Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jun 10 2024

werner committed rW4377da32663e: Update gpg4win-tools, libkleo, and kleopatra to latest snapshots (authored by werner).
Update gpg4win-tools, libkleo, and kleopatra to latest snapshots
Jun 10 2024, 3:48 PM
werner committed rW2bf5831355b2: Update gpgme and gnupg to latest snapshots. (authored by werner).
Update gpgme and gnupg to latest snapshots.
Jun 10 2024, 2:36 PM
werner committed rG025a9853c7e6: build: Now uses an external gpg-authcode-sign.sh (authored by werner).
build: Now uses an external gpg-authcode-sign.sh
Jun 10 2024, 11:34 AM
werner committed rDc0a27aae38a6: ids: published draft-koch-openpgp-webkey-service-18.txt (authored by werner).
ids: published draft-koch-openpgp-webkey-service-18.txt
Jun 10 2024, 11:28 AM
werner committed rG02fc728b4163: Update NEWS (authored by werner).
Update NEWS
Jun 10 2024, 9:40 AM

Jun 7 2024

werner committed rAee9167cc3501: Always append the process identification to hello line. (authored by werner).
Always append the process identification to hello line.
Jun 7 2024, 4:54 PM

Jun 6 2024

werner moved T7129: Fix static reports by static analyser in gnugp from QA to gnupg-2.2.44 on the gnupg22 board.
Jun 6 2024, 12:09 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner renamed gnupg22 (gnupg-2.2.44) from 2.2.44 to gnupg-2.2.44.
Jun 6 2024, 12:08 PM
werner created gnupg22 (gnupg-2.2.44).
Jun 6 2024, 12:08 PM
werner closed T7129: Fix static reports by static analyser in gnugp as Resolved.

Not much QA can do here.

Jun 6 2024, 12:07 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner moved T7129: Fix static reports by static analyser in gnugp from QA to 2.4.6 on the gnupg24 board.
Jun 6 2024, 12:06 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner archived gnupg24 (gnupg-2.4.4).
Jun 6 2024, 12:06 PM
werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key, a subtask of T6752: New minip12 does not import from Firefox anymore, as Resolved.
Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key as Resolved.

Can't find a mail - closing the ticket. Feel free to reopen or send me a mail to werner dot koch at gnupg.org but replace the org by com.

Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner created gnupg24 (2.4.6).
Jun 6 2024, 12:01 PM
werner added a project to T7101: Automagically create a PGP key from a X.509 cert: Restricted Project.
Jun 6 2024, 11:59 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg
werner committed rGfee890a2ab7f: agent: Silence debug output from the PIN caching. (authored by werner).
agent: Silence debug output from the PIN caching.
Jun 6 2024, 11:58 AM
werner raised the priority of T7101: Automagically create a PGP key from a X.509 cert from Normal to High.
Jun 6 2024, 11:36 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg
werner raised the priority of T1825: Add a re-encrypt to additional key from Normal to High.
Jun 6 2024, 11:23 AM · Restricted Project, gnupg24, Feature Request

Jun 5 2024

werner added a comment to T6882: Make ADSK configurable for new keys.

Now also with support for --quick-add-adsk in 2.6. This will work also for gpgme without further changes.

