Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jul 7 2022

gniibe closed T5120: Incompatible Ed25519 secret key (no-encryption) as Resolved.
Jul 7 2022, 6:51 AM · gnupg (gpg22), Bug Report
gniibe removed a project from T5953: batch signature fails with imported ed25519 signing key as of 2.2.34: Restricted Project.

Fixed in 2.2.36.

Jul 7 2022, 6:51 AM · gnupg (gpg22), Bug Report
gniibe closed T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s) as Resolved.
Jul 7 2022, 6:50 AM · backport, gnupg, scd, patch
gniibe closed T6033: Regression in GnuPG 2.2.34 with some ECC keys as Resolved.
Jul 7 2022, 6:50 AM · Bug Report, gnupg (gpg22)
gniibe removed a project from T6033: Regression in GnuPG 2.2.34 with some ECC keys: Restricted Project.

Fixed in 2.2.36.

Jul 7 2022, 6:50 AM · Bug Report, gnupg (gpg22)
gniibe committed rCb2a64ed4f34a: cipher: Fix gcry_pk_hash_verify for explicit hash. (authored by gniibe).
cipher: Fix gcry_pk_hash_verify for explicit hash.
Jul 7 2022, 5:16 AM
gniibe claimed T6066: gcry_pk_hash_verify() does not work with explicitly specified hash algorithm.

Thank you for your report. That's my badness (forgetting to implement in pk_verify_md function).

Jul 7 2022, 5:07 AM · backport, libgcrypt, Bug Report
gniibe committed rC37b812f5e2a3: tests/t-kdf: Test KDF FIPS indicator (authored by Clemens Lang via Gcrypt-devel <gcrypt-devel@lists.gnupg.org>).
tests/t-kdf: Test KDF FIPS indicator
Jul 7 2022, 4:47 AM
gniibe committed rC45a139b166a3: tests: Test gcry_pk_hash_sign w/explicit hash algo (authored by Clemens Lang via Gcrypt-devel <gcrypt-devel@lists.gnupg.org>).
tests: Test gcry_pk_hash_sign w/explicit hash algo
Jul 7 2022, 4:47 AM

Jul 6 2022

gniibe added a comment to T6048: Test suite fixes with --enable-pubkey-ciphers=ecc.

Thanks. Applied. Also, fixed about a warning for ChaCha20.

Jul 6 2022, 7:56 AM · FIPS, libgcrypt
gniibe triaged T6059: ntbtls: use of shorter hash for ECC as Normal priority.
Jul 6 2022, 6:57 AM · Feature Request, Restricted Project, ntbtls
gniibe added a comment to T6058: clarify need of --batch and/or --pinentry-mode looback with --passphrase-* options.

I admit that documentation for users should be updated and/or semantics of options could be improved.

Jul 6 2022, 4:36 AM · gnupg, Documentation
gniibe committed rC8d5053fb08cf: cipher,chacha20: Conditionalize a variable. (authored by gniibe).
cipher,chacha20: Conditionalize a variable.
Jul 6 2022, 2:36 AM
gniibe committed rC9d6203532d90: tests/basic: Skip non-FIPS tests in FIPS mode (authored by neverpanic).
tests/basic: Skip non-FIPS tests in FIPS mode
Jul 6 2022, 2:20 AM

Jul 5 2022

gniibe committed rG424aa3543de0: gpg,build: Fix message for newer gettext. (authored by gniibe).
gpg,build: Fix message for newer gettext.
Jul 5 2022, 6:48 AM
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Let me know how best to submit it

Jul 5 2022, 4:36 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe committed rCe2a7a0c9f5d2: kdf: Fix memory leak on error. (authored by gniibe).
kdf: Fix memory leak on error.
Jul 5 2022, 4:09 AM

