Page MenuHome GnuPG
Feed Advanced Search

Jun 30 2020

werner committed rG58b091df831f: scd: Change how the removed card flag is set. (authored by werner).
scd: Change how the removed card flag is set.
Jun 30 2020, 2:42 PM

Jun 29 2020

werner renamed T4982: [PATCH] qt libraries should be linked with -fPIC instead of -fpic from [PATCH] qt libraries should be linked with -fPIC instead of -fPIC to [PATCH] qt libraries should be linked with -fPIC instead of -fpic.
Jun 29 2020, 7:53 PM · Debian, gpgme
werner committed rG4f1c257c0366: sm: Fix regression in Friday's commit (authored by werner).
sm: Fix regression in Friday's commit
Jun 29 2020, 3:06 PM
werner committed rG9b6f57492854: scd: Shorten cardio debug output for all zeroes. (authored by werner).
scd: Shorten cardio debug output for all zeroes.
Jun 29 2020, 3:06 PM
werner added projects to T4981: internationalization (support UNICODE/UTF-8 character set): FreeBSD, i18n.
Jun 29 2020, 1:27 PM · i18n, FreeBSD, Feature Request
werner added a comment to T4981: internationalization (support UNICODE/UTF-8 character set).

My FreeBSD box is currently not up, so I can't test right now. You may want to look into gnupg/common/utf8conv.c and there set_native_charset(). For historical reasons we start off with latin-1 but then swicth to the selected charset and intialize iconv accordingly. In the case of an error we sometimes fallback to utf-8. You may want to add some debug code (log_debug ("foo bar string=%s\n", some_string);)

Jun 29 2020, 1:25 PM · i18n, FreeBSD, Feature Request
werner added projects to T4967: Right Click for encryption on file doesn't work : gpg4win, gpgex.
Jun 29 2020, 9:25 AM · gpgex, gpg4win, Bug Report

Jun 28 2020

werner added a comment to T4981: internationalization (support UNICODE/UTF-8 character set).

OpenPGP specifies the use of UTF-8 for all meta data (ie. everything except for the signed/encrypted data). GnuPG has always supported this. I don't known on which OS you are but some don't have UTF-8 support on the command line or tty so you need to tweak your environment first.

Jun 28 2020, 4:30 PM · i18n, FreeBSD, Feature Request
werner closed T4980: Libgpg-Error compilation fails if grep_options are enabled as Wontfix.
Jun 28 2020, 4:17 PM · toolchain, MacOS, Bug Report
werner added a comment to T4980: Libgpg-Error compilation fails if grep_options are enabled.

I don't know about macOS but the commonly used GNU tools state:

Jun 28 2020, 4:15 PM · toolchain, MacOS, Bug Report

Jun 26 2020

werner committed rE3413489d2557: estream: Add gpgrt_fcancel (authored by werner).
estream: Add gpgrt_fcancel
Jun 26 2020, 4:25 PM
werner committed rGad6bf5d67f58: sm: Print the serial number of a cert also in decimal. (authored by werner).
sm: Print the serial number of a cert also in decimal.
Jun 26 2020, 3:28 PM
werner committed rGccbb0cfeefed: sm: Try not to output a partial new message after an error. (authored by werner).
sm: Try not to output a partial new message after an error.
Jun 26 2020, 3:26 PM
werner committed rG208a90197317: sm: Print the serial number of a cert also in decimal. (authored by werner).
sm: Print the serial number of a cert also in decimal.
Jun 26 2020, 1:01 PM

Jun 25 2020

werner committed rG28c069db3bb5: card: Add password change menu for NKS cards. (authored by werner).
card: Add password change menu for NKS cards.
Jun 25 2020, 11:28 AM
werner committed rG2429e8559844: scd:nks: Fix remaining tries warning in --reset mode. (authored by werner).
scd:nks: Fix remaining tries warning in --reset mode.
Jun 25 2020, 11:28 AM
werner committed rG17a25c14f1ed: sm: Fix support verification of nistp521 signatures. (authored by werner).
sm: Fix support verification of nistp521 signatures.
Jun 25 2020, 9:50 AM

Jun 24 2020

werner added a comment to T4980: Libgpg-Error compilation fails if grep_options are enabled.

What do you mean by grep_options?

