binary?

Uhm, yeah I would be willing to help. But I tried to understand it and don't see the problem.

You are not cross-compiling. This is not suggested and I don't have the environment to replicate this. Maybe @aheinecke can help.

Thanks, that allowed npth to make successfully without the unsatisfied symbols.