Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Oct 20 2022

werner committed rG5ae2632002c0: gpgsm: Support decryption of ECDH data (authored by werner).
gpgsm: Support decryption of ECDH data
Oct 20 2022, 5:34 PM
werner committed rG8b2c55d3c5da: gpgsm: Remove restriction of key generation (only RSA). (authored by gniibe).
gpgsm: Remove restriction of key generation (only RSA).
Oct 20 2022, 5:34 PM
werner committed rG37a853d808f0: gpgsm: Support key generation with ECC. (authored by gniibe).
gpgsm: Support key generation with ECC.
Oct 20 2022, 5:34 PM
werner added a parent task for T6252: Support ECC for Netkey cards also in 2.2: T6253: GpgSM: Backport ECC support to 2.2.
Oct 20 2022, 2:33 PM · gnupg (gpg22), scd, Restricted Project
werner added a subtask for T6253: GpgSM: Backport ECC support to 2.2: T6252: Support ECC for Netkey cards also in 2.2.
Oct 20 2022, 2:33 PM · gnupg22 (gnupg-2.2.42), Restricted Project, Feature Request, S/MIME
werner triaged T6253: GpgSM: Backport ECC support to 2.2 as High priority.
Oct 20 2022, 2:32 PM · gnupg22 (gnupg-2.2.42), Restricted Project, Feature Request, S/MIME
werner changed the status of T6252: Support ECC for Netkey cards also in 2.2, a subtask of T4938: Support Signature Card V2.0 (NKS15), from Open to Testing.
Oct 20 2022, 2:12 PM · eIDAS, scd, Feature Request, S/MIME
werner changed the status of T6252: Support ECC for Netkey cards also in 2.2 from Open to Testing.
Oct 20 2022, 2:12 PM · gnupg (gpg22), scd, Restricted Project
werner added a parent task for T6252: Support ECC for Netkey cards also in 2.2: T4938: Support Signature Card V2.0 (NKS15).
Oct 20 2022, 2:11 PM · gnupg (gpg22), scd, Restricted Project
werner added a subtask for T4938: Support Signature Card V2.0 (NKS15): T6252: Support ECC for Netkey cards also in 2.2.
Oct 20 2022, 2:11 PM · eIDAS, scd, Feature Request, S/MIME
werner added a comment to T6249: gpgrt: spawn functions.

without this list we don't have an option to keep file descriptors open; its not just stderr but for example log files and descriptors which pare passed by other meands than libassuan functions.