Jun 24 2020, 10:04 PM · toolchain, MacOS, Bug Report
werner committed rG2d8f060679ba: gpgconf: Fix regression in --launch and --kill from March (authored by werner).
gpgconf: Fix regression in --launch and --kill from March
Jun 24 2020, 12:45 PM
werner committed rGf541e1d95a91: agent: separate out daemon handling infrastructure for reuse (authored by James Bottomley <James.Bottomley@HansenPartnership.com>).
agent: separate out daemon handling infrastructure for reuse
Jun 24 2020, 12:45 PM
werner committed rG0e3b2955aee2: agent: expose shadow key type (authored by James Bottomley via Gnupg-devel <gnupg-devel@gnupg.org>).
agent: expose shadow key type
Jun 24 2020, 10:13 AM
werner added a comment to T4979: enable-ssh-support in windows is broken..

estream_t does not necessary work with stdio or posix calls; that is an implementation detail. For example if you use the mode flag "nonblock" Read/WriteFile are used on Windows.

Jun 24 2020, 10:02 AM · ssh, Duplicate, Bug Report

Jun 22 2020

werner added a comment to T4978: On Windows 10, gpg-connect-agent needs 2 trials to launch gpg-agent.

You may start the gpg-agent by hand:

Jun 22 2020, 10:19 PM · Bug Report
werner added a comment to T4977: dirmngr not working with linux kernel parameter ipv6.disable=1.

The problem is that I have not yet found a _portable_ way to detect proper working v6 or v4 networking without doing a test connection. For privacy reasons we don't want to do that.

Jun 22 2020, 3:32 PM · Restricted Project, gnupg (gpg22), dirmngr, Bug Report
werner added projects to T4977: dirmngr not working with linux kernel parameter ipv6.disable=1: dirmngr, gnupg (gpg22).
Jun 22 2020, 3:20 PM · Restricted Project, gnupg (gpg22), dirmngr, Bug Report
werner added a comment to T4978: On Windows 10, gpg-connect-agent needs 2 trials to launch gpg-agent.

The 5 second timeout is to give the agent time to get ready and accept connections. I can't say with this infor why it takes longer at your site. Can you please try without putty support?

Jun 22 2020, 3:18 PM · Bug Report

Jun 18 2020

werner closed T4976: Revocation Date after importing a Rev-Cert as Resolved.
Jun 18 2020, 10:33 AM · gnupg, Not A Bug
werner added a comment to T4976: Revocation Date after importing a Rev-Cert.

That is unfortunately not possible because there is no fixed link between the key and the rev cert. Instead they are linked via cryptographic signatures. The pre-generated rev certs are a fail stop measure in the case that the user lost access to the private key and can't create a revocation with a concrete reasons etc.

Jun 18 2020, 10:32 AM · gnupg, Not A Bug

Jun 17 2020

werner committed rGd1e1c622d55e: agent: Fix regression in 'd' fixup code for shadowed keys. (authored by werner).
agent: Fix regression in 'd' fixup code for shadowed keys.
Jun 17 2020, 3:09 PM
werner committed rG596212e71abf: sm: Support verification of nistp521 signatures. (authored by werner).
sm: Support verification of nistp521 signatures.
Jun 17 2020, 3:02 PM
werner committed rK486fb0257d08: Support TR-03111 plain format ECDSA signature verification. (authored by werner).
Support TR-03111 plain format ECDSA signature verification.
Jun 17 2020, 2:22 PM

Jun 13 2020

werner triaged T4974: timeout for pinentry too short for key-generation, losing previous entries as Wishlist priority.

5 or 10 minutes are not reasonable in this case. Users are expected to attend the key generation. Your idea of having a countdown after, say 30 seconds, makes sense and should be easy to implement in the pinentries.

Jun 13 2020, 3:05 PM · pinentry
werner triaged T4975: undefined-shift in block_filter as Normal priority.

Thanks for explaining; this may indeed lead to a followup processing error of correct data. However, I don't expect to ever see a fixed length header of 2GiB or more because the sender would have had to buffer all that data in the first place.

Jun 13 2020, 3:02 PM · gnupg (gpg22), Bug Report

Jun 12 2020

werner added a comment to T4975: undefined-shift in block_filter.

Please describe the problem and don't just paste compiler output.

Jun 12 2020, 11:05 PM · gnupg (gpg22), Bug Report

Jun 10 2020

werner assigned T4973: Cross build problem with v1.38 to gniibe.

Thanks for the report. It would be helpful if you can tell us your environment; in particular your build and target(host ) system.