Jun 5 2024, 5:04 PM · gnupg24 (2.4.6), gnupg22 (gnupg-2.2.45)
werner committed rG77afc9ee1c75: gpg: Add magic parameter "default" to --quick-add-adsk. (authored by werner).
gpg: Add magic parameter "default" to --quick-add-adsk.
Jun 5 2024, 5:03 PM
werner committed rM5d9269cb4f98: doc: Extend description for GPGME_CREATE_ADSK (authored by werner).
doc: Extend description for GPGME_CREATE_ADSK
Jun 5 2024, 1:49 PM
werner committed rG1d91252205a2: gpg: Do not show RENC if no key capabilities are found for a key. (authored by werner).
gpg: Do not show RENC if no key capabilities are found for a key.
Jun 5 2024, 11:19 AM
werner committed rGa2966c9d894a: gpg: Do not show RENC if no key capabilities are found for a key. (authored by werner).
gpg: Do not show RENC if no key capabilities are found for a key.
Jun 5 2024, 11:17 AM
werner committed rG8cbcac89fe84: gpg: Do not show RENC if no key capabilities are found for a key. (authored by werner).
gpg: Do not show RENC if no key capabilities are found for a key.
Jun 5 2024, 10:34 AM
werner committed rG9d618d127312: gpg: Print designated revokers also in a standard listing. (authored by werner).
gpg: Print designated revokers also in a standard listing.
Jun 5 2024, 10:34 AM
werner committed rG465ea9116d1f: gpg: Autoload designated revoker key and ADSK when needed. (authored by werner).
gpg: Autoload designated revoker key and ADSK when needed.
Jun 5 2024, 10:34 AM
werner committed rG068ebb6f1eee: gpg: Implement the LDAP AKL method. (authored by werner).
gpg: Implement the LDAP AKL method.
Jun 5 2024, 10:34 AM
werner committed rE4ee656242aa9: spawn:w32: Allow for up to 32 inherited handles. (authored by werner).
spawn:w32: Allow for up to 32 inherited handles.
Jun 5 2024, 10:32 AM
werner committed rE60b9a68def58: spawn: Avoid bumping the error counter. (authored by werner).
spawn: Avoid bumping the error counter.
Jun 5 2024, 10:30 AM

Jun 4 2024

werner committed rG04ce6765f4a8: gpg: Rename functions with an "fprint" part to "fpr" (authored by werner).
gpg: Rename functions with an "fprint" part to "fpr"
Jun 4 2024, 3:27 PM
werner updated the task description for T7141: gpgme does not handle backslashes in file names correctly..
Jun 4 2024, 2:39 PM · vsd33 (vsd-3.3.0), vsd32 (vsd-3.2.3), gpgme, Restricted Project, kleopatra
werner triaged T7141: gpgme does not handle backslashes in file names correctly. as Normal priority.
Jun 4 2024, 2:37 PM · vsd33 (vsd-3.3.0), vsd32 (vsd-3.2.3), gpgme, Restricted Project, kleopatra
werner added a comment to T6879: Kleopatra: Add support for adding an ADSK.

Let us drop the option to select the ADSK and instead take them from the gpg.conf configured ADSK for new keys. Thus a simple dialog with a confirmation will be sufficient. We add some magic to gpgme to allow this with the adsk API. This solves the use-case to add ADSK to alread-existsing keys in the same way as they are added to new keys.

Jun 4 2024, 10:29 AM · vsd33 (vsd-3.3.0), kleopatra, Restricted Project

Jun 3 2024

werner committed rGed118e2ed521: gpg: New option --default-new-key-adsk. (authored by werner).
gpg: New option --default-new-key-adsk.
Jun 3 2024, 7:08 PM
werner added a comment to T6882: Make ADSK configurable for new keys.

Done for 2.6.

Jun 3 2024, 6:53 PM · gnupg24 (2.4.6), gnupg22 (gnupg-2.2.45)
werner added a comment to T7139: Windows: gnupg_exec_tool_stream with INEXTRA.

This is related to T6818

Jun 3 2024, 10:25 AM · gnupg26, Bug Report
werner added a comment to T7138: Windows (Semi-hosted environment): filename and network access.

Recall that on windows you have a current working directory per drive. Thus only LETTER:\foo is a full patch - or an UNC (\\SERVER\foo).

Jun 3 2024, 8:25 AM · gnupg, Bug Report
werner triaged T7139: Windows: gnupg_exec_tool_stream with INEXTRA as Normal priority.
Jun 3 2024, 8:21 AM · gnupg26, Bug Report

May 31 2024

werner committed rGd2dca58338a4: common: New function tokenize_to_strlist. (authored by werner).
common: New function tokenize_to_strlist.
May 31 2024, 5:35 PM
werner added a comment to T7041: Yubikey (PGP + PIV) --pcsc-shared: PIN requires every time.

