Page MenuHome GnuPG
Feed All Stories

Jan 17 2022

ikloecker committed rM9c03bde06be9: qt: Fix build without installed GpgME++ headers (authored by ikloecker).
qt: Fix build without installed GpgME++ headers
Jan 17 2022, 2:47 PM
ikloecker committed rMec71eb1d7d9f: qt: Remove superfluous include (authored by ikloecker).
qt: Remove superfluous include
Jan 17 2022, 2:47 PM
ikloecker committed rG9f64bf6c0b31: po: Remove duplicate message definitions (authored by ikloecker).
po: Remove duplicate message definitions
Jan 17 2022, 2:21 PM
gniibe added a comment to E906: Weekly Standup.

Last week:

  • libgcrypt
    • DONE: keywrap T5752
    • FIPS things: done for me
  • gnupg (2.3 and 2.2)

This week:

  • gnupg-448 branch using KWP for ECDH 448
  • security report
Jan 17 2022, 12:01 PM
aheinecke committed rP8f239a2b133c: qt: Install translator and translations (authored by aheinecke).
qt: Install translator and translations
Jan 17 2022, 11:07 AM
pmgdeb added a comment to T5512: Implement service indicators.

I'm not completely sure but it might be convenient to mark HMAC keys with lengths less that 112 as non-approved in FIPS mode for both generation and verification. It could be easily implemented by adding a check using cipher/mac-hmac.c:hmac_get_keylen() or at the algo level. What do you think?

Jan 17 2022, 10:56 AM · Feature Request, FIPS, libgcrypt
werner closed T5783: All s2k hardenings silently ignored when exporting private keys as Resolved.

Sending a private key with just the local protection is not a good idea. It is better to export the key and then send it in an encrypted mail - for example in symmetric mode with a strong password.

Jan 17 2022, 10:48 AM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg
gniibe is attending E906: Weekly Standup.
Jan 17 2022, 10:46 AM
aheinecke added a comment to T5786: Pinentry-qt: Context menu in english.

Btw. had to revert your unique ptr change ;-) I didn't want to raise the c++ level just for that.

Jan 17 2022, 10:44 AM · pinentry
aheinecke closed T5786: Pinentry-qt: Context menu in english as Resolved.

ikloecker I have just added the ki18n main code to pinentry-qt as qti18n.cpp this fixes it for me. I have commented out everything but the base catalog.

Jan 17 2022, 10:43 AM · pinentry
werner closed T5784: Prioritization of weak Brainpool-Curves, when de-vs aka VS-NfD mode is activated (compliance de-vs) as Resolved.

Please no holy wars on the type of curves. NIST as its opinon, Europe has its opinion, DJB has of course a different opinion. Please use the the cryptography ML for such political/technical discussions.

Jan 17 2022, 10:43 AM · Not A Bug, gpg4win, gnupg
werner changed the edit policy for T5783: All s2k hardenings silently ignored when exporting private keys.
Jan 17 2022, 10:39 AM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg
ikloecker added a comment to T5786: Pinentry-qt: Context menu in english.

OTOH, inst-qttranslations.nsi copies all .qm files needed by the qt_<language>.qm files.

Jan 17 2022, 10:38 AM · pinentry
werner changed the edit policy for T5784: Prioritization of weak Brainpool-Curves, when de-vs aka VS-NfD mode is activated (compliance de-vs).
Jan 17 2022, 10:36 AM · Not A Bug, gpg4win, gnupg
ikloecker added a comment to T5786: Pinentry-qt: Context menu in english.

For the appimage I have added a patch (backported from ki18n) that makes sure that the Qt translations for qtbase are loaded even if the (unneeded) translations for qtscript, qtmultimedia, and qtxmlpatterns are missing. See 0001-Load-Qt-translations-even-if-some-catalogs-are-missi.patch.

Jan 17 2022, 10:36 AM · pinentry
ikloecker renamed T5780: Kleopatra: Result dialog does not have focus after operation from Kleopatra: Eesult dialog does not have focus after operation to Kleopatra: Result dialog does not have focus after operation.
Jan 17 2022, 9:41 AM · kleopatra, Restricted Project
ikloecker committed rLIBKLEOb7dacb5dab63: Do not use "guru" as debug level. (authored by werner).
Do not use "guru" as debug level.
Jan 17 2022, 9:35 AM
aheinecke triaged T5786: Pinentry-qt: Context menu in english as Normal priority.
Jan 17 2022, 9:06 AM · pinentry
aheinecke closed T4777: Pinentry sometimes mixes languages as Resolved.

Saw this again and the commit was not in the Stable 2.2 branch. I have cherry picked it. This should resolve this issue.

Jan 17 2022, 9:02 AM · gnupg (gpg23), S/MIME, gpgagent
aheinecke committed rGc54f7e154f1e: po: Make agent/commands.c translatable and update German translation. (authored by werner).
po: Make agent/commands.c translatable and update German translation.
Jan 17 2022, 9:02 AM
gyakovlev added a comment to T5785: libgcrypt-1.9.4 build failure on ppc64le.

sorry, I'm a bit confused now and probably everything I wrote above is incorrect.

Jan 17 2022, 8:47 AM · Gentoo, Bug Report
gyakovlev added a comment to T5785: libgcrypt-1.9.4 build failure on ppc64le.

thanks for approving account.
build error happens in automatic configuration (when --enable-ppc-crypto-support is omitted from ./configure) and -mcpu=powerpc64le, -mcpu=power8 or power9 or -mpower8-vector flags are not passed to compiler.

Jan 17 2022, 8:18 AM · Gentoo, Bug Report
werner added a project to T5782: Smartcard unusable secret key until used via command line: kleopatra.
Jan 17 2022, 7:45 AM · kleopatra, Bug Report, gpg4win
werner is attending E906: Weekly Standup.
Jan 17 2022, 7:43 AM
gniibe committed rCe023e10ee89b: Update documentation related to FIPS (authored by Jakuje).
Update documentation related to FIPS
Jan 17 2022, 7:15 AM
gniibe committed rC8611c9f276ad: fips: Add support for KDF FIPS indicators (authored by Jakuje).
fips: Add support for KDF FIPS indicators
Jan 17 2022, 7:15 AM
gniibe committed rCd0db6a5abf7b: fips: Remove GCRYCTL_FIPS_SERVICE_INDICATOR and renumber the enum. (authored by gniibe).
fips: Remove GCRYCTL_FIPS_SERVICE_INDICATOR and renumber the enum.
Jan 17 2022, 7:15 AM
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied.
Also, add another change.

Jan 17 2022, 6:51 AM · Feature Request, FIPS, libgcrypt
gniibe committed rG4cc724639c01: gpg: Fix adding the list of ultimate trusted keys. (authored by gniibe).
gpg: Fix adding the list of ultimate trusted keys.
Jan 17 2022, 6:35 AM
gniibe added a project to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG: Testing.

Backported to 2.2, too.

Jan 17 2022, 6:24 AM · Testing, Bug Report, gnupg (gpg23)
thesamesam updated subscribers of T5785: libgcrypt-1.9.4 build failure on ppc64le.

On behalf of @gyakovlev (pending approval for his account):

[03:05:23]  <@gyakovlev>  AC_DEFINE(HAVE_COMPATIBLE_CC_PPC_ALTIVEC,1,
[03:05:23]  <@gyakovlev>         [Defined if underlying compiler supports PowerPC AltiVec/VSX/crypto intrinsics])
[03:05:34]  <@gyakovlev> they should definitely check for __POWER8_VECTOR__ 1
[03:05:44]  <@gyakovlev> it's not plain altivec
[03:06:52]  <@gyakovlev> that power check should check for __POWER8_VECTOR__
[03:06:52]  <@gyakovlev> not only for what they check already.
[03:08:59]  <@gyakovlev> it probably should be checked after __powerpc64__ or instead of it.
Jan 17 2022, 4:09 AM · Gentoo, Bug Report
thesamesam added a project to T5785: libgcrypt-1.9.4 build failure on ppc64le: Gentoo.
Jan 17 2022, 3:34 AM · Gentoo, Bug Report
thesamesam added a comment to T5785: libgcrypt-1.9.4 build failure on ppc64le.

Looks like it's triggered if e.g. -mcpu=power9 isn't in CFLAGS.

Jan 17 2022, 3:34 AM · Gentoo, Bug Report
thesamesam added a comment to T5785: libgcrypt-1.9.4 build failure on ppc64le.

Build log here:

Jan 17 2022, 3:32 AM · Gentoo, Bug Report
thesamesam created T5785: libgcrypt-1.9.4 build failure on ppc64le.
Jan 17 2022, 3:31 AM · Gentoo, Bug Report

Jan 16 2022

vitusb renamed T5783: All s2k hardenings silently ignored when exporting private keys from All s2k hardenings silently ignored when doin an export of private keys to All s2k hardenings silently ignored when exporting private keys.
Jan 16 2022, 2:10 PM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg
vitusb raised the priority of T5784: Prioritization of weak Brainpool-Curves, when de-vs aka VS-NfD mode is activated (compliance de-vs) from High to Needs Triage.
Jan 16 2022, 12:26 PM · Not A Bug, gpg4win, gnupg
vitusb raised the priority of T5783: All s2k hardenings silently ignored when exporting private keys from High to Needs Triage.
Jan 16 2022, 12:25 PM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg

Jan 15 2022

vitusb triaged T5784: Prioritization of weak Brainpool-Curves, when de-vs aka VS-NfD mode is activated (compliance de-vs) as High priority.
Jan 15 2022, 3:53 PM · Not A Bug, gpg4win, gnupg
vitusb triaged T5783: All s2k hardenings silently ignored when exporting private keys as High priority.
Jan 15 2022, 3:12 PM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg

Jan 14 2022

joeyberkovitz created T5782: Smartcard unusable secret key until used via command line.
Jan 14 2022, 2:54 PM · kleopatra, Bug Report, gpg4win
werner triaged T5781: Add tooltip to Kleo's advanced key generation dialog as Normal priority.
Jan 14 2022, 12:07 PM · Restricted Project, Feature Request, kleopatra
aheinecke committed rLIBKLEObf2fb686fb88: Filter on subkey fingerprints in keylist, too (authored by aheinecke).
Filter on subkey fingerprints in keylist, too
Jan 14 2022, 10:37 AM
aheinecke triaged T5780: Kleopatra: Result dialog does not have focus after operation as Normal priority.
Jan 14 2022, 10:25 AM · kleopatra, Restricted Project
aheinecke closed T5779: Kleopatra: Filter by fingerprint in keylistwidget as Resolved.
Jan 14 2022, 10:09 AM · kleopatra, Restricted Project
aheinecke triaged T5779: Kleopatra: Filter by fingerprint in keylistwidget as Normal priority.
Jan 14 2022, 10:07 AM · kleopatra, Restricted Project
aheinecke added a comment to T5777: Kleopatra: Remove all external links which would open a browser.

Yes I think changing the textinteraction flags for these labels would be fine. But as this is only for one customer we should probably add some config like "no links". I think the about dialog things are more problematic as they come from Frameworks.

Jan 14 2022, 9:59 AM · kleopatra, Restricted Project
ikloecker added a comment to T5777: Kleopatra: Remove all external links which would open a browser.

Is the problem links which can be clicked? Or the mere displaying of links? If the former needs to be changed, then removing the Qt::LinksAccessibleByMouse and Qt::LinksAccessibleByKeyboard flags from the textInteractionFlags of QLabel, QTextEdit, QTextBrowser would do it.

Jan 14 2022, 9:56 AM · kleopatra, Restricted Project
aheinecke triaged T5778: Wish to add a generic comment or hint to encrypted data as Wishlist priority.
Jan 14 2022, 9:53 AM · gnupg, Restricted Project
aheinecke triaged T5777: Kleopatra: Remove all external links which would open a browser as High priority.
Jan 14 2022, 8:56 AM · kleopatra, Restricted Project
aheinecke added a comment to T5775: Kleopatra: Add action to restart background processes.

Oh, this is something we should fix anyway because users when evaluating Kleopatra and making configuration changes regularly run "gpgconf --kill all" anyway. Could it be that the SCD DEVINFO --watch fails because the gpg-agent is not yet started again?

Jan 14 2022, 8:42 AM · kleopatra, Restricted Project

Jan 13 2022

ikloecker committed rMe16729edcbdf: tests: Fix generation of keys without expiration (authored by ikloecker).
tests: Fix generation of keys without expiration
Jan 13 2022, 4:34 PM
ikloecker committed rMe4625885a851: tests: Remove unsupported option --status from usage help (authored by ikloecker).
tests: Remove unsupported option --status from usage help
Jan 13 2022, 4:34 PM
ikloecker committed rM4d913a8aa5da: qt: Add job to add existing subkeys to other keys (authored by ikloecker).
qt: Add job to add existing subkeys to other keys
Jan 13 2022, 3:36 PM
ikloecker committed rMd308910cdfb3: qt,tests: Add helper to hook up the test passphrase provider (authored by ikloecker).
qt,tests: Add helper to hook up the test passphrase provider
Jan 13 2022, 3:36 PM
ikloecker committed rMa4dcb17486bb: cpp: Add interactor to add existing subkeys to other keys (authored by ikloecker).
cpp: Add interactor to add existing subkeys to other keys
Jan 13 2022, 3:36 PM
ikloecker committed rMa54402fc2d1c: qt,tests: Add asyncDone signal to base class of all tests (authored by ikloecker).
qt,tests: Add asyncDone signal to base class of all tests
Jan 13 2022, 3:36 PM
ikloecker added a comment to T5775: Kleopatra: Add action to restart background processes.

Note: Currently, killing the background processes causes a SIGPIPE (broken pipe) in the worker thread of the DeviceInfoWatcher. Kleopatra seems to survive this, but I'm not sure the thread survives. Starting a new SCD DEVINFO --watch fails with General error. On exit, the thread then receives a SIGABRT which crashes Kleopatra.

Jan 13 2022, 1:18 PM · kleopatra, Restricted Project
aheinecke renamed T5774: Kleopatra: Better default when decrypting Outlook attachments from Kleopatra: Better default when decrypting Outlook attachmetns to Kleopatra: Better default when decrypting Outlook attachments.
Jan 13 2022, 11:56 AM · kleopatra, Restricted Project
aheinecke triaged T5776: Kleopatra: Add possibility to copy fingerprints without spaces as Wishlist priority.
Jan 13 2022, 11:48 AM · kleopatra, Restricted Project
aheinecke triaged T5775: Kleopatra: Add action to restart background processes as Normal priority.
Jan 13 2022, 11:45 AM · kleopatra, Restricted Project
aheinecke triaged T5774: Kleopatra: Better default when decrypting Outlook attachments as Normal priority.
Jan 13 2022, 10:18 AM · kleopatra, Restricted Project
Laurent Montel <montel@kde.org> committed rKLEOPATRA183c899a7ee8: Use directly QT_VERSION (authored by Laurent Montel <montel@kde.org>).
Use directly QT_VERSION
Jan 13 2022, 7:08 AM

Jan 12 2022

twpayne added a comment to T5772: pinentry-mac: PIN not escaped when using quality bar.

You'll have to talk to the people you got pinentry-mac from.

Jan 12 2022, 9:48 PM · pinentry, Bug Report
werner claimed T5718: Provide list of supported/compliant key algorithms.
Jan 12 2022, 8:40 PM · gnupg (gpg23), Feature Request
werner added a comment to T5718: Provide list of supported/compliant key algorithms.

No, these are simply the technically available algorithms. I'll see what I can do.

Jan 12 2022, 8:40 PM · gnupg (gpg23), Feature Request
werner committed rGf16c535eee91: gpgconf: Add command aliases -L -K -R. (authored by werner).
gpgconf: Add command aliases -L -K -R.
Jan 12 2022, 8:32 PM
werner committed rGec4a1cffb865: gpgconf: Add command aliases -L -K -R. (authored by werner).
gpgconf: Add command aliases -L -K -R.
Jan 12 2022, 8:29 PM
jukivili committed rCdfd53c7eddf0: rijndael-aesni: small optimization for cbc-enc and cfb-enc (authored by jukivili).
rijndael-aesni: small optimization for cbc-enc and cfb-enc
Jan 12 2022, 4:57 PM
werner triaged T5772: pinentry-mac: PIN not escaped when using quality bar as Normal priority.

I don't know about pinentry-mac but it seems to be another name for
one our our regular pinentry variants.

Jan 12 2022, 3:23 PM · pinentry, Bug Report
ikloecker added a comment to T5773: Encrypt file extension as pgp.

Enable the setting Create OpenPGP encrypted files with ".pgp" file extensions instead of ".gpg in Kleopatra's Settings.

Jan 12 2022, 3:20 PM · Support
ikloecker added a comment to T5772: pinentry-mac: PIN not escaped when using quality bar.

We provide lots of different flavors of pinentry, but we do not provide pinentry-mac. You'll have to talk to the people you got pinentry-mac from.

Jan 12 2022, 3:15 PM · pinentry, Bug Report
werner closed T5773: Encrypt file extension as pgp as Resolved.

Rename the file and you are done.

Jan 12 2022, 3:06 PM · Support
werner committed rG96db487a4da5: common,w32: Improve HKCU->HKLM fallback (authored by werner).
common,w32: Improve HKCU->HKLM fallback
Jan 12 2022, 2:49 PM
ALLEE created T5773: Encrypt file extension as pgp.
Jan 12 2022, 2:42 PM · Support
twpayne created T5772: pinentry-mac: PIN not escaped when using quality bar.
Jan 12 2022, 2:08 PM · pinentry, Bug Report
werner added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

Thanks for diving into the history of that code.

Jan 12 2022, 8:55 AM · Testing, Bug Report, gnupg (gpg23)
werner committed rW6d1fedf5ce14: web: Add missing news entries (authored by werner).
web: Add missing news entries
Jan 12 2022, 8:54 AM
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

Here is the backport to 2.2:

Jan 12 2022, 7:35 AM · Testing, Bug Report, gnupg (gpg23)
gniibe committed rG4aeeaa65ad09: gpg: Fix adding the list of ultimate trusted keys. (authored by gniibe).
gpg: Fix adding the list of ultimate trusted keys.
Jan 12 2022, 5:42 AM
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

In the original code, register_trusted_keyid is used in keygen.c, so that it updates user_utk_list, thus, will be into utk_list.
This should be done, by adding the keyid to utk_list directly.

Jan 12 2022, 5:41 AM · Testing, Bug Report, gnupg (gpg23)
gniibe triaged T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG as High priority.

Things have been a bit buggy here (probably, since the beginning).
In g10/trustdb.c,

Jan 12 2022, 5:31 AM · Testing, Bug Report, gnupg (gpg23)
gniibe claimed T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.
Jan 12 2022, 2:32 AM · Testing, Bug Report, gnupg (gpg23)
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

Let me clarify:

Jan 12 2022, 2:32 AM · Testing, Bug Report, gnupg (gpg23)
l10n daemon script <scripty@kde.org> committed rKLEOPATRA0e94d0e00326: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT made messages (after extraction)
Jan 12 2022, 1:49 AM
gniibe added a project to T5730: During make, compile error under Ubuntu 21.10: gpgme.
Jan 12 2022, 1:46 AM · gpgme, Bug Report
gniibe added a project to T5747: Provide a way to request non-FIPS service in FIPS mode: Testing.
Jan 12 2022, 1:45 AM · Feature Request, FIPS, libgcrypt
gniibe added a project to T5759: Rename rndlinux module to rndoldlinux: Testing.
Jan 12 2022, 1:44 AM · libgcrypt, FIPS

Jan 11 2022

Saturneric claimed T5598: AppImage of gpg.

I found this post when I was searching everywhere for a solution, and I was delighted. I've recently been trying to upload GpgFrontned in the Apple Store vs Microsoft and I'm having some trouble.

Jan 11 2022, 9:13 PM · AppImage, gnupg, Restricted Project, Feature Request
jukivili committed rC9bbb6c2c5d03: mpi/config.links: merge i586 targets with rest i*86 targets (authored by jukivili).
mpi/config.links: merge i586 targets with rest i*86 targets
Jan 11 2022, 7:17 PM
jukivili committed rC2800de892585: mpi: remove unused i586 and pentium4 assembly (authored by jukivili).
mpi: remove unused i586 and pentium4 assembly
Jan 11 2022, 7:17 PM
jukivili committed rC0c0f27a89205: mpi/amd64: remove extra 'ret' from assembly functions (authored by jukivili).
mpi/amd64: remove extra 'ret' from assembly functions
Jan 11 2022, 7:17 PM
jukivili committed rC11ade08efbfb: Add straight-line speculation hardening for amd64 and i386 assembly (authored by jukivili).
Add straight-line speculation hardening for amd64 and i386 assembly
Jan 11 2022, 7:17 PM
jukivili committed rC34bcc102158a: Add straight-line speculation hardening for aarch64 assembly (authored by jukivili).
Add straight-line speculation hardening for aarch64 assembly
Jan 11 2022, 7:17 PM
jukivili committed rCff2a647d3667: Optimizations for AES aarch64-ce assembly implementation (authored by jukivili).
Optimizations for AES aarch64-ce assembly implementation
Jan 11 2022, 7:17 PM
jukivili committed rC4e6f1ef5a00e: Add armv8/pmull accelerated POLYVAL for GCM-SIV (authored by jukivili).
Add armv8/pmull accelerated POLYVAL for GCM-SIV
Jan 11 2022, 7:17 PM
jukivili committed rC859b6ac7fbdb: Use 'vmov' and 'movi' for vector register clearing in ARM assembly (authored by jukivili).
Use 'vmov' and 'movi' for vector register clearing in ARM assembly
Jan 11 2022, 7:17 PM
jukivili committed rCf664333a4749: Add SM3 ARM/AArch64 assembly implementation (authored by jukivili).
Add SM3 ARM/AArch64 assembly implementation
Jan 11 2022, 7:17 PM
Jakuje added a comment to T5512: Implement service indicators.

I went through the documentation related to FIPS and updated some wording to match reality. It will probably require still some more work.

Jan 11 2022, 7:10 PM · Feature Request, FIPS, libgcrypt
Jakuje added a comment to T5512: Implement service indicators.

This is my draft for the FIPS indicator KDF. I think we do not need to keep the original GCRYCTL_FIPS_SERVICE_INDICATOR if we replace it also in the tests. This will also need some tests and documentation update.

Jan 11 2022, 3:46 PM · Feature Request, FIPS, libgcrypt