- --import-options restore
- Implies
- import-local-sigs
- keep-ownertrust
- Turns off
- import-minimal
- import-clean
- repair-pks-subkey-bug
- merge-only
- Implies
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Jun 6 2019
- --export-options backup
- Implies
- export-local-sigs
- export-attributes
- export-sensitive-revkeys
- Turns off
- export-clean
- export-minimal
- export-pka
- export-dane
- Causes build_packet_and_meta() to be used instead of build_packet()
- This variant also writes the meta data using ring trust packets.
- a8895c99a7d0
- Ring trust packets are implementation defined and have always been used in gpg to cache the signature verification status.
- Ring trust packets are only exported with the export option "backup" and only imported with the import option "restore".
- As a side-effect of this patch the signature status cache works again and "gpg --check-sigs" is thus much faster.
- RFC 4880 § 5.10
- doc/DETAILS
- a8895c99a7d0
- This variant also writes the meta data using ring trust packets.
- Implies
Here are the patches without any new commands:
New commands can't be introduced.
New commands can't be introduced.
@werner Only patches 2 and 3 introduce new commands. What do you think about the other changes?
Fixed in master.
Jun 5 2019
Something(tm) closes an arbitrary file descriptor behind our back. Not easy to track down because strace can not trace only threads - it always wants to trace all children as well - which is a bit too much and leads to other problems.
In case I not already mentioned it: There won't be any new commands to delete a key. Of course you are free to change GnuPG as you like but I won't apply them here.
The openssl version is a 64-bit counter (at least for ppc8), not 32-bit.
Log loops with:
I have a hang now when keylisting in Kleo with GPGME_DEBUG=9:
ECB is not bulk optimized in libgcrypt. I've send patches to add this in past but this was rejected on grounds that ECB is insecure and should not be used.
any feedback on this proposed patch?
Jun 4 2019
Benchmarks with the block ciphers is here https://dev.gnupg.org/D493
include missing file.
added CTR mode support
I did forget to mention that the key I'm using is 4096 bit long
I was creating a tar archive with 7-Zip on my Windows 10 machine. After the creating was completed I was encrypting the archive like so:
Just to clarify, you were able to decrypt and extract it without error? Which tool did you use to extract the tar archive?
The change in message class did not help.
The solution conflicts the the fix suggested and implemented for T4330.
Fixed similar to the suggestion but NaN and INF are detected earlier.
Works for me
With the current GPGME master and the forthcoming T4551 release this has been fixed.
I did encrypt the file myself with the version mentioned above.
I see the regression of gpgconf. I wonder if it's better to fix gpgconf side, too.
I see a regression with your fix. This option is even controllable with gpgconf at the basic level. It would be better to make it a dummy option.
Fixed in master. Closing.
Fixed in master (to be 2.3).
I tried to apply&push, since we changed the file a bit, I needed to apply it manually.
Anyway, it's done.
Closing.
I meant, 'card-timeout' was not intended for controlling caching PIN on card. It was for "DISCONNECT" command support.
I'm going to remove questionable documentation.
Closing.
No worries -- you led me in the direction of a solution when you mentioned loopback mode. I appreciate your time and your help!
While it's not recommended, current master has a support of sharing same raw key materials. I think that it now works (I don't try, though).
Closing.