Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Dec 16 2024

gniibe committed rC917fc6000dfe: fips,tests: Add tests for md_open/write/read/close for t-digest. (authored by gniibe).
fips,tests: Add tests for md_open/write/read/close for t-digest.
Dec 16 2024, 2:42 AM
gniibe committed rC9757e280794f: fips,md: Implement new FIPS service indicator for gcry_md_open API. (authored by gniibe).
fips,md: Implement new FIPS service indicator for gcry_md_open API.
Dec 16 2024, 2:42 AM
gniibe committed rC4799914966a7: fips: Change the internal API for new FIPS service indicator. (authored by gniibe).
fips: Change the internal API for new FIPS service indicator.
Dec 16 2024, 2:42 AM
gniibe committed rG893e5e7c6f4c: agent: Clean up for the refactoring. (authored by gniibe).
agent: Clean up for the refactoring.
Dec 16 2024, 2:20 AM
gniibe committed rGaa36f6ae8bae: gpg: Fix key generation with existing key from card. (authored by gniibe).
gpg: Fix key generation with existing key from card.
Dec 16 2024, 2:10 AM
gniibe changed the status of T7457: gpg --full-gen-key doesn't show list of keys on card (regression) from Open to Testing.
Dec 16 2024, 2:00 AM · gnupg26, gnupg24, Bug Report
gniibe claimed T7457: gpg --full-gen-key doesn't show list of keys on card (regression).

It's a bug I introduced when fixing T7309.
Fixed in rGaa36f6ae8bae: gpg: Fix key generation with existing key from card.

Dec 16 2024, 2:00 AM · gnupg26, gnupg24, Bug Report

Dec 13 2024

gniibe committed rAcc6c29735d59: w32: Fix errno for assuan_sock_bind failure. (authored by gniibe).
w32: Fix errno for assuan_sock_bind failure.
Dec 13 2024, 6:23 AM
gniibe changed the status of T7456: libassuan: Windows: assuan_sock_bind error from Open to Testing.
Dec 13 2024, 3:20 AM · libassuan, Windows
gniibe triaged T7456: libassuan: Windows: assuan_sock_bind error as Normal priority.
Dec 13 2024, 2:29 AM · libassuan, Windows

Dec 12 2024

gniibe added a comment to T7368: dirmngr/dns.c files to compile due to type-mismatch caused by missing _XOPEN_SOURCE on Solaris and derivatives.

IIUC, simpler solution would be modifying m4/socklen.m4 adding Solaris variant specific code.
Tweaking _XOPEN_SOURCE requires the change of Autoconf (if done correctly), which would be larger surgery.

Dec 12 2024, 7:46 AM · gnupg26, dns, Solaris, Bug Report
gniibe committed rC47ed744465ae: cipher: Add script to re-generate mceliece6688128f.c. (authored by jas).
cipher: Add script to re-generate mceliece6688128f.c.
Dec 12 2024, 7:09 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

Here are changes for gcry_md_open and its friends.

0001-fips-Change-the-internal-API-for-new-FIPS-service-in.patch4 KBDownload

Dec 12 2024, 6:43 AM · libgcrypt, FIPS, Feature Request
gniibe added a comment to T7338: Revamp the FIPS service indicator.

My idea in https://dev.gnupg.org/T7338#195529 doesn't work well when a function call is done multiple times.
Assuming SUCCESS, and marking all non-compliant places in the code works, and it would be good because libgcrypt so far maintains non-compliant path with rejection.

Dec 12 2024, 3:09 AM · libgcrypt, FIPS, Feature Request

Dec 11 2024

gniibe committed rC28327dba6b5f: kdf: Fix memory cost overflow in Argon2 KDF. (authored by gmazyland).
kdf: Fix memory cost overflow in Argon2 KDF.
Dec 11 2024, 8:22 AM
gniibe committed rC75744f721d8d: tests: Fix comment in t-thread-local. (authored by gniibe).
tests: Fix comment in t-thread-local.
Dec 11 2024, 5:54 AM

Dec 10 2024

gniibe committed rC41cbcc0f0e78: tests: Extend tests/t-digest to test hmac too. (authored by gniibe).
tests: Extend tests/t-digest to test hmac too.
Dec 10 2024, 8:00 AM
gniibe committed rC06f6aafedc9f: tests: Fix t-digest for a minimal configuration. (authored by gniibe).
tests: Fix t-digest for a minimal configuration.
Dec 10 2024, 8:00 AM

Dec 9 2024

gniibe committed rC7faf542f1573: fips,tests: Add t-digest. (authored by gniibe).
fips,tests: Add t-digest.
Dec 9 2024, 6:38 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

Pushed the change for adding hash tests in rC7faf542f1573: fips,tests: Add t-digest.

Dec 9 2024, 6:34 AM · libgcrypt, FIPS, Feature Request

Dec 6 2024

gniibe added a comment to T7338: Revamp the FIPS service indicator.

It seems that the internal API (as of 2024-12-06) is not enough.
Now, we have _gcry_md_hash_buffer function with the new FIPS service indicator.
It's used for public key crypto, too.
The compliance for hash function is a part of public key crypto, but not all.

Dec 6 2024, 6:54 AM · libgcrypt, FIPS, Feature Request
gniibe committed rC3478caac62c7: fips,md: Implement new FIPS service indicator for gcry_md_hash_*. (authored by gniibe).
fips,md: Implement new FIPS service indicator for gcry_md_hash_*.
Dec 6 2024, 6:41 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

A change for gcry_md_hash_* functions are pushed by rC3478caac62c7: fips,md: Implement new FIPS service indicator for gcry_md_hash_*..
It doesn't have tests with FIPS service indicator yet.

Dec 6 2024, 6:40 AM · libgcrypt, FIPS, Feature Request
gniibe changed the status of T7436: Allow ssh to sign data larger than the assuan line length. from Open to Testing.
Dec 6 2024, 6:32 AM · ssh, Feature Request, gnupg26
gniibe closed T7192: gnupg-2.5.0: Use gpgrt_process_spawn API (was: Does not build due to undeclared identifier 'environ') as Resolved.
Dec 6 2024, 1:05 AM · gnupg, Bug Report
gniibe closed T7283: Odd "gpg: KEYTOCARD failed: Invalid time" error when using `--pinentry-mode=loopback` as Resolved.
Dec 6 2024, 1:05 AM · gpgagent, Bug Report

Dec 5 2024

gniibe committed rGfe147645d239: agent: Use SETDATA --apend for larger data to communicate scdaemon. (authored by gniibe).
agent: Use SETDATA --apend for larger data to communicate scdaemon.
Dec 5 2024, 7:33 AM
gniibe claimed T7436: Allow ssh to sign data larger than the assuan line length..
Dec 5 2024, 7:02 AM · ssh, Feature Request, gnupg26
gniibe committed rC5cