The behaviour related to ssh key access is due to the way ssh works: After a connection has been established to a server ssh presents to to the server all identities (public keys) it has access to (meaning it has a corresponding private key). Thus we can't tell ssh all the keys we have because that would be an information leak and may also take too long. Because the user may in some cases not want to use the ssh-agent but resort to ssh command line input of the passphrase, we do not insist on using a key known by gpg-agent.

May 21 2019, 9:13 AM · Feature Request, Documentation, gpgagent

• werner closed T4273: agent: Request insertion of smartcard when no card present, a subtask of T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)), as Resolved.

May 21 2019, 9:13 AM · Restricted Project, Feature Request, gnupg

• gniibe claimed T4454: scdaemon is not working in cygwin (64bit).

For future, it would make sense applying your patch, but I wonder if it works on macOS.
Let me check.

May 21 2019, 9:11 AM · patch, scd, Cygwin, Bug Report

• gniibe committed rG479f7bf31ce4: agent: For SSH key, don't put NUL-byte at the end. (authored by • gniibe).

agent: For SSH key, don't put NUL-byte at the end.

May 21 2019, 8:54 AM

• gniibe claimed T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte.

I located the bug in agent/command-ssh.c.
Our practice is two calls of gcry_sexp_sprint; One to determine the length including last NUL byte, and another to actually fills the buffer.
The first call return +1 for NUL byte.
The second call fills NUL at the end, but returns +0 length (length sans last NUL).

May 21 2019, 8:48 AM · gpgagent, ssh

• werner added a parent task for T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested): T4509: Release GnuPG 2.2.16.

May 21 2019, 7:55 AM · patch, Bug Report, gnupg

• werner added a subtask for T4509: Release GnuPG 2.2.16: T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

May 21 2019, 7:55 AM · Release Info, gnupg (gpg22)

• werner claimed T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

May 21 2019, 7:55 AM · patch, Bug Report, gnupg

• werner added subtasks for T4531: PowerPC performance improvements: T4530: libgcrypt: POWER SHA-2 Vector Acceleration, T4529: libgcrypt: POWER AES Vector Acceleration.

May 21 2019, 7:54 AM

• werner added a parent task for T4529: libgcrypt: POWER AES Vector Acceleration: T4531: PowerPC performance improvements.

May 21 2019, 7:54 AM · libgcrypt, Feature Request

• werner added a parent task for T4530: libgcrypt: POWER SHA-2 Vector Acceleration: T4531: PowerPC performance improvements.

May 21 2019, 7:54 AM · libgcrypt, Feature Request

• werner created T4531: PowerPC performance improvements.

May 21 2019, 7:54 AM

• werner renamed T4530: libgcrypt: POWER SHA-2 Vector Acceleration from [$] libgcrypt: POWER SHA-2 Vector Acceleration to libgcrypt: POWER SHA-2 Vector Acceleration.

May 21 2019, 7:52 AM · libgcrypt, Feature Request

• werner triaged T4529: libgcrypt: POWER AES Vector Acceleration as Normal priority.

Perl would be okay for maintainer mode but not for regular builds. The reason is that perl is already used by autotools but a build shall still be possible w/o perl.

May 21 2019, 7:51 AM · libgcrypt, Feature Request

Laurent Montel <montel@kde.org> committed rLIBKLEO1d738b16816a: GIT_SILENT: Prepare 5.11.2 (authored by Laurent Montel <montel@kde.org>).

GIT_SILENT: Prepare 5.11.2

May 21 2019, 7:48 AM

• werner renamed T4529: libgcrypt: POWER AES Vector Acceleration from [$] libgcrypt: POWER AES Vector Acceleration to libgcrypt: POWER AES Vector Acceleration.

May 21 2019, 7:47 AM · libgcrypt, Feature Request

• werner triaged T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache as Low priority.

May 21 2019, 7:45 AM · Feature Request, gpgagent

Laurent Montel <montel@kde.org> committed rKLEOPATRA075a7808c318: GIT_SILENT: Prepare 5.11.2 (authored by Laurent Montel <montel@kde.org>).

GIT_SILENT: Prepare 5.11.2

May 21 2019, 7:19 AM

ctubbsii added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

I spent a lot of time trying to figure out how to automate the interface between my preferred password store (gnome-keyring, via libsecret), but with the loopback pinentry mode changes in gpg 2.1, it is much harder (if not impossible) to do. Having passphrase caching is the only thing preventing me from choosing a weaker passphrase on my gpg keyring.

May 21 2019, 2:03 AM · Feature Request, gpgagent

ctubbsii added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

Disallowing passphrase caching is likely to have the unintended consequence of users choosing weaker passphrases that are more easily memorized and/or typed. Caching should be permitted, IMO. This puts more decisions about passphrase management into the control of the user.

May 21 2019, 1:38 AM · Feature Request, gpgagent

May 20 2019

slandden added a comment to T4529: libgcrypt: POWER AES Vector Acceleration.

I'm looking into doing a pretty epic hack of using the switch_endian syscall to speed this up.

May 20 2019, 11:52 PM · libgcrypt, Feature Request

dkg added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

And yet, that interface is already being used by the agent-transfer utility in monkeysphere. The interface exists, it is not marked in any way as unusable or deprecated or off-limits, so it is used.

May 20 2019, 11:38 PM · Feature Request, gpgagent

dkg committed rGbf2724880fe5: gpg-agent: add new CACHE_MODE_EXPORT (authored by dkg).

gpg-agent: add new CACHE_MODE_EXPORT

May 20 2019, 11:38 PM

dkg committed rG6915baf507e3: gpg-agent: add new CACHE_MODE_EXPORT (authored by dkg).

gpg-agent: add new CACHE_MODE_EXPORT

May 20 2019, 11:38 PM

gcwilson added a comment to T4529: libgcrypt: POWER AES Vector Acceleration.

I don't know. That would make it a relatively easy transplant. We've also used the Cryptogams code as a reference for Golang enhancements, if that helps. I'd welcome guidance on the matter from a maintainer.

May 20 2019, 9:46 PM · libgcrypt, Feature Request

slandden added a comment to T4529: libgcrypt: POWER AES Vector Acceleration.

Would the maintainers accept having perl in the repository? Linux does it.[1]

May 20 2019, 8:35 PM · libgcrypt, Feature Request

gcwilson created T4530: libgcrypt: POWER SHA-2 Vector Acceleration.

May 20 2019, 7:04 PM · libgcrypt, Feature Request

gcwilson created T4529: libgcrypt: POWER AES Vector Acceleration.

May 20 2019, 7:01 PM · libgcrypt, Feature Request

• aheinecke committed rO66d0c18df541: Change S/MIME Message Class handling (authored by • aheinecke).

Change S/MIME Message Class handling

May 20 2019, 2:36 PM

• aheinecke committed rOaaab728aacaa: Handle multipe valid secret keys better (authored by • aheinecke).

Handle multipe valid secret keys better

May 20 2019, 2:36 PM

• aheinecke committed rO90b6ab974a6d: Fix dangerous memdbg pattern (authored by • aheinecke).

Fix dangerous memdbg pattern

May 20 2019, 2:36 PM

• aheinecke committed rO18ff2b0774da: Use similar S/MIME icons as Outlook (authored by • aheinecke).

Use similar S/MIME icons as Outlook

May 20 2019, 2:36 PM

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling.

May 20 2019, 2:20 PM · Release Info

• aheinecke added a subtask for T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:20 PM · gpg4win, gpgol

• aheinecke added a subtask for T4528: GpgOL: When forwarding a mail send might need to be pressed twice: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:20 PM · gpg4win, Bug Report, gpgol

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4528: GpgOL: When forwarding a mail send might need to be pressed twice.

May 20 2019, 2:20 PM · Release Info

• aheinecke created T4528: GpgOL: When forwarding a mail send might need to be pressed twice.

May 20 2019, 2:20 PM · gpg4win, Bug Report, gpgol

• aheinecke added a subtask for T4318: GpgOl: Unable to save an encrypted message to disk [gpg4win 3.1.5]: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:18 PM · gpg4win, gpgol

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4318: GpgOl: Unable to save an encrypted message to disk [gpg4win 3.1.5].

May 20 2019, 2:18 PM · Release Info

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4527: Kleopatra, GPG: Display reason if a certificate is not compliant to a compliance level.

May 20 2019, 2:14 PM · Release Info

• aheinecke added a subtask for T4527: Kleopatra, GPG: Display reason if a certificate is not compliant to a compliance level: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:14 PM · Feature Request, kleopatra

• aheinecke created T4527: Kleopatra, GPG: Display reason if a certificate is not compliant to a compliance level.

May 20 2019, 2:13 PM · Feature Request, kleopatra

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4526: GpgOL: Forwarding a mail with attachment as crypto mail removes attachment.

May 20 2019, 2:11 PM · Release Info

• aheinecke added a subtask for T4526: GpgOL: Forwarding a mail with attachment as crypto mail removes attachment: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:11 PM · Bug Report, gpgol, gpg4win

• aheinecke created T4526: GpgOL: Forwarding a mail with attachment as crypto mail removes attachment.

May 20 2019, 2:11 PM · Bug Report, gpgol, gpg4win

• aheinecke closed T3418: Problems plugin Outlook 2010 as Resolved.

Closing this as the moving problem was fixed.

May 20 2019, 2:09 PM · gpgol, Bug Report

• aheinecke added a subtask for T2867: When inline response is active for crypto mail closing outlook shows the save dialog: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:07 PM · Bug Report, gpgol

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T2867: When inline response is active for crypto mail closing outlook shows the save dialog.

May 20 2019, 2:07 PM · Release Info

• aheinecke updated the task description for T2867: When inline response is active for crypto mail closing outlook shows the save dialog.

May 20 2019, 2:06 PM · Bug Report, gpgol

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4525: GpgOL: Error when moving opened S/MIME Mails with attachments on Exchange.

May 20 2019, 2:05 PM · Release Info

• aheinecke added a subtask for T4525: GpgOL: Error when moving opened S/MIME Mails with attachments on Exchange: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:05 PM · g10code, gpg4win, Bug Report, gpgol

• aheinecke created T4525: GpgOL: Error when moving opened S/MIME Mails with attachments on Exchange.

May 20 2019, 2:05 PM · g10code, gpg4win, Bug Report, gpgol

• aheinecke added a subtask for T4524: Kleopatra: CRL check configuration available multiple times and out of sync: T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 2:03 PM · Restricted Project, Bug Report, gpg4win, kleopatra

• aheinecke added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4524: Kleopatra: CRL check configuration available multiple times and out of sync.

May 20 2019, 2:03 PM · Release Info

• aheinecke created T4524: Kleopatra: CRL check configuration available multiple times and out of sync.

May 20 2019, 2:02 PM · Restricted Project, Bug Report, gpg4win, kleopatra

• aheinecke created T4523: Gpg4win: Multiple problems reported 05-2019.

May 20 2019, 1:58 PM · Release Info

• werner committed rG110a4550179f: gpg: Do not delete any keys if --dry-run is passed. (authored by • werner).

gpg: Do not delete any keys if --dry-run is passed.

May 20 2019, 12:57 PM

• werner committed rG5c46c5f74540: gpg: Do not delete any keys if --dry-run is passed. (authored by • werner).

gpg: Do not delete any keys if --dry-run is passed.

May 20 2019, 12:57 PM

• werner triaged T4521: gpg-agent behavior on SIGTERM differs from KILLAGENT handling as Normal priority.

May 20 2019, 9:30 AM · Bug Report, gpgagent

• werner added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

That is on purpose. Exporting of a secret key should in theory not be possible at all via gpg. In practice we need a way to export a key, but that should be the exception and thus we do not want any caches for passphrases to have an effect.

May 20 2019, 9:29 AM · Feature Request, gpgagent

l10n daemon script <scripty@kde.org> committed rKLEOPATRAf6458e26e5c5: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).

GIT_SILENT made messages (after extraction)

May 20 2019, 7:43 AM

dkg added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

trigger what command? i'm pretty sure gpgconf --reload gpg-agent does not trigger updatestartuptty. And it should not do so, afaict -- if you think it should, i'd be interested in hearing the rationale for it.

May 20 2019, 5:28 AM · Debian, gpgagent, Bug Report

l10n daemon script <scripty@kde.org> committed rKLEOPATRAab503622d4f9: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).

GIT_SILENT made messages (after extraction)

May 20 2019, 3:37 AM

• gniibe added a comment to T4301: Handling multiple subkeys on two SmartCards.

When having a backup media, I'd recommend completely different one (for example, on paper using paperkey to be stored in a locker in basement), which requires different method for recovering. Brains may be easily confused when same private key material exists in multiple similar devices.

May 20 2019, 2:12 AM · Restricted Project, gnupg, scd, Bug Report

ageis added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

Does gpgconf --reload gpg-agent trigger that command? that's the ExecReload setting in the systemd service unit I'm looking at.

May 20 2019, 1:05 AM · Debian, gpgagent, Bug Report

ageis added a comment to T4301: Handling multiple subkeys on two SmartCards.

Thanks for this @gniibe. I have long been frustrated by trying to save the correct "stubs" to have my keyring point at two different smartcards. It was common and even advocated in my former community to place one's master key on a separate smartcard (certify capability), with a different one designated for daily usage.

May 20 2019, 1:03 AM · Restricted Project, gnupg, scd, Bug Report

vsrinu26f added a comment to T4301: Handling multiple subkeys on two SmartCards.

Thanks Gniibe San for explanation.

May 20 2019, 12:55 AM · Restricted Project, gnupg, scd, Bug Report

May 19 2019

dkg created T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

May 19 2019, 10:43 PM · Feature Request, gpgagent

dkg created T4521: gpg-agent behavior on SIGTERM differs from KILLAGENT handling.

May 19 2019, 9:17 PM · Bug Report, gpgagent

dkg added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

This doesn't sound systemd-specific to me, fwiw, though i don't understand how to reproduce the problem from the given description here.

May 19 2019, 9:05 PM · Debian, gpgagent, Bug Report

jukivili committed rCc6ffa216976d: cipher/Makefile.am: add '-fcoverage-*' to instrumentation munging (authored by jukivili).

cipher/Makefile.am: add '-fcoverage-*' to instrumentation munging

May 19 2019, 1:41 PM

May 18 2019

• werner added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

FWIW, I disabled @aa7356 because he again started to troll.

May 18 2019, 10:59 PM · gnupg24, gnupg (gpg23), Feature Request

• aa7356 added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

Snap question regards to the clock;

May 18 2019, 6:53 PM · gnupg24, gnupg (gpg23), Feature Request

May 17 2019

• werner triaged T4108: Support for verifying OpenPGP standalone and timestamp signatures as Normal priority.

May 17 2019, 6:48 PM · gnupg24, gnupg (gpg23), Feature Request

• werner triaged T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header as Normal priority.

May 17 2019, 6:47 PM · Keyserver, dns, dirmngr, Bug Report

• werner triaged T4304: gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0) failed: General error as Normal priority.

May 17 2019, 6:47 PM · Legacy OS, Fedora, libgcrypt, Bug Report

• werner triaged T4472: Documentation about pushing keys to LDAP is incomplete as Normal priority.

May 17 2019, 6:46 PM · Documentation, LDAP, Bug Report

• werner closed T4475: Gemalto IDBridge CT710 && Pinentry as Invalid.

Sorry, I can't parse that. For development question please use gnupg-devel at gnupg.org.

May 17 2019, 1:49 PM · Feature Request

• werner closed T4500: Option --use-embedded-filename does not work as expect as Resolved.

Fix will go into 2.2.16 to be release this month.

May 17 2019, 1:45 PM · gnupg (gpg22), Bug Report

• werner closed T4500: Option --use-embedded-filename does not work as expect, a subtask of T4509: Release GnuPG 2.2.16, as Resolved.

May 17 2019, 1:45 PM · Release Info, gnupg (gpg22)

• werner committed rG1702179d91b7: gpg: Fix using --decrypt along with --use-embedded-filename. (authored by • werner).

gpg: Fix using --decrypt along with --use-embedded-filename.

May 17 2019, 1:44 PM

• werner added a parent task for T4500: Option --use-embedded-filename does not work as expect: T4509: Release GnuPG 2.2.16.

May 17 2019, 1:44 PM · gnupg (gpg22), Bug Report

• werner added a subtask for T4509: Release GnuPG 2.2.16: T4500: Option --use-embedded-filename does not work as expect.

May 17 2019, 1:44 PM · Release Info, gnupg (gpg22)

• werner committed rG386bacd97416: gpg: Fix using --decrypt along with --use-embedded-filename. (authored by • werner).

gpg: Fix using --decrypt along with --use-embedded-filename.

May 17 2019, 1:42 PM

• werner triaged T4520: gpg --verify foo.asc --output foo yields a warning when everything is good as Normal priority.

At the time the verification is done some output has already been written to the file 'signed'. When checking whether the deprecated abbreviated format

May 17 2019, 1:03 PM · OpenPGP, gnupg

• werner closed T4334: gpg "showphoto" not creating temp file on Windows 10 as Resolved.

There will be no full solution for this. However, the next release should in general work due to a 400ms delay we use after spawning the viewer. This is configurable; see rG7e5847da0f3d715cb59d05adcd9107b460b6411b.

May 17 2019, 12:52 PM · gpg4win, Windows, gnupg (gpg22), Bug Report

• werner closed T4334: gpg "showphoto" not creating temp file on Windows 10, a subtask of T4509: Release GnuPG 2.2.16, as Resolved.

May 17 2019, 12:52 PM · Release Info, gnupg (gpg22)

• werner committed rG7e5847da0f3d: gpg: Improve the photo image viewer selection. (authored by • werner).

gpg: Improve the photo image viewer selection.

May 17 2019, 12:48 PM

• werner committed rGcd5f040a5389: gpg: Improve the photo image viewer selection. (authored by • werner).

gpg: Improve the photo image viewer selection.

May 17 2019, 12:47 PM

• aheinecke claimed T4518: Kleopatra: Changes log-file tcp://IPADDR to tcp:\\IPADDR.

I guess you are the only person who does it. But yeah. I agree that it should be fixed.

May 17 2019, 12:44 PM · Restricted Project, Windows, kleopatra

• aheinecke added a comment to T4511: dirmngr error logs claim that HTTP GET requests are percent-escaped, but they are not.

I agree with @dkg here.

May 17 2019, 12:42 PM · Bug Report, dirmngr

• werner closed T4519: file decryption not happening with passphrase from webmethods as Invalid.

I can't see any bug here so I will close this bug now.

May 17 2019, 8:34 AM · gnupg, Not A Bug

• gniibe lowered the priority of T4301: Handling multiple subkeys on two SmartCards from Normal to Low.

@blades: This feature will be available in GnuPG 2.3, which is planed to be released this year.
For Debian, Buster will come with GnuPG 2.2.12. After release of GnuPG 2.3, backport might be available (like GnuPG 2.2.x is available as backport for Stretch).

May 17 2019, 2:00 AM · Restricted Project, gnupg, scd, Bug Report

All StoriesUse ResultsEdit QueryHide Query

May 21 2019

May 20 2019

May 19 2019

May 18 2019

May 17 2019

All Stories
Use Results
Edit Query
Hide Query