Jul 1 2022

gniibe committed rCc5480b4934bb: fips: Skip selftests of unsupported PK algos (authored by neverpanic).
fips: Skip selftests of unsupported PK algos
Jul 1 2022, 9:22 AM
gniibe committed rC56000fb5c42f: build: Skip PK-specific tests if algo is disabled (authored by neverpanic).
build: Skip PK-specific tests if algo is disabled
Jul 1 2022, 9:22 AM
gniibe committed rC572b0bf9668d: tests/keygen.c: Skip unavailable PK algorithms (authored by neverpanic).
tests/keygen.c: Skip unavailable PK algorithms
Jul 1 2022, 9:22 AM
gniibe committed rC78c0d76f8092: tests/benchmark: Skip unavailable PK algorithms (authored by neverpanic).
tests/benchmark: Skip unavailable PK algorithms
Jul 1 2022, 9:22 AM
gniibe committed rCe78cf3df23a2: tests/basic: Skip tests if PK algo is unavailable (authored by neverpanic).
tests/basic: Skip tests if PK algo is unavailable
Jul 1 2022, 9:22 AM
gniibe committed rC4f4da6cbf065: tests/pubkey: Skip tests if PK algo is unavailable (authored by neverpanic).
tests/pubkey: Skip tests if PK algo is unavailable
Jul 1 2022, 9:22 AM
gniibe committed rC96fafffeeba5: kdf: Skip tests if hash algo is not available (authored by neverpanic).
kdf: Skip tests if hash algo is not available
Jul 1 2022, 9:22 AM
gniibe updated subscribers of T6048: Test suite fixes with --enable-pubkey-ciphers=ecc.
Jul 1 2022, 9:16 AM · FIPS, libgcrypt
gniibe added a project to T6048: Test suite fixes with --enable-pubkey-ciphers=ecc: Restricted Project.

Applied and pushed.

Jul 1 2022, 9:16 AM · FIPS, libgcrypt
gniibe added a project to T6048: Test suite fixes with --enable-pubkey-ciphers=ecc: FIPS.

The last patch is related to FIPS, so, I add the FIPS tag.

Jul 1 2022, 9:13 AM · FIPS, libgcrypt
gniibe added a project to T6048: Test suite fixes with --enable-pubkey-ciphers=ecc: libgcrypt.
Jul 1 2022, 8:52 AM · FIPS, libgcrypt

Jun 30 2022

gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

We could change how device keys are listed. Currently, Scute does KEYINFO --list, then asking gpgsm for each certificate.

Jun 30 2022, 3:57 AM · Feature Request, scute
gniibe added a comment to T6050: GnuPG fails to import back generated and exported ed448 secret key..

Thank you for your report.

Jun 30 2022, 3:47 AM · Bug Report
gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

The change requires "KEYINFO --list" command. This is not available through remote access of gpg-agent (extra socket).

Jun 30 2022, 3:05 AM · Feature Request, scute
gniibe claimed T6050: GnuPG fails to import back generated and exported ed448 secret key..
Jun 30 2022, 3:03 AM · Bug Report

Jun 29 2022

gniibe claimed T6048: Test suite fixes with --enable-pubkey-ciphers=ecc.
Jun 29 2022, 9:58 AM · FIPS, libgcrypt
gniibe triaged T6048: Test suite fixes with --enable-pubkey-ciphers=ecc as Normal priority.
Jun 29 2022, 9:58 AM · FIPS, libgcrypt
gniibe added a comment to T5912: libgpg-error: Drop WindowsCE support.

Applied the changes to master.

