Page MenuHome GnuPG
Feed All Stories

Jul 7 2021

gniibe committed rC61c87070abc4: tests: Skip unavailable ciphers in FIPS mode. (authored by gniibe).
tests: Skip unavailable ciphers in FIPS mode.
Jul 7 2021, 9:32 AM
werner added a comment to T5520: Fix tests in FIPS mode.

That reminds me that we we should replace libgcrypt's internal debug functions by those from gpgrt. We have a dependency for gpgrt anyway and thus we should avoid code duplication. Sure we will keep the existsing public functions but that is easy given that gpgrt comes with gpgrt_logv since 1.28 which we can make mandatory (currently libgcrypt requires 1.27 (from 2017, with 1.28 is from 2018)

Jul 7 2021, 9:24 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5520: Fix tests in FIPS mode.

I applied rC297d31294333: tests: Fix messages to STDERR when FIPS mode is enabled.. Please note that your intention to change check_digests is right, but your patch actually didn't; When a MD algo is not supported, gcry_md_test_algo returns != 0 (an error code), and it "continues" to next entry (before the change).

Jul 7 2021, 8:19 AM · FIPS, libgcrypt, Bug Report
gniibe committed rC297d31294333: tests: Fix messages to STDERR when FIPS mode is enabled. (authored by gniibe).
tests: Fix messages to STDERR when FIPS mode is enabled.
Jul 7 2021, 8:16 AM
gniibe added a comment to T5520: Fix tests in FIPS mode.

Thank you for your report.

Jul 7 2021, 8:07 AM · FIPS, libgcrypt, Bug Report
Laurent Montel <montel@kde.org> committed rLIBKLEO5f5c2f3b2e2d: GIT_SILENT: add clang support (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add clang support
Jul 7 2021, 8:04 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRAaed5d582f993: GIT_SILENT: add clang support (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add clang support
Jul 7 2021, 8:03 AM
gniibe claimed T5520: Fix tests in FIPS mode.
Jul 7 2021, 4:42 AM · FIPS, libgcrypt, Bug Report

Jul 6 2021

bernhard committed rW4a5ef6c098a5: Add the timezone to the last g10 certificate (authored by bernhard).
Add the timezone to the last g10 certificate
Jul 6 2021, 6:30 PM
werner triaged T5427: Update Italian Version as Normal priority.
Jul 6 2021, 6:18 PM · i18n, gpg4win
werner closed T5414: Input/output error (218136625) as Resolved.

Check that the file exists and that you have permissions to read the file. You may use an editor to try this out.

Jul 6 2021, 6:16 PM · Support, gpg4win
werner lowered the priority of T4884: PKCS #15 support in gpgsm from High to Normal.
Jul 6 2021, 6:12 PM · Feature Request, gnupg, scd, S/MIME
werner triaged T5468: About the API of GpgME to revoke key pairs and subkeys. as Normal priority.
Jul 6 2021, 6:10 PM · gpgme, Feature Request
werner triaged T5460: Migration for ABI change (newer mingw) as Normal priority.
Jul 6 2021, 6:09 PM · gpg4win, Windows
jukivili committed rC69fdcb543323: ec: add zSeries/s390x accelerated scalar multiplication (authored by jukivili).
ec: add zSeries/s390x accelerated scalar multiplication
Jul 6 2021, 6:07 PM
jukivili committed rC4b76fa6a1f92: rinjdael-s390x: fix UBSAN warning on using index beyond end of array (authored by jukivili).
rinjdael-s390x: fix UBSAN warning on using index beyond end of array
Jul 6 2021, 6:07 PM
jukivili closed T5510: libgcrypt: incorrect computation for secp192r1 as Resolved.
Jul 6 2021, 6:02 PM · libgcrypt, Bug Report
werner triaged T5520: Fix tests in FIPS mode as High priority.
Jul 6 2021, 3:33 PM · FIPS, libgcrypt, Bug Report
werner added a project to T5520: Fix tests in FIPS mode: FIPS.
Jul 6 2021, 1:46 PM · FIPS, libgcrypt, Bug Report
Jakuje created T5520: Fix tests in FIPS mode.
Jul 6 2021, 12:03 PM · FIPS, libgcrypt, Bug Report
ikloecker moved T5517: Improvements for symmetric encryption from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jul 6 2021, 9:11 AM · pinentry, Restricted Project
ikloecker moved T5473: Libkleo build for Windows broken from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jul 6 2021, 9:11 AM · kleopatra, Restricted Project
gniibe added a comment to T3456: GPG does not import secret subkeys from --export-secret-subkeys output if subkey stubs existed before.