Jun 10 2020, 10:05 AM · Restricted Project, gpgrt

Jun 9 2020

werner changed the status of T4735: Please provide an option to make --verify accept only signatures from specific trusted UID from Open to Testing.
Jun 9 2020, 6:31 PM · gnupg (gpg23), Feature Request
werner added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

Shall we backport this to 2.2 which is our LTS release?

Jun 9 2020, 6:31 PM · gnupg (gpg23), Feature Request
werner committed rGeeb599c9e261: gpg: Fix for new SOS changes when used with Libgcrypt < 1.8.6. (authored by werner).
gpg: Fix for new SOS changes when used with Libgcrypt < 1.8.6.
Jun 9 2020, 6:17 PM
werner committed rC47e8977d24e5: mpi: Fix flags in mpi_copy for opaque MPI. (authored by gniibe).
mpi: Fix flags in mpi_copy for opaque MPI.
Jun 9 2020, 6:10 PM
werner committed rG96f1ed546800: gpg: Extend the TRUST_ status lines. (authored by werner).
gpg: Extend the TRUST_ status lines.
Jun 9 2020, 11:16 AM
werner edited projects for T4971: Pass setrepeat to pinentry for symmetric encryption, too, added: gnupg (gpg22); removed gpgagent, gnupg.

It is actually used but for whatever reason only for signed and symmetric encrypted messages.

Jun 9 2020, 10:05 AM · gnupg (gpg22)

Jun 8 2020

werner added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

With the recent change the --sender option has an effect on the selection of the User ID used for the key validity check and the TRUST_ status lines:

Jun 8 2020, 8:43 PM · gnupg (gpg23), Feature Request
werner committed rG5c2080f4670a: gpg: If possible TRUST values now depend on signer's UID or --sender. (authored by werner).
gpg: If possible TRUST values now depend on signer's UID or --sender.
Jun 8 2020, 8:14 PM
werner committed rG61bb75d045a3: build: Fix recent commit for SOURCE_DATE_EPOCH. (authored by werner).
build: Fix recent commit for SOURCE_DATE_EPOCH.
Jun 8 2020, 8:14 PM
werner closed T4970: TLS certificate expired 2020-06-06 for chat.gnupg.org jabber.gnupg.org as Invalid.

Please don't report such things; we will notice this ourselve.

Jun 8 2020, 4:05 PM
werner committed rGc1c607a51c02: doc: Minor code comment fixes. (authored by werner).
doc: Minor code comment fixes.
Jun 8 2020, 3:24 PM

Jun 5 2020

werner committed rM728ead8ebd42: core: Fix setting of the chain_model signature result. (authored by werner).
core: Fix setting of the chain_model signature result.
Jun 5 2020, 4:06 PM
werner added a project to T4506: OpenPGP Key Certification Forgeries: gnupg (gpg22).
Jun 5 2020, 3:18 PM · gnupg (gpg22)
werner added a comment to D502: ECC change for SOS.

What parts of Libgcrypt 1.9 are needed? Can we consider to backport them?

Jun 5 2020, 2:59 PM
werner added a comment to T4966: Jitter entropy RNG disable on non-x86?.

Thanks for the info. So I guess me added that restrictions to be on the safe side regarding the VS-Nfd evaluation. For 1.9 we can and should lift that.

Jun 5 2020, 12:01 PM · libgcrypt, Bug Report
werner committed rC2dd3e27fc53c: mpicalc: fix typo (authored by lumag).
mpicalc: fix typo
Jun 5 2020, 10:41 AM
werner committed rCbf38e4f28109: doc: The shortest doc dot fix ever. (authored by werner).
doc: The shortest doc dot fix ever.
Jun 5 2020, 10:41 AM

Jun 4 2020

werner triaged T4735: Please provide an option to make --verify accept only signatures from specific trusted UID as High priority.
Jun 4 2020, 12:20 PM · gnupg (gpg23), Feature Request
werner updated subscribers of T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.
Jun 4 2020, 10:48 AM · gnupg (gpg23), Feature Request
werner added a comment to T4966: Jitter entropy RNG disable on non-x86?.

AFAIK, Stephan evaluated it only for x86, let me ask him ...

Jun 4 2020, 10:18 AM · libgcrypt, Bug Report

Jun 3 2020

werner added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

We already have the option --sender which does what @mgorny requests but only in the TOFU case. I need to revisit the system to see whether we can extend it to WoT and direct key signatures.

Jun 3 2020, 5:49 PM · gnupg (gpg23), Feature Request
werner claimed T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.
Jun 3 2020, 5:45 PM · gnupg (gpg23), Feature Request
werner closed T4947: Build of documentation from tarball not deterministic as Resolved.