Jun 29 2022, 2:00 AM · gpgrt

Jun 28 2022

gniibe moved T4873: Enable AES GCM in FIPS mode from Backlog to Next on the FIPS board.
Jun 28 2022, 11:19 AM · FIPS, libgcrypt, Feature Request
gniibe moved T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF from Backlog to Next on the FIPS board.
Jun 28 2022, 10:58 AM · backport, libgcrypt, FIPS
gniibe committed rKe51d5c7ce81f: build: Update gpg-error.m4. (authored by gniibe).
build: Update gpg-error.m4.
Jun 28 2022, 6:48 AM
gniibe committed rE2bafe2cdddb9: Remove W32CE support from mkheader.c. (authored by gniibe).
Remove W32CE support from mkheader.c.
Jun 28 2022, 6:10 AM
gniibe committed rEc49fc80e7640: Remove mkw32errmap.c file. (authored by gniibe).
Remove mkw32errmap.c file.
Jun 28 2022, 6:10 AM
gniibe committed rE084d135f44a0: Typo fix in autogen.sh. (authored by gniibe).
Typo fix in autogen.sh.
Jun 28 2022, 6:10 AM
gniibe committed rEb866f7baf86f: Remove W32CE support from autogen.sh. (authored by gniibe).
Remove W32CE support from autogen.sh.
Jun 28 2022, 6:10 AM
gniibe committed rE14ead267268f: Remove Windows CE support. (authored by gniibe).
Remove Windows CE support.
Jun 28 2022, 6:10 AM
gniibe committed rTb0e62c243165: build: Update gpg-error.m4. (authored by gniibe).
build: Update gpg-error.m4.
Jun 28 2022, 5:27 AM
gniibe added projects to T5912: libgpg-error: Drop WindowsCE support: gpgrt, Restricted Project.
Jun 28 2022, 5:15 AM · gpgrt
gniibe committed rM02a2f3503590: build: When no gpg-error-config, not install gpgme-config. (authored by gniibe).
build: When no gpg-error-config, not install gpgme-config.
Jun 28 2022, 5:00 AM
gniibe committed rMaa94b4cee5aa: build: Update gpg-error.m4 (authored by gniibe).
build: Update gpg-error.m4
Jun 28 2022, 5:00 AM
gniibe added a comment to T5769: fix typo in autogen.sh.

Fixed in libgpg-error.

Jun 28 2022, 4:38 AM · Documentation, gpgrt
gniibe committed rA3156f29a797d: build: Update gpg-error.m4. (authored by gniibe).
build: Update gpg-error.m4.
Jun 28 2022, 4:34 AM
gniibe committed rG8aa9f80be0bb: agent: Add description for "Prompt" field. (authored by gniibe).
agent: Add description for "Prompt" field.
Jun 28 2022, 3:38 AM
gniibe added a comment to T5985: private-key: Support "Use-for-ssh" flag.

We removed assuming "OPENPGP.3" means for ssh.

Jun 28 2022, 3:31 AM · Feature Request, ssh, gpgagent
gniibe closed T5996: ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available, a subtask of T5984: gpg-agent interaction improvement (smartcard improvement #3), as Resolved.
Jun 28 2022, 3:29 AM · ssh, gpgagent, scd
gniibe closed T5996: ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available as Resolved.
Jun 28 2022, 3:29 AM · ssh, gpgagent, scd
gniibe committed rG39422f1d63e2: agent: Don't assume "OPENPGP.3" key means "Use-for-ssh:". (authored by gniibe).
agent: Don't assume "OPENPGP.3" key means "Use-for-ssh:".
Jun 28 2022, 3:27 AM
gniibe renamed T5996: ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available from ssh,card: OpenPGP.3 keys should be on the list (as default) even when card is not available to ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available.
Jun 28 2022, 3:22 AM · ssh, gpgagent, scd
gniibe added a comment to T5996: ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available.

Having "Use-for-ssh" flag now, experience shows that including OpenPGP.3 keys by default is not convenient.

Jun 28 2022, 3:20 AM · ssh, gpgagent, scd

Jun 24 2022

gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

The change allows internal use of HMAC with shorter key.

Jun 24 2022, 2:59 AM · backport, libgcrypt, FIPS
gniibe committed rC58c92098d053: hmac,hkdf: Allow use of shorter salt for HKDF. (authored by gniibe).
hmac,hkdf: Allow use of shorter salt for HKDF.
Jun 24 2022, 2:03 AM
gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

Considering again, I concluded the patch above should be applied.
The use of SALT in HKDF may be not secret and there are valid use cases with no last or shorter salt. It's different to the use case of HMAC, where KEY is secret.

Jun 24 2022, 1:59 AM · backport, libgcrypt, FIPS
gniibe committed rG9e2307ddf0c2: agent: Flush before calling ftruncate. (authored by gniibe).
agent: Flush before calling ftruncate.
Jun 24 2022, 1:51 AM

Jun 23 2022

gniibe added a project to T6035: Portability issue: ftruncate: Restricted Project.
Jun 23 2022, 4:27 AM · backport, gpgagent, gnupg
gniibe committed rG99d2931887e5: agent: Flush before calling ftruncate. (authored by gniibe).
agent: Flush before calling ftruncate.
Jun 23 2022, 4:07 AM
gniibe added a comment to T6035: Portability issue: ftruncate.

Even if it is only a single case (of old version of Wine), I think that it is worth to add es_fflush when writing to file.

Jun 23 2022, 4:05 AM · backport, gpgagent, gnupg
gniibe added a comment to T5988: agent: Add new command to update private key fields.

What about rejected changes to "Key:"?

Jun 23 2022, 3:05 AM · Feature Request, ssh, gpgagent
gniibe committed rG26d5a6e862c6: agent: KEYATTR only allows access to attribute. (authored by gniibe).
agent: KEYATTR only allows access to attribute.
Jun 23 2022, 3:04 AM
gniibe committed rG2c47c6662793: agent: Fix KEYATTR command for --delete option. (authored by gniibe).
agent: Fix KEYATTR command for --delete option.
Jun 23 2022, 3:04 AM

Jun 22 2022

gniibe added a project to T5988: agent: Add new command to update private key fields: Restricted Project.
Jun 22 2022, 8:49 AM · Feature Request, ssh, gpgagent
gniibe committed rG30b54a0ebbaa: agent: Add KEYATTR command. (authored by gniibe).
agent: Add KEYATTR command.
Jun 22 2022, 8:49 AM
gniibe added a project to T6033: Regression in GnuPG 2.2.34 with some ECC keys: Restricted Project.
Jun 22 2022, 6:38 AM · Bug Report, gnupg (gpg22)
gniibe added a project to T5921: No sharing of log_fd between child process: Restricted Project.
Jun 22 2022, 6:37 AM · Bug Report, gnupg (gpg23)
gniibe committed rGfe535cf26592: agent,gpg,tools: Fix use of log_get_fd. (authored by gniibe).
agent,gpg,tools: Fix use of log_get_fd.
Jun 22 2022, 6:37 AM
gniibe added projects to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF: FIPS, libgcrypt.
Jun 22 2022, 3:48 AM · backport, libgcrypt, FIPS
gniibe renamed T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF from FIPS: Allow salt=NULL for HKDF to FIPS: Allow salt=NULL (or shorter salt) for HKDF.
Jun 22 2022, 3:47 AM · backport, libgcrypt, FIPS
gniibe updated the task description for T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.
Jun 22 2022, 3:47 AM · backport, libgcrypt, FIPS
gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

In rC76aad97dd312: fips: Reject shorter key for HMAC in FIPS mode., I added rejection, but it would be good to move the check to src/visibility.c to allow internal use.

Jun 22 2022, 3:46 AM · backport, libgcrypt, FIPS
gniibe triaged T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF as Normal priority.
Jun 22 2022, 3:41 AM · backport, libgcrypt, FIPS

Jun 21 2022

gniibe added a comment to T6035: Portability issue: ftruncate.

Looking illumos-gate, Solaris variants have no issues.

Jun 21 2022, 12:46 PM · backport, gpgagent, gnupg
gniibe added a comment to T6035: Portability issue: ftruncate.

Wine 5.0.3 (on Debian bullseye) fails.
Wine 6.0.3 Debian testing does no failure.

Jun 21 2022, 10:35 AM · backport, gpgagent, gnupg
gniibe committed rC07722d89bac1: kdf,fips: Modify HKDF test for FIPS mode. (authored by gniibe).
kdf,fips: Modify HKDF test for FIPS mode.
Jun 21 2022, 8:40 AM
gniibe added a comment to T6033: Regression in GnuPG 2.2.34 with some ECC keys.

My intention to refer rG7b1db7192 was to specify the HEAD of STABLE-BRANCH-2-2, meaning "the head of STABLE-BRANCH-2-2 today". The commit itself has no meaning.