Oct 20 2022, 1:52 PM · gnupg, libassuan, gpgrt
werner committed rG1e69676981ac: scd:nks: Don't flag the ESIGN keypair EF as encryption capable. (authored by werner).
scd:nks: Don't flag the ESIGN keypair EF as encryption capable.
Oct 20 2022, 12:23 PM
werner committed rGf24904ee3540: scd:nks: Some code cleanup. (authored by werner).
scd:nks: Some code cleanup.
Oct 20 2022, 12:23 PM
werner committed rG5cd25f4ca485: scd:nks: Support the Telesec ESIGN application. (authored by werner).
scd:nks: Support the Telesec ESIGN application.
Oct 20 2022, 12:23 PM
werner committed rGb19958278931: scd:nks: Return USAGE information for KEYINFO command. (authored by gniibe).
scd:nks: Return USAGE information for KEYINFO command.
Oct 20 2022, 12:23 PM
werner committed rG8bccd95b38f2: scd:nks: Add support for signing plain SHA-2 digests. (authored by ikloecker).
scd:nks: Add support for signing plain SHA-2 digests.
Oct 20 2022, 12:23 PM
werner committed rG77b008d1e74b: scd:nks: Handle APP_READKEY_FLAG_INFO. (authored by werner).
scd:nks: Handle APP_READKEY_FLAG_INFO.
Oct 20 2022, 12:23 PM
werner committed rG3c1acb7b9fa4: scd:nks: Support READKEY with keygrip and for "NKS-IDLM" keyref. (authored by gniibe).
scd:nks: Support READKEY with keygrip and for "NKS-IDLM" keyref.
Oct 20 2022, 12:23 PM
werner committed rG1f2823e0beee: scd:nks: Add support of KEYGRIP for do_readcert. (authored by gniibe).
scd:nks: Add support of KEYGRIP for do_readcert.
Oct 20 2022, 12:23 PM
werner committed rG0979ae349131: scd:nks: Factor out pubkey retrieval from keygrip handling. (authored by gniibe).
scd:nks: Factor out pubkey retrieval from keygrip handling.
Oct 20 2022, 12:23 PM
werner committed rGea7234d2f591: scd:nks: Factor out iteration over filelist. (authored by gniibe).
scd:nks: Factor out iteration over filelist.
Oct 20 2022, 12:23 PM
werner committed rGc9eb4c063231: scd:nks: Fix caching keygrip (more). (authored by gniibe).
scd:nks: Fix caching keygrip (more).
Oct 20 2022, 12:23 PM
werner committed rGcf5f6896f810: scd:nks: Minor additions to the basic IDLM application support. (authored by werner).
scd:nks: Minor additions to the basic IDLM application support.
Oct 20 2022, 12:23 PM
werner committed rGf1bd7369a754: scd,nks: Fix caching keygrip. (authored by gniibe).
scd,nks: Fix caching keygrip.
Oct 20 2022, 12:23 PM
werner committed rGc1c3331cf965: scd:nks: Emit the algo string with KEYPAIRINFO (authored by werner).
scd:nks: Emit the algo string with KEYPAIRINFO
Oct 20 2022, 12:23 PM
werner committed rGc99870f790c6: scd:nks: Fix certificate read problem with TCOS signature card v2. (authored by werner).
scd:nks: Fix certificate read problem with TCOS signature card v2.
Oct 20 2022, 12:23 PM
werner committed rGfe698586b5d4: scd:nks: Implement writecert for the Signature card v2. (authored by werner).
scd:nks: Implement writecert for the Signature card v2.
Oct 20 2022, 12:23 PM
werner committed rG60ba61e78ea3: scd:nks: Add framework to support IDKey cards. (authored by werner).
scd:nks: Add framework to support IDKey cards.
Oct 20 2022, 12:23 PM
werner committed rGa974d8aefab1: scd:nks: Fix remaining tries warning in --reset mode. (authored by werner).
scd:nks: Fix remaining tries warning in --reset mode.
Oct 20 2022, 12:23 PM
werner committed rGbbef2d17902b: scd:nks: Support decryption using ECDH. (authored by werner).
scd:nks: Support decryption using ECDH.
Oct 20 2022, 12:23 PM
werner committed rGa83281176c2b: scd:nks: Get the PIN prompts right for the Signature Card (authored by werner).
scd:nks: Get the PIN prompts right for the Signature Card
Oct 20 2022, 12:23 PM
werner committed rGf5e0469d6e74: scd:nks: Add do_with_keygrip and implement a cache. (authored by werner).
scd:nks: Add do_with_keygrip and implement a cache.
Oct 20 2022, 12:23 PM
werner committed rG471e610fcd63: scd:nks: Allow retrieving certificates from a Signature Card v.20 (authored by werner).
scd:nks: Allow retrieving certificates from a Signature Card v.20
Oct 20 2022, 12:23 PM
werner triaged T6252: Support ECC for Netkey cards also in 2.2 as High priority.
Oct 20 2022, 10:56 AM · gnupg (gpg22), scd, Restricted Project
werner added a comment to T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address.

The latter. Detecting mail addresses with regexp is anyway a kludge and we have more stringent code to detect mail addresses in a user-id.

Oct 20 2022, 7:50 AM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner added a comment to T6250: GPG-Agent doesn't work properly with smart cards and ed25519 keys and SSH Agent.

I am using this many years now without any problems. Also my collegues and many other folks I know. Thus the question is how your system differs from commonly used systems.

Oct 20 2022, 7:48 AM · gnupg, Documentation, ssh

Oct 19 2022

werner added a comment to T6250: GPG-Agent doesn't work properly with smart cards and ed25519 keys and SSH Agent.