Do not use the pcscd but the integrated CCID driver. This is actually the default form Unix. Or are you on Windows?

May 31 2024, 12:36 PM · gnupg26, yubikey, scd, Bug Report
werner closed T7116: minor spelling fixes as Resolved.

All fine. I just noticed it while checking the patch. All applied and more fun with cherry picking in the future ;-)

May 31 2024, 12:32 PM · gnupg, Bug Report
werner committed rG42b0e9558a30: indent: Fix spelling (authored by dkg).
indent: Fix spelling
May 31 2024, 12:31 PM
werner committed rG253a701ed749: g13: Adjust for changed gnupg_process_spawn. (authored by werner).
g13: Adjust for changed gnupg_process_spawn.
May 31 2024, 12:31 PM

May 30 2024

werner added a comment to T7137: unreliable RSA decryption.

In more than 25 years of OpenPGP we only had a few new implementations which got it wrong. I see no need to fix it here - maybe import could indeed reject such a key, though.

May 30 2024, 12:50 PM · OpenPGP, Not A Bug, gnupg

May 29 2024

werner added a comment to T7116: minor spelling fixes.

Right away the first patch:

May 29 2024, 12:07 PM · gnupg, Bug Report
werner triaged T7134: Kleopatra: Allow PIN reset with Admin-PIN as Normal priority.
May 29 2024, 12:04 PM · gpd5x, Feature Request, kleopatra
werner moved T7129: Fix static reports by static analyser in gnugp from Backlog to QA on the gnupg22 board.
May 29 2024, 12:01 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner committed rGbc43812358ed: gpgsm: Avoid double free when checking rsaPSS signatures. (authored by Jakuje).
gpgsm: Avoid double free when checking rsaPSS signatures.
May 29 2024, 12:00 PM
werner committed rGa1f85fdc40e4: agent: Avoid uninitialized access in GENKEY command on parameter error. (authored by Jakuje).
agent: Avoid uninitialized access in GENKEY command on parameter error.
May 29 2024, 12:00 PM
werner committed rGebf9e3b824f8: wks: Make sure that ERR is always initialized. (authored by werner).
wks: Make sure that ERR is always initialized.
May 29 2024, 12:00 PM
werner changed the status of T7129: Fix static reports by static analyser in gnugp from Open to Testing.

Backported to 2.4 and relevant parts also to 2.2

May 29 2024, 12:00 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner committed rGf54944693376: gpg-auth: Fix use after free. (authored by Jakuje).
gpg-auth: Fix use after free.
May 29 2024, 11:49 AM
werner committed rG521455df0702: agent: Avoid uninitialized access in GENKEY command on parameter error. (authored by Jakuje).
agent: Avoid uninitialized access in GENKEY command on parameter error.
May 29 2024, 11:49 AM
werner committed rGece154562f00: gpgsm: Avoid double free when checking rsaPSS signatures. (authored by Jakuje).
gpgsm: Avoid double free when checking rsaPSS signatures.
May 29 2024, 11:49 AM
werner committed rG524e3a934568: scd: Avoid buffer overrun with more than 16 PC/SC readers. (authored by Jakuje).
scd: Avoid buffer overrun with more than 16 PC/SC readers.
May 29 2024, 11:49 AM
werner committed rG5e7ea643052b: agent: Avoid double free of empty string in the PIN caching. (authored by werner).
agent: Avoid double free of empty string in the PIN caching.
May 29 2024, 11:49 AM
werner committed rG234e9db3c324: gpg: Avoid a double free on error in the key generation. (authored by werner).
gpg: Avoid a double free on error in the key generation.
May 29 2024, 11:49 AM
werner committed rG19d93a239dc5: agent: Make sure to return success in ephemeral store mode. (authored by werner).
agent: Make sure to return success in ephemeral store mode.
May 29 2024, 11:49 AM
werner committed rG0b52f837801c: wks: Make sure that ERR is always initialized. (authored by werner).
wks: Make sure that ERR is always initialized.
May 29 2024, 11:49 AM
werner committed rGf46d75f0b223: scd:openpgp: Add new vendor. (authored by werner).
scd:openpgp: Add new vendor.
May 29 2024, 11:49 AM
werner closed T7137: unreliable RSA decryption as Resolved.