Jun 21 2022, 7:32 AM · Bug Report, gnupg (gpg22)
gniibe committed rCe0f0c788dc0f: kdf: Add input check for hkdf. (authored by gniibe).
kdf: Add input check for hkdf.
Jun 21 2022, 7:21 AM
gniibe added a comment to T6035: Portability issue: ftruncate.

I created minimized test:

ftruncate-check.c969 BDownload

Jun 21 2022, 4:38 AM · backport, gpgagent, gnupg

Jun 20 2022

gniibe added projects to T6035: Portability issue: ftruncate: gnupg, gpgagent.
Jun 20 2022, 10:33 AM · backport, gpgagent, gnupg
gniibe created T6035: Portability issue: ftruncate.
Jun 20 2022, 10:33 AM · backport, gpgagent, gnupg
gniibe added a comment to T6033: Regression in GnuPG 2.2.34 with some ECC keys.

I can replicate the error by 2.2.35, but I cannot replicate it with rG7b1db7192.
I tested:

  • GNU/Linux
    • i686
    • x86_64
  • Windows
    • i686
Jun 20 2022, 8:33 AM · Bug Report, gnupg (gpg22)
gniibe committed rA97516d6c24b9: Don't access NULL by wipememory. (authored by gniibe).
Don't access NULL by wipememory.
Jun 20 2022, 4:51 AM
gniibe committed rA5277f24ab4b0: Fix the previous commit. (authored by gniibe).
Fix the previous commit.
Jun 20 2022, 4:51 AM

Jun 16 2022

gniibe added a comment to T5964: gnupg should use the KDFs implemented in libgcrypt.

I pushed the change needed for GnuPG to t5964 branch.
See: https://dev.gnupg.org/rGc281bd94349e4f7997a89927aaa2c2f45004b902

Jun 16 2022, 8:47 AM · gnupg26, FIPS, Feature Request
gniibe added a comment to T5964: gnupg should use the KDFs implemented in libgcrypt.

Added HKDF implementation to master.

Jun 16 2022, 8:18 AM · gnupg26, FIPS, Feature Request
gniibe committed rCfbddfb964f0b: kdf: Add HKDF of RFC5869. (authored by gniibe).
kdf: Add HKDF of RFC5869.
Jun 16 2022, 8:04 AM
gniibe added a comment to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd').

Applied to 1.10 branch.

Jun 16 2022, 2:40 AM · backport, hppa, libgcrypt, Gentoo, Bug Report
gniibe added a comment to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd').

didn't seem to work with 1.9.x

Jun 16 2022, 2:38 AM · backport, hppa, libgcrypt, Gentoo, Bug Report

Jun 15 2022

gniibe committed rSf7b73cb6a303: Add constant from PKCS#11 3.0. (authored by gniibe).
Add constant from PKCS#11 3.0.
Jun 15 2022, 7:57 AM
gniibe committed rSed1be1c141b9: Tweak for GetSlotList for firefox. (authored by gniibe).
Tweak for GetSlotList for firefox.
Jun 15 2022, 6:40 AM
gniibe committed rSc04939fb4929: Allow SeedRandom. (authored by gniibe).
Allow SeedRandom.
Jun 15 2022, 6:40 AM
gniibe committed rS0cb3e4458c31: Cleanup. (authored by gniibe).
Cleanup.
Jun 15 2022, 4:57 AM
gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

I found this page:
https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_tech_notes/nss_tech_note2/index.html

Jun 15 2022, 3:44 AM · Feature Request, scute
gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

In the branch https://dev.gnupg.org/source/Scute/history/t6002/ , by the commit rS123d617ebefe: Less administration of devices by scute., things has been changed.

Jun 15 2022, 3:39 AM · Feature Request, scute
gniibe committed rS123d617ebefe: Less administration of devices by scute. (authored by gniibe).
Less administration of devices by scute.
Jun 15 2022, 3:07 AM

Jun 14 2022

gniibe committed rSe809dde00007: Fix sign/decrypt operation. (authored by gniibe).
Fix sign/decrypt operation.
Jun 14 2022, 1:15 PM
First
Prev
Next