In agent_write_private_key of agent/findkey.c, when file is available, it returns GPG_ERR_EEXIST error. Thus, private (stub) key will be kept.

Jul 6 2021, 8:45 AM · gnupg22 (gnupg-2.2.42), Restricted Project
gniibe committed rG044e5a3c3801: scd: Detect external interference when PCSC_SHARED. (authored by gniibe).
scd: Detect external interference when PCSC_SHARED.
Jul 6 2021, 7:57 AM
werner added a comment to T5433: libgcrypt: Do not use SHA1 by default.

With the planned new context aware pubkey functions we technically could do this change w/o an ABI break.

Jul 6 2021, 7:57 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5433: libgcrypt: Do not use SHA1 by default from Backlog to For 1.10 on the libgcrypt board.
Jul 6 2021, 6:33 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5508: Allow hardware optimizations in FIPS from Backlog to For 1.10 on the libgcrypt board.
Jul 6 2021, 6:33 AM · FIPS, libgcrypt, Bug Report

Jul 5 2021

Heiko Becker <heiko.becker@kde.org> committed rKLEOPATRA9775a38132a2: GIT_SILENT Update Appstream for new release (authored by Heiko Becker <heiko.becker@kde.org>).
GIT_SILENT Update Appstream for new release
Jul 5 2021, 9:22 PM
Heiko Becker <heiko.becker@kde.org> committed rKLEOPATRA22c65cd389f5: GIT_SILENT Update Appstream for new release (authored by Heiko Becker <heiko.becker@kde.org>).
GIT_SILENT Update Appstream for new release
Jul 5 2021, 9:22 PM
ikloecker added a comment to T5473: Libkleo build for Windows broken.

This patch for libkleo fixes the build. Alternatively, updating extra-cmake-modules to 5.80 (where the target-variant of ecm_qt_declare_logging_category was added) fixes the build.

Jul 5 2021, 7:20 PM · kleopatra, Restricted Project
gniibe claimed T3456: GPG does not import secret subkeys from --export-secret-subkeys output if subkey stubs existed before.
Jul 5 2021, 10:14 AM · gnupg22 (gnupg-2.2.42), Restricted Project
Laurent Montel <montel@kde.org> committed rLIBKLEO05e5a6f5df26: GIT_SILENT: we depend against c++17 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: we depend against c++17
Jul 5 2021, 9:33 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRAdeeb7d26d7e4: GIT_SILENT: we depend against c++17 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: we depend against c++17
Jul 5 2021, 9:23 AM
gniibe added a comment to T5512: Implement service indicators.

Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program:
https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf

Jul 5 2021, 8:50 AM · Feature Request, FIPS, libgcrypt

Jul 4 2021

noblydev updated noblydev.
Jul 4 2021, 9:22 PM
werner committed rD8cf26a72d9f1: swdb: GnuPG 2.2.29 (authored by werner).
swdb: GnuPG 2.2.29
Jul 4 2021, 5:49 PM
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2021q3/000461.html on T5498: Release GnuPG 2.2.29.
Jul 4 2021, 5:45 PM · Release Info, gnupg (gpg22)
werner closed T5497: v2.2.28 fails to locate-key from keyserver by email: Invalid user ID as Resolved.
Jul 4 2021, 5:30 PM · Bug Report
werner closed T5487: GnuPG 2.2.28 not working with Yubikey NEO as Resolved.
Jul 4 2021, 5:30 PM · yubikey, gnupg (gpg22), Bug Report
werner committed rG4952ed958413: Post release updates (authored by werner).
Post release updates
Jul 4 2021, 5:29 PM
werner committed rG695a879af81e: Release 2.2.29 (authored by werner).
Release 2.2.29
Jul 4 2021, 5:29 PM
werner committed rG3283cf3a7a5e: Update OpenPGP card vendor list. (authored by werner).
Update OpenPGP card vendor list.
Jul 4 2021, 5:29 PM
werner closed T5498: Release GnuPG 2.2.29 as Resolved.
Jul 4 2021, 5:29 PM · Release Info, gnupg (gpg22)
werner triaged T5519: Release GnuPG 2.2.30 as Low priority.
Jul 4 2021, 5:23 PM · Release Info, gnupg (gpg22)
werner triaged T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient. as Normal priority.
Jul 4 2021, 4:19 PM · gnupg (gpg22), Windows, Bug Report