Done.

Jun 3 2020, 5:17 PM · gnupg, Documentation, Bug Report
werner committed rG5ade2b68db23: doc: Minor enhancement for reproducibility. (authored by werner).
doc: Minor enhancement for reproducibility.
Jun 3 2020, 5:17 PM
werner committed rG074ab108e768: doc: Minor enhancement for reproducibility. (authored by werner).
doc: Minor enhancement for reproducibility.
Jun 3 2020, 5:16 PM
werner committed rG4f6e0e12cbd3: card: Improve openpgp key writing in "writecert". (authored by werner).
card: Improve openpgp key writing in "writecert".
Jun 3 2020, 4:26 PM
werner committed rG48251cf9a7d3: gpg: Improve generation of keys stored on card (brainpool,cv25519). (authored by werner).
gpg: Improve generation of keys stored on card (brainpool,cv25519).
Jun 3 2020, 4:26 PM
werner committed rT821cd31a8727: Require a maintained version of libgcrypt. (authored by werner).
Require a maintained version of libgcrypt.
Jun 3 2020, 2:24 PM
werner added a comment to T4961: ship gpgrt.pc.

Let's wait with this until we ship a libgpgrt. I am not sure what the best way to migrate to another library name. By current idea is start with some release installing two libraries using the two names but with identical code. Some releases later we could require a configure option to install libgpg-error in addition to libgpgrt.

Jun 3 2020, 1:17 PM · Feature Request, gpgrt
werner committed rG7558128e16d7: sm: Fix recently introduced regression in CSR creation. (authored by werner).
sm: Fix recently introduced regression in CSR creation.
Jun 3 2020, 11:25 AM
werner closed T4962: ntbTLS configure dependencies as Resolved.

Thanks. I bumped it up to be in sync with GnuPG 2.2. It also does not make sense to require a Libgcrypt which has reached end-of-life; Thus we now need 1.8.

Jun 3 2020, 10:45 AM · ntbtls, Bug Report
werner committed rG4e3a7aa060f0: Prepare news for 2.2.21 (authored by werner).
Prepare news for 2.2.21
Jun 3 2020, 10:33 AM
werner committed rG381c54179c2a: common: Add missing error code GPG_ERR_WRONG_NAME. (authored by werner).
common: Add missing error code GPG_ERR_WRONG_NAME.
Jun 3 2020, 10:33 AM
werner closed T4965: GnuPG dependency of libgpg-error and GPG_ERR_WRONG_NAME as Resolved.

I bumped up the requirement to 1.25 because we also use error codes defined there. To be on the safe side with older distros I defined the missing error code instead of requiring 1.27.

Jun 3 2020, 10:33 AM · gnupg, Bug Report
werner closed T4963: Update GnuPG versions listed on https://git.gnupg.org/ as Resolved.

Thanks for the report.
I now describe the shortcuts as development and 2.2 stable branch.

Jun 3 2020, 10:09 AM · gpgweb, Bug Report

Jun 2 2020

werner committed rDf810f0bc5b13: git.gnupg.org: Update entry page (authored by werner).
git.gnupg.org: Update entry page
Jun 2 2020, 1:33 PM
werner claimed T4963: Update GnuPG versions listed on https://git.gnupg.org/.
Jun 2 2020, 1:06 PM · gpgweb, Bug Report
werner closed T4541: C implementation of AES is vulnerable to side-channel attacks as Wontfix.

As of now we doubt that the proposed patch helps and we even fear that it could make things worst. Thus, as long as there is we have no description of an attack we won't do anything about it.

Jun 2 2020, 10:29 AM · side-channel, libgcrypt, Bug Report

May 29 2020

werner triaged T4959: confusing output when running `gpg --delete-secrete-keys` without name as Normal priority.

Although this is a standard behaviour for Unix tools, you are right that it makes sense to tell the user about the problems. And well, the version info should not appear either.