We do not support OpenSSH certificates but ignore such requests. However, the keys from the certificates will be imported correctly. You should use the stable version of GnuPG (2.3.8) and not the LTS version 2.,2.

Oct 19 2022, 7:36 PM · gnupg, Documentation, ssh
werner committed rD34eed1bd03f3: web: Fix last commit (authored by werner).
web: Fix last commit
Oct 19 2022, 4:10 PM
werner committed rD2ab884d58ee0: web: Add download links for GnuPG Desktop 2.3.8 (authored by werner).
web: Add download links for GnuPG Desktop 2.3.8
Oct 19 2022, 3:40 PM
werner added a comment to T6243: SMIME on Outlook not working, if GPG-Plugin installed.

This is the first report we have on such a problem despite of hundred thousands of users. "Triage" means that we need to look at a report to check its priority.

Oct 19 2022, 1:53 PM · gpgol, Bug Report
werner raised the priority of T6243: SMIME on Outlook not working, if GPG-Plugin installed from High to Needs Triage.
Oct 19 2022, 12:09 PM · gpgol, Bug Report
werner triaged T6248: FIPS compliant RSA OAEP encryption as Normal priority.

So, this is only for OAEP but not for ECDH? FWIW, GnUPG uses OAEP only for S/MIME.

Oct 19 2022, 7:54 AM · libgcrypt, FIPS, Feature Request

Oct 18 2022

werner added a comment to T6228: TOFU data are not updated when creating an encrypted message.

FWIW: I am not anymore very convinced of our tofu code. it leaks too many information because it tracks and stored all signature verification. The model is further way too complicated and the SQL used will eventually lead to a resource problem. Maybe doing Tofu stuff in the frontend is a better idea and get rid of all the history processing which works only for fresh mails and not for data verification.

Oct 18 2022, 5:55 PM · gpgme, TOFU
werner added a comment to T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address.

We already detect mail addresses for different purposes and thus it will be easy to enclose them in angle brackets just for comparision.. Almost all trust signatures out there are created by gpg and used to restrict the mail domain. No need for different regexp. See also the comments in the code related to the history.

Oct 18 2022, 8:03 AM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 18 2022, 7:52 AM · CVE, Release Info, libksba

Oct 17 2022

werner committed rD85cd5e211ac7: web: Add security advisory (authored by werner).
web: Add security advisory
Oct 17 2022, 3:52 PM
werner closed T6106: Release GnuPG 2.3.8 as Resolved.
Oct 17 2022, 3:04 PM · Release Info, gnupg (gpg23)
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000476.html on T6106: Release GnuPG 2.3.8.
Oct 17 2022, 3:04 PM · Release Info, gnupg (gpg23)
werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Fixed Gpg4win version: https://lists.wald.intevation.org/pipermail/gpg4win-announce/2022/000098.html

Oct 17 2022, 3:03 PM · CVE, Release Info, libksba
werner committed rW2bd00a3c6fc1: appimage: Typo fix (authored by werner).
appimage: Typo fix
Oct 17 2022, 10:49 AM
werner committed rD3748173afd84: swdb: GnuPG 2.2.40 (authored by werner).
swdb: GnuPG 2.2.40
Oct 17 2022, 9:39 AM
werner committed rD6ec37744ca4e: Security Advisory 6230 (authored by werner).
Security Advisory 6230
Oct 17 2022, 9:39 AM
werner committed rDf9f83f9583aa: Add CVE to the security advisory (authored by werner).
Add CVE to the security advisory
Oct 17 2022, 9:39 AM
werner committed rD4a5133ae6c77: swdb: gpg4win 4.0.4 and gnupgdesk 2.3.8 (authored by werner).
swdb: gpg4win 4.0.4 and gnupgdesk 2.3.8
Oct 17 2022, 9:39 AM
werner committed rDfb5e37e091cc: swdb: GnuPG 2.3.8 (authored by werner).
swdb: GnuPG 2.3.8
Oct 17 2022, 9:39 AM
werner set External Link to https://gnupg.org/blog/20221017-pepe-left-the-ksba.html on T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 9:26 AM · CVE, Release Info, libksba
werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