I can replicate that and it works if you disable the use of the CRT. Looking at the key:

pkey[0]: BC9E1CD66676208956B35357210C220508F9F883FE32F4D682CD36BFB4E8055938D4BA21C341D9F48527E420F951B80335B24DF6710F01C4364D554AF659FC35D322061B67CC2F303DC878076059E4F266CFAEF6AB7A29124E969B9C15B1FC2FBA0F0F90E6B059E36B5E3C9BEC4174162689108A1E0EF6D5DDEE61B6B48327A259746288A517B1D78A0E24F5EFF6E880FF39C0BEDDC464B66F787B559EC5487F248196C2CFB15730BD9695C48355DFB2839FA23D8A37FBD48C741F6BE19F9D48BF844C5147591E1E06803DA40BEA1186B3B39CDCBC0E7DAC9DACDBB60A20E56B7E6631E47A45989A256743FDD83C591CFD4110DEA1B04ADE91CCB575FB858C13
 pkey[1]: 010001
 skey[2]: 512FB977EB9872FECA8BDB96884A01A6AB2B7575D307B9ED4F55E777F2F55FBFFCBF4BF2D669D4D7F42CAC7C28F4ACC0ECEEF7B1D90E3D936850372352107F87E77E20A4D133C927F99FFD52277DEA17107BDA72A072AF950AB0B70023327E3B48D9CCB871237D3D6F6C9BA7FDB45AB46217E33FA01A8ED295795323E26505BC9471CAE4DDA94DBF4F35ED915B0CD025805DCA796EB6B208D8D3F63DBE52BC0045CF4CF9B128356359C7E55B661D7B9DCA57F8984095C5AD3FE4DBD19228B281D66609A154DD7E3EE940CFC66CC180DDC4DD00C45A52D5789286D89D49CA34E5F3C4E798D90955074DAE3D99F7F004CDFFBC9B8428E8EB603E240AE07BEE8D71
 skey[3]: F57D9F597750967DF272D9AC661DDC212D7C5CA4C6E91573A80756281351CDC3A2532B155D9251029F89A0A0807DF2BD177DC30FC6A847E07738B55606DF032ADAD8361E0AFEE9C0CF7D566793834977FAAE9C4B87132B94F665EFF463777CDE7EB89113FA3AAC194B6F2D30C40BE7C0DDE36A5855277C1E4D0204FC4C737BCB
 skey[4]: C4B135296B8F4390B953DDA84249FC8467CFF81FC715D1B5F3E01FCC8DC770813630AEA93982F2004705C4D272E07A10B1882AC5C09A45E88B14A1446B4C639B549420CE3BF90947E6E86503E426A8FDAC4C5CFC2809F5F0A1647ED5EE2457C054A40AA1F0666B28B2C970BE2093AE7B095A688B2D713CA8885826F23AFB37D9
 skey[5]: 0790A8E260C6CADC353FB3961D798EFD4F15F96752DA20B86841334C38861743DD7A1FEB2B750D0864F5901BE541B6C8FB63649B18FDC4A32A1233EF90872DCD35704A4B4063DB62752CF6A7FD00F086C6B1042A2B0CB6FB36B7D5269671DACF55242A838E60D514BA868354910CEB1C41FB9A43BF932B5036A6EFE35236FFC7
May 29 2024, 9:40 AM · OpenPGP, Not A Bug, gnupg
werner triaged T7136: libgcrypt: Implement constant-time RSA decryption (Marvin attack fix) as Low priority.

