- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Apr 23 2024
Alright: We have support for all our combined algos ky{768,1024}_bp{256,384,512}and ky{768,1024}_cv{25519,448} as well as test keys and encrypted test messages.
Another important use-case is to provide a way to migrate to a newer smartcard.
Apr 22 2024
We include the ISSUER_FPR subpacket since version 2.1.16 released 2016. Thus there is virtually always a fingerprint for all signatures available.
With Ingo's suggestions it could look like this.
Please continue on T7041. This ticket is going to be closed (as the problem described was fixed already).
Okay, fix pushed to master, 2.4, and 2.2. Thanks.
Applied to 2.4 branch.
Applied to 2.4 branch.
Here is current version:
diff --git a/src/misc.c b/src/misc.c index 4db2d9a4..bf50b00b 100644 --- a/src/misc.c +++ b/src/misc.c @@ -577,3 +577,61 @@ _gcry_divide_by_zero (void) gpg_err_set_errno (EDOM); _gcry_fatal_error (gpg_err_code_from_errno (errno), "divide by zero"); } + +#ifdef HAVE_CLOCK_GETTIME +#include <time.h> +# if defined(CLOCK_THREAD_CPUTIME_ID) && defined(CLOCK_TAI) +struct gcry_timedwait +{ + clockid_t id; + struct timespec ts; +}; + +typedef struct gcry_timedwait *gcry_timedwait_t; + +gcry_err_code_t +_gcry_timedwait_init (gcry_timedwait_t tw, unsigned int flags) +{ + /* Possibly, it would be good to be able to select the wall clock. + * For now, it's CPU time by the thread. */ + if (flags != 0) + return GPG_ERR_INV_ARG; + + tw->id = CLOCK_THREAD_CPUTIME_ID; + if (clock_gettime (tw->id, &tw->ts) < 0) + return gpg_err_code_from_syserror (); + + return 0; +} + +gcry_err_code_t +_gcry_timedwait_finish (gcry_timedwait_t tw, struct timespec ts_r) +{ + struct timespec ts; + u32 negative; + + if (clock_gettime (tw->id, &ts) < 0) + return gpg_err_code_from_syserror (); + + ts.tv_sec -= tw->ts.tv_sec; + ts.tv_nsec -= tw->ts.tv_nsec; + negative = ((u32)ts.tv_nsec) >> 31; + ts.tv_sec -= negative; + ts.tv_nsec += (1000000000 * negative); + + ts_r.tv_sec -= ts.tv_sec; + ts_r.tv_nsec -= ts.tv_nsec; + negative = ((u32)ts_r.tv_nsec) >> 31; + ts_r.tv_sec -= negative; + ts_r.tv_nsec += (1000000000 * negative); + + if (ts_r.tv_sec < 0) + return GPG_ERR_TIME_CONFLICT; + + if (clock_nanosleep (CLOCK_TAI, 0, &ts_r, &ts_r)) + return gpg_err_code_from_syserror (); + + return 0; +} +# endif +#endif
Apr 21 2024
Apr 20 2024
--- gnupg-2.4.5/tests/asschk.c 2023-04-04 02:28:39.000000000 -0600 +++ gnupg-2.4.5-c23/tests/asschk.c 2024-04-19 21:21:36.460724329 -0600 @@ -656,13 +656,13 @@ static int eval_boolean (const char *cond) { - int true = 1; + int tr = 1;
Apr 19 2024
Show Fingerprint instead of Key-ID of certifications (change the title correspondingly)
Apr 18 2024
I don't like blowing up a task with loads of unrelated additional wishes after the original request was fulfilled. At most the first request can be considered part of the original request. The other requests should be handled in multiple separate tasks.
Optimization requests:
The check happens whenever the user selects or deselects one (or more) certificates. All actions that require conditions not met by the selected certificates are disabled. Some conditions are too complex/slow/special to check, e.g. the check if an empty smart card is inserted should happen when the user triggered the action.
The action shouldn't be enabled for keys not meeting the requirements.
This sounds good.
Will this checks be done on opening the context menu for a private key?