May 29 2020, 5:12 PM · gnupg (gpg22), Bug Report
werner committed rEa20f9530be8d: Post release updates (authored by werner).
Post release updates
May 29 2020, 3:58 PM
werner committed rE71d278824c5f: Release 1.38 (authored by werner).
Release 1.38
May 29 2020, 3:58 PM
werner committed rE1143b2d36199: po: Update Ukrainian translation (authored by Yuri Chornoivan <yurchor@ukr.net>).
po: Update Ukrainian translation
May 29 2020, 3:58 PM
werner committed rEa6104a9ab717: po: Update and proofread Russian translation (authored by Ineiev <ineiev@gnu.org>).
po: Update and proofread Russian translation
May 29 2020, 3:58 PM
werner committed rE4f9fcb117ed0: po: Auto update (authored by werner).
po: Auto update
May 29 2020, 3:58 PM
werner committed rD3b3e22082944: swdb: Release gpgrt 1.38 (authored by werner).
swdb: Release gpgrt 1.38
May 29 2020, 3:48 PM
werner committed rDda23af3268a5: drafts,openpgp-webkey-service: Publish revision -10 (authored by werner).
drafts,openpgp-webkey-service: Publish revision -10
May 29 2020, 3:48 PM
werner closed T4623: pkg-config for mingw needs to emit -lws2_32 as Resolved.
May 29 2020, 3:16 PM · Restricted Project, Windows, gpgrt, Bug Report
werner added a comment to T4788: System wide configuration of the GnuPG system.
May 29 2020, 3:16 PM · gnupg (gpg23), Feature Request, gpg4win, g10code
werner closed T4859: Release libgpg-error 1.38 as Resolved.
May 29 2020, 3:15 PM · gpgrt, Release Info
werner added a comment to T4635: ship gpgscm and necessary *.scm files from gpgrt.

FYIL This is delayed because there are some dependencies to internals of gnupg.

May 29 2020, 2:32 PM · Tests, gpgrt, Feature Request
werner closed T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS as Resolved.

Merged. Thanks.

May 29 2020, 2:29 PM · gpgrt, Feature Request
werner created T4960: Disable tests if required components are disabled.
May 29 2020, 1:51 PM · Bug Report, gnupg (gpg22)
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Ok. However, I don't think that the fingerprint is really important. We can compute it anyway as long as we have the creation date. The keygrip is meanwhile more important but that is also easy to compute.

May 29 2020, 11:33 AM · scd

May 28 2020

werner triaged T4958: Document different use of pubring.gpg in newer versions as Normal priority.
May 28 2020, 9:11 PM · gnupg (gpg22), Documentation
werner committed rK5cdf0b5b0f19: Let ksba_cms_identify detect the new OpenPGP keyblock content. (authored by werner).
Let ksba_cms_identify detect the new OpenPGP keyblock content.
May 28 2020, 3:59 PM
werner committed rG2d9592e78f49: card: Allow to store and retrieve keyblocks in OpenPGP cards. (authored by werner).
card: Allow to store and retrieve keyblocks in OpenPGP cards.
May 28 2020, 3:56 PM
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Why do you think that we need to care about the attestation key? Where possible I take in new code in account that we will have more OpenPGP keys, but right now I don't think that is makes sense to replace our data structures for that the 3 element arrays we currently use are okay for the 3 standard keys. We can latter see how to replace them. At one place I already introduced something new:

May 28 2020, 2:25 PM · scd
werner added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Here is a dump of my token (Yubikey 5.2.6). I used the new apdu command of gpg-card along with "undump | dumpasn1 -", which saves quite some time:

May 28 2020, 2:19 PM · scd
werner committed rGed0759f39be0: card: New command "apdu" (authored by werner).
card: New command "apdu"
May 28 2020, 1:01 PM

May 27 2020

werner committed rG94d31660c6db: card: Update card info after "generate". (authored by werner).
card: Update card info after "generate".
May 27 2020, 1:48 PM
werner committed rG21496761226c: scd:openpgp: New KEY-STATUS attribute. (authored by werner).
scd:openpgp: New KEY-STATUS attribute.
May 27 2020, 1:48 PM
werner committed rG08310849a280: card: Add command "bye" (authored by werner).
card: Add command "bye"
May 27 2020, 11:45 AM
werner committed rG46a3de4b5acb: card: Take care of removed and re-inserted cards. (authored by werner).
card: Take care of removed and re-inserted cards.
May 27 2020, 11:45 AM
werner added a comment to T4098: GpgSM: Add ECC support.

GnuTLS seems to have some CMS support; see https://gitlab.com/gnutls/gnutls/-/issues/227 .

May 27 2020, 10:35 AM · gnupg (gpg23), Feature Request, S/MIME

May 26 2020

werner committed rGc2a47475ba0f: card: Implement UID command and print capabilities. (authored by werner).
card: Implement UID command and print capabilities.
May 26 2020, 4:24 PM