We discussed this forth and back with the RedHat people at our jour-fix to explain that the Kairo fix is done at the wrong layer - this needs to be done at the protocol layer and not in the building blocks. This is not covered by our security policy and @gniibe already came up with some extra support to help at the protocol layer. There are only a few use cases where this side-channel or the Minerva one (for ECDSA) should be considered (e.g. time stamping services). Generally required protection against DoS are also pat of the mitigation.

May 29 2024, 8:22 AM · libgcrypt, Bug Report

May 28 2024

werner moved T7129: Fix static reports by static analyser in gnugp from Backlog to WiP on the gnupg24 board.
May 28 2024, 5:20 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner added a comment to T7129: Fix static reports by static analyser in gnugp.

All except the above mentioned applied to master - will be backported to 2.4

May 28 2024, 5:20 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner added a comment to T7129: Fix static reports by static analyser in gnugp.

In PATCH GnuPG 12/15] sm: Avoid use of uninitialized variable I can't see where ERR was not initialized.

May 28 2024, 5:19 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner committed rG9adaa79ab43e: gpg-auth: Fix use after free. (authored by Jakuje).
gpg-auth: Fix use after free.
May 28 2024, 5:18 PM
werner committed rGdcb0b6fd4822: gpgsm: Avoid double free when checking rsaPSS signatures. (authored by Jakuje).
gpgsm: Avoid double free when checking rsaPSS signatures.
May 28 2024, 5:18 PM
werner committed rG28c705a3be5c: gpgsm: Silence a lint warning (authored by werner).
gpgsm: Silence a lint warning
May 28 2024, 5:18 PM
werner committed rG379fc5569d60: agent: Avoid uninitialized access in GENKEY command on parameter error. (authored by Jakuje).
agent: Avoid uninitialized access in GENKEY command on parameter error.
May 28 2024, 5:18 PM
werner committed rG4c1b0070354d: scd: Avoid buffer overrun with more than 16 PC/SC readers. (authored by Jakuje).
scd: Avoid buffer overrun with more than 16 PC/SC readers.
May 28 2024, 5:18 PM
werner committed rGbdbf5cee2ff5: agent: Avoid double free of empty string in the PIN caching. (authored by werner).
agent: Avoid double free of empty string in the PIN caching.
May 28 2024, 5:18 PM
werner committed rGfdc500395640: agent: Make sure to return success in ephemeral store mode. (authored by werner).
agent: Make sure to return success in ephemeral store mode.
May 28 2024, 5:18 PM
werner committed rG021c27510b52: wks: Make sure that ERR is always initialized. (authored by werner).
wks: Make sure that ERR is always initialized.
May 28 2024, 5:18 PM
werner committed rGbcc002cd45d1: gpg: Avoid a double free on error in the key generation. (authored by werner).
gpg: Avoid a double free on error in the key generation.
May 28 2024, 5:18 PM
werner added a comment to T7129: Fix static reports by static analyser in gnugp.

I do not understand why there should be an integer overflow:

May 28 2024, 4:10 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner committed rGd631c8198c25: tpm: Improve error handling and check returned lengths. (authored by werner).
tpm: Improve error handling and check returned lengths.
May 28 2024, 1:32 PM
werner committed rG2e4b1f785055: tpm: Do not use fprintf for logging. (authored by werner).
tpm: Do not use fprintf for logging.
May 28 2024, 1:32 PM
werner assigned T7130: Fix static reports by static analyser in libgcrypt to gniibe.
May 28 2024, 11:08 AM · libgcrypt, Bug Report
werner raised the priority of T7129: Fix static reports by static analyser in gnugp from Normal to High.
May 28 2024, 11:08 AM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
werner raised a concern with rE8dc6e3281e17: Import spawn functions from GnuPG master..
May 28 2024, 9:00 AM

May 27 2024

werner added a comment to T7134: Kleopatra: Allow PIN reset with Admin-PIN.

For OpenPGP cards >= v2.0 there is no PUK due to updated ISO standards but we use the term in Kleopatra for the Reset-Code.

May 27 2024, 1:42 PM · gpd5x, Feature Request, kleopatra
werner added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

This is not a bug. We changed it as a convenience for some Emacs users.

May 27 2024, 8:26 AM · Emacs, gnupg, Bug Report

May 23 2024

werner triaged T7103: Confusing error message when changing passphrase/password of subkey as Normal priority.
May 23 2024, 4:51 PM · gnupg26, Feature Request
werner triaged T7131: Kleopatra: Make copying subkey fingerprints w/o spaces possible as Normal priority.
May 23 2024, 4:50 PM · kleopatra, Restricted Project
werner triaged T7133: Add feature to load designated revoker from LDAP as Normal priority.
May 23 2024, 12:01 PM · vsd33, Feature Request, gnupg22
werner added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Sorry, no. The change is too large to back port it w/o risking a regression. As mentioned in T6481#170366 I don't consider this a bug. We are anyway working towards version 2.6 which will be the next LTS version.

May 23 2024, 9:04 AM · Emacs, gnupg, Bug Report

May 22 2024

werner changed the status of T6881: Kleopatra: Make designated revoker configurable for new keys from Testing to Open.

Although it is implemented in gnupg-2.2 we should add another feature: Iff this option is configured, gpg shall try to load the requested key from LDAP in the same manner as it does for a trusted-key.

May 22 2024, 6:23 PM · kleopatra
werner added a comment to T6882: Make ADSK configurable for new keys.

This should not be configured in Kleopatra but an option to gpg because this is a core crypto functionality. Thus is now a gpg task.

May 22 2024, 6:20 PM · gnupg24 (2.4.6), gnupg22 (gnupg-2.2.45)
werner renamed T6882: Make ADSK configurable for new keys from Kleopatra: Make ADSK configurgurable for new keys to Make ADSK configurgurable for new keys.
May 22 2024, 6:18 PM · gnupg24 (2.4.6), gnupg22 (gnupg-2.2.45)
werner committed rCeca1ed096038: build: Minor updates (authored by werner).
build: Minor updates
May 22 2024, 4:16 PM
werner committed rC9bea69896397: Prepare NEWS for 1.11 (authored by werner).
Prepare NEWS for 1.11
May 22 2024, 3:18 PM
werner committed rG610a452bb5c3: scd:openpgp: Add new vendor. (authored by werner).
scd:openpgp: Add new vendor.
May 22 2024, 11:22 AM
werner committed rGcdc798db5c6b: tools: Fix help output for gpg-authcode-sign.sh (authored by werner).
tools: Fix help output for gpg-authcode-sign.sh
May 22 2024, 11:22 AM

May 21 2024

werner committed rO7624bd4aa1d7: build: Update autogen.sh and autogen.rc to a modern version. (authored by werner).
build: Update autogen.sh and autogen.rc to a modern version.
May 21 2024, 5:45 PM
werner committed rOa1228fdfd043: build: Update libassuan.m4 to 2023-07-26 and gpgrt to 2023-04-01 (authored by werner).
build: Update libassuan.m4 to 2023-07-26 and gpgrt to 2023-04-01
May 21 2024, 5:45 PM
werner committed rWdc4c9cdea3c9: build: Improve option handling of gen-tarball.sh (authored by werner).
build: Improve option handling of gen-tarball.sh
May 21 2024, 5:01 PM
werner committed rWb7c11272e6ea: Remove not anymore required patches. (authored by werner).
Remove not anymore required patches.
May 21 2024, 3:23 PM
werner committed rW79820895191d: Update gpgme to a 1.24.0-beta566 (authored by werner).
Update gpgme to a 1.24.0-beta566
May 21 2024, 3:23 PM
werner committed rMac4bf86bb65a: tests: Fix segv in t-json.c (authored by werner).
tests: Fix segv in t-json.c
May 21 2024, 2:35 PM
First
Prev
Next