As usual see https://gnupg.org/download for links to the latest packages. For Gpg4win see https://gpg4win.org

Oct 17 2022, 9:25 AM · CVE, Release Info, libksba
werner reopened T6230: Release Libksba 1.6.2 (CVE-2022-3515) as "Open".
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner renamed T6230: Release Libksba 1.6.2 (CVE-2022-3515) from Release Libksba 1.6.2 to Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:46 AM · CVE, Release Info, libksba

Oct 14 2022

werner committed rW36f82ca0ab55: Merge remote-tracking branch 'origin' (authored by werner).
Merge remote-tracking branch 'origin'
Oct 14 2022, 7:34 PM
werner committed rWc79f4e760ba0: Update to GnuPG 2.3.8 (authored by werner).
Update to GnuPG 2.3.8
Oct 14 2022, 7:34 PM
werner committed rW8dff5492a25e: Prepare NEWS for 4.0.4 and post release updates for 3.1.25 (authored by werner).
Prepare NEWS for 4.0.4 and post release updates for 3.1.25
Oct 14 2022, 7:34 PM
werner committed rW8d9dabd90932: Post release updates (authored by werner).
Post release updates
Oct 14 2022, 7:34 PM
werner committed rW1fc993efc6f5: appimage: Fix signature checking of --version option. (authored by werner).
appimage: Fix signature checking of --version option.
Oct 14 2022, 7:34 PM
werner committed rW68b0a1c9eb8e: appimage: Next try to get --keep-socket working (authored by werner).
appimage: Next try to get --keep-socket working
Oct 14 2022, 7:34 PM
werner committed rW1657191fbcb4: doc: Update build instructions in README (authored by werner).
doc: Update build instructions in README
Oct 14 2022, 7:34 PM
werner committed rWad24ce9994d7: appimage: Fix last commit (authored by werner).
appimage: Fix last commit
Oct 14 2022, 7:34 PM
werner committed rW14b7e292167e: Update to GpgOL 2.5.5 (authored by werner).
Update to GpgOL 2.5.5
Oct 14 2022, 7:34 PM
werner committed rW33dd8ef6a1e9: appimage: Add trademark notices. (authored by werner).
appimage: Add trademark notices.
Oct 14 2022, 7:34 PM
werner committed rWd8befe24aa69: appimage: Add new start option --keep-socket (authored by werner).
appimage: Add new start option --keep-socket
Oct 14 2022, 7:34 PM
werner committed rW371f9f768ca1: Fix build problems on systems with automake != 1.15 installed. (authored by werner).
Fix build problems on systems with automake != 1.15 installed.
Oct 14 2022, 7:34 PM
werner committed rWdc9ce44aba8d: doc: Add a comment to the packages file. (authored by werner).
doc: Add a comment to the packages file.
Oct 14 2022, 7:34 PM
werner committed rWa3eabcc37d9f: Add support for dw2 exceptions (authored by aheinecke).
Add support for dw2 exceptions
Oct 14 2022, 7:34 PM
werner committed rW8c38717f2d07: Prepare 3.1.25 (authored by werner).
Prepare 3.1.25
Oct 14 2022, 7:34 PM
werner committed rWd6c4f88ab91f: Update to GnuPG 2.2.40 (authored by werner).
Update to GnuPG 2.2.40
Oct 14 2022, 7:34 PM
werner updated the task description for T6106: Release GnuPG 2.3.8.
Oct 14 2022, 6:02 PM · Release Info, gnupg (gpg23)
werner updated the task description for T6181: Release GnuPG 2.2.40.
Oct 14 2022, 6:01 PM · gnupg (gpg22), Release Info