Jul 2 2021

werner committed rG51310497ef0f: po: Remove removed files. (authored by werner).
po: Remove removed files.
Jul 2 2021, 2:45 PM
bookie added a project to T5518: "Direct Action" to E-Mail not stable: gpgol.
Jul 2 2021, 1:38 PM · gpgol, Bug Report, gpg4win
bookie created T5518: "Direct Action" to E-Mail not stable.
Jul 2 2021, 1:34 PM · gpgol, Bug Report, gpg4win
werner added a comment to T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient..

It is a matter of the used font. 2.2.29 will fix this problem.

Jul 2 2021, 7:52 AM · gnupg (gpg22), Windows, Bug Report
jukivili committed rC3f4a59299134: tests/t-mpi-point: add one more NIST P-256 reduction test-vector (authored by jukivili).
tests/t-mpi-point: add one more NIST P-256 reduction test-vector
Jul 2 2021, 12:49 AM
jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Got a new bug with regression range ccfa9f2c1427b40483984198c3df41f8057f69f8:6dfab8cfb94ccb485a15b13df3c499cbb06fddf2

curve=23 secp256r1
point=04555555ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff73a865e2e128733884fb82ce625ade822f7d8a59a4dcc09266966cf1bf082856
bignum=2020ff2020202020202020202020202020202020202020202020202020202020
nettle: 0 045549408909dd3e772d7d669f8fba2248d334b54be3d18833223d944a328948c76198ac3b29712256dcd9ce1a09471f04267684e1edd45910d61d0b7847db2d58
gcrypt: 0 047a6ec0df23082c8ce54c2b536d76b30464f4e1e690bb77665d298f05f0bee6806e7db3377141cc71ee30dcb8ffb7240bc3ecf29132ab5eb4ae03c067cea0d561
Jul 2 2021, 12:43 AM · libgcrypt, Bug Report

Jul 1 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Got a new bug with regression range ccfa9f2c1427b40483984198c3df41f8057f69f8:6dfab8cfb94ccb485a15b13df3c499cbb06fddf2

Jul 1 2021, 10:19 PM · libgcrypt, Bug Report
Reiner added a comment to T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient..

Same error message in Windows 8.1 x64 with the commands:
gpg --local-user 0x12345678 --sign-key 0xABCDEF12 or: gpg --default-key 0x12345678 --sign-key 0xABCDEF12.

Jul 1 2021, 7:24 PM · gnupg (gpg22), Windows, Bug Report
jukivili committed rC9911069388e7: bench-slope: add X25519 and X448 scalar multiplication (authored by jukivili).
bench-slope: add X25519 and X448 scalar multiplication
Jul 1 2021, 5:38 PM
jukivili committed rC2fcac487069f: mpi: optimizations for MPI scanning and printing (authored by jukivili).
mpi: optimizations for MPI scanning and printing
Jul 1 2021, 5:38 PM
jukivili committed rCef676b9c14da: mpi/ec: cache converted field_table MPIs (authored by jukivili).
mpi/ec: cache converted field_table MPIs
Jul 1 2021, 5:38 PM
jukivili committed rC38d80fdfddd0: mpi_ec_get_affine: fast path for Z==1 case (authored by jukivili).
mpi_ec_get_affine: fast path for Z==1 case
Jul 1 2021, 5:38 PM
jukivili committed rC165237776389: tests/t-mpi-point: add reduction test-vectors for secp256k1 (authored by jukivili).
tests/t-mpi-point: add reduction test-vectors for secp256k1
Jul 1 2021, 5:38 PM
werner removed a member for g10code: cbiedl.
Jul 1 2021, 12:36 PM
werner defrocked cbiedl.
Jul 1 2021, 12:35 PM
werner committed rDaf638d166270: web: Removed Stripe logo (authored by werner).
web: Removed Stripe logo
Jul 1 2021, 11:02 AM
ikloecker moved T5473: Libkleo build for Windows broken from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jul 1 2021, 10:42 AM · kleopatra, Restricted Project
aheinecke added projects to T5517: Improvements for symmetric encryption: Restricted Project, pinentry.
Jul 1 2021, 10:15 AM · pinentry, Restricted Project
aheinecke triaged T5517: Improvements for symmetric encryption as Normal priority.
Jul 1 2021, 10:15 AM · pinentry, Restricted Project
aheinecke added a comment to T5511: Kleopatra: Show "is this your own key" question for Smartcards somehow, too.

Very cool, I like it especially that you avoided a popup and used that action mechanism.

Jul 1 2021, 8:34 AM · kleopatra, Restricted Project
aheinecke awarded T5511: Kleopatra: Show "is this your own key" question for Smartcards somehow, too a Like token.
Jul 1 2021, 8:30 AM · kleopatra, Restricted Project

Jun 30 2021

ikloecker moved T5511: Kleopatra: Show "is this your own key" question for Smartcards somehow, too from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 30 2021, 6:54 PM · kleopatra, Restricted Project
ikloecker changed the status of T5511: Kleopatra: Show "is this your own key" question for Smartcards somehow, too from Open to Testing.

When selecting a certification key without ultimate trust the message "Is this your own key?" is shown.

Jun 30 2021, 6:54 PM · kleopatra, Restricted Project
ikloecker committed rLIBKLEO33b28a9783af: Try hard to keep the currently selected key/item if the model changes (authored by ikloecker).
Try hard to keep the currently selected key/item if the model changes
Jun 30 2021, 6:50 PM
ikloecker committed rLIBKLEO8749864110c6: Avoid emission of detailed model signals if model reset is in progress (authored by ikloecker).
Avoid emission of detailed model signals if model reset is in progress
Jun 30 2021, 6:50 PM
ikloecker committed rKLEOPATRA08d42db60ed5: Allow the user to set owner trust for the certification key (authored by ikloecker).
Allow the user to set owner trust for the certification key
Jun 30 2021, 6:48 PM
jukivili committed rCfc92c609dfdb: ec-nist: fix 'mod p' carry adjustment and output masking (authored by jukivili).
ec-nist: fix 'mod p' carry adjustment and output masking
Jun 30 2021, 5:58 PM
jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Thanks a lot.

Jun 30 2021, 4:54 PM · libgcrypt, Bug Report

Jun 29 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=23 secp256r1
point=040000ffffffff0000000000000000000000000000000000000000000000000000cfe26d107a5134d6feb38ce3577075bdc7aa70ff7523d3b203c8a973f2d3dc8e
bignum=0000000000ff0000000400000000000000000000005d00003277002000010000
mbedtls: 0 04fd351b304ad50f36153d8193c4bbf7d4c3bee26e5af52a9c70133edfa62c273e05da8312615436e9c81b5b0624e68667233ace6307afc8056eae85049ca63226
gcrypt: 0 04d6915640b8ba3918f129c108f52f571ec28c1c89ad710b43928c3bd942eb29d8bf181e997b502abf12cf3606eb46379c59fd396bda7b45cdc75d429b2b37b15f
Jun 29 2021, 8:57 PM · libgcrypt, Bug Report
catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=24 secp384r1
point=0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffc1b0d6f8fb7f2de5b8875645b64042ae20f119f3e1cfefc0215857eeae5f4a8fca737057d69a42c44d958e7cfcc77ce6b
bignum=ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52972
mbedtls: 0 0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffce4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
gcrypt: 0 04fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0100000000000000fffffffbe4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
Jun 29 2021, 8:53 PM · libgcrypt, Bug Report
werner committed rG5f78ae696c10: artwork: Explain the license for the logo (authored by werner).
artwork: Explain the license for the logo
Jun 29 2021, 6:47 PM
werner committed rD7ceaec9ecdec: web: Add a link to the logo source (authored by werner).
web: Add a link to the logo source
Jun 29 2021, 6:40 PM
werner committed rD6d1c162eb07c: web: Note the author of the logo (authored by werner).
web: Note the author of the logo
Jun 29 2021, 6:32 PM
werner triaged T5449: gnupg: Do not use SHA1 by default as Low priority.

The original idea with the DNS code was just to source copy it but it turned out that we need to maintain it in GnuPG. Thus adding support for SHA256 makes sense to keep the code current in case we ever need to use it.

Jun 29 2021, 3:49 PM · gnupg24, gnupg (gpg23), Bug Report
werner added a project to T5513: Outlook download external content crash: gpgol.
Jun 29 2021, 3:44 PM · Too Old, gpgol, Bug Report, gpg4win
aheinecke triaged T5516: Kleopatra: File encryption output picker should have proper defaults as Normal priority.
Jun 29 2021, 1:37 PM · kleopatra
ikloecker closed T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value as Resolved.
Jun 29 2021, 12:31 PM · Restricted Project, kleopatra
ikloecker closed T5515: qgpgme: Allow retrieving the default value of a config entry as Resolved.
Jun 29 2021, 12:31 PM · gpgme, Restricted Project, kleopatra
ikloecker closed T5515: qgpgme: Allow retrieving the default value of a config entry, a subtask of T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value, as Resolved.
Jun 29 2021, 12:31 PM · Restricted Project, kleopatra
ikloecker moved T5515: qgpgme: Allow retrieving the default value of a config entry from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 29 2021, 12:31 PM · gpgme, Restricted Project, kleopatra
ikloecker moved T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 29 2021, 12:31 PM · Restricted Project, kleopatra
ikloecker committed rKLEOPATRAa633f864dbe9: Set value of OpenPGP keyserver field only if config entry is set (authored by ikloecker).
Set value of OpenPGP keyserver field only if config entry is set
Jun 29 2021, 12:29 PM
ikloecker committed rKLEOPATRA1520a1da1b43: Use default value for OpenPGP keyserver provided by gpg (authored by ikloecker).
Use default value for OpenPGP keyserver provided by gpg
Jun 29 2021, 12:29 PM
ikloecker committed rM12006a782900: qt: Allow retrieving the default value of a config entry (authored by ikloecker).
qt: Allow retrieving the default value of a config entry
Jun 29 2021, 12:27 PM
ikloecker moved T5515: qgpgme: Allow retrieving the default value of a config entry from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 29 2021, 11:56 AM · gpgme, Restricted Project, kleopatra
ikloecker triaged T5515: qgpgme: Allow retrieving the default value of a config entry as Normal priority.
Jun 29 2021, 11:56 AM · gpgme, Restricted Project, kleopatra
ikloecker moved T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jun 29 2021, 11:52 AM · Restricted Project, kleopatra
ikloecker claimed T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value.
Jun 29 2021, 11:52 AM · Restricted Project, kleopatra
ikloecker created T5514: Kleopatra: Use default keyserver from gpg instead of hardcoded value.
Jun 29 2021, 11:52 AM · Restricted Project, kleopatra
onickolay added a comment to T5464: Failure to import Curve25519 ECDH secret subkey to the GnupG..

Do I correctly understand that issue will be resolved on GnuPG side by tweaking key bits before private-key import/and/or/operations?

Jun 29 2021, 11:19 AM · Support, gnupg, OpenPGP

Jun 28 2021

jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

P192, P224, P256 and P384 are affected.

Jun 28 2021, 10:03 PM · libgcrypt, Bug Report
ukjoe created T5513: Outlook download external content crash.
Jun 28 2021, 9:39 PM · Too Old, gpgol, Bug Report, gpg4win
catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Is secp192r1 only curve that is giving wrong results?

Jun 28 2021, 8:40 PM · libgcrypt, Bug Report
jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Attached patch should fix the issue:

Jun 28 2021, 8:03 PM · libgcrypt, Bug Report
Laurent Montel <montel@kde.org> committed rLIBKLEOc48c89cca718: GIT_SILENT: add license (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add license
Jun 28 2021, 7:30 PM