Oct 13 2022

werner committed rGedf3b8aa53f7: Post release updates (authored by werner).
Post release updates
Oct 13 2022, 6:29 PM
werner committed rG6f12f952dad1: Release 2.3.8 (authored by werner).
Release 2.3.8
Oct 13 2022, 6:29 PM
werner committed rG0bb0450c4ae7: speedo: Fix location of gpg-wks-client (authored by werner).
speedo: Fix location of gpg-wks-client
Oct 13 2022, 6:29 PM
werner committed rG70ec346fb4c8: Post release updates (authored by werner).
Post release updates
Oct 13 2022, 6:00 PM
werner committed rG5df1c247be52: gpg: For de-vs use AES-128 instead of 3DES as implicit preference. (authored by werner).
gpg: For de-vs use AES-128 instead of 3DES as implicit preference.
Oct 13 2022, 6:00 PM
werner committed rG2e9f8a511dc0: Release 2.2.40 (authored by werner).
Release 2.2.40
Oct 13 2022, 6:00 PM
werner committed rG94092793f6a2: sm: Fix reporting of bad passphrase error (authored by ikloecker).
sm: Fix reporting of bad passphrase error
Oct 13 2022, 6:00 PM
werner committed rG21db05100d0a: po: Auto update (authored by werner).
po: Auto update
Oct 13 2022, 6:00 PM
werner committed rG219dce6b33fa: speedo: Fix for a libgpg-error-config regression. (authored by werner).
speedo: Fix for a libgpg-error-config regression.
Oct 13 2022, 3:48 PM
werner committed rG99f2bd250cc8: po: Auto update (authored by werner).
po: Auto update
Oct 13 2022, 3:48 PM
werner committed rG970b250d65fa: po: Update Turkish translation (authored by Emir SARI <emir_sari@icloud.com>).
po: Update Turkish translation
Oct 13 2022, 3:48 PM
werner committed rG55eef71dbed7: wkd: gpg-wks-client --send checks if build with sendmail support (authored by alexk).
wkd: gpg-wks-client --send checks if build with sendmail support
Oct 13 2022, 3:48 PM
werner committed rG8046fcac63db: po: Update Czech translation. (authored by petr_p).
po: Update Czech translation.
Oct 13 2022, 3:48 PM
werner triaged T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address as Normal priority.
Oct 13 2022, 3:34 PM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner added a comment to P16 (An Untitled Masterwork).

$ ping git.gnupg.org
PING git.gnupg.org (217.69.76.56) 56(84) bytes of data.
64 bytes from cvs.gnupg.org (217.69.76.56): icmp_seq=1 ttl=58 time=6.74 ms
64 bytes from cvs.gnupg.org (217.69.76.56): icmp_seq=2 ttl=58 time=6.87 ms

Oct 13 2022, 12:39 PM
werner closed T6237: GPG.exe "write logs to file" fails to produce logs when executable is ran from network location. as Resolved.

You need to assign a drive letter.

Oct 13 2022, 9:11 AM · Bug Report

Oct 12 2022

werner committed rG1383aa475059: agent: Introduce attribute "Remote-list" to KEYINFO. (authored by werner).
agent: Introduce attribute "Remote-list" to KEYINFO.
Oct 12 2022, 11:52 AM

Oct 11 2022

werner committed rD5323955b665a: tools: Let ftp-indexer handle timestamp version numbers. (authored by werner).
tools: Let ftp-indexer handle timestamp version numbers.
Oct 11 2022, 7:26 PM
werner committed rS1ca01c87d2be: Allow the use of a remote connection. (authored by werner).
Allow the use of a remote connection.
Oct 11 2022, 5:30 PM
werner added a comment to T6235: Problem editing Expiration Time.

My suggestion is to clearly state that there is a direct Key Signature with an expiration date. Another feature would be to add a separate command to modify Direct Key Signatures. However, the latter has the problem that it help with proliferation of such signatures and other OpenPGP implementation will run into other problems. Thus for the whole ecosystem such an option is might not be a good idea.

Oct 11 2022, 3:07 PM · gnupg24, Feature Request
werner added a project to T6230: Release Libksba 1.6.2 (CVE-2022-3515): CVE.
Oct 11 2022, 10:43 AM · CVE, Release Info, libksba
werner added a comment to T6235: Problem editing Expiration Time.

Direct key signatures are rarely used. IIRC, we implemented that the same way PGP did it.

Oct 11 2022, 10:28 AM · gnupg24, Feature Request
First
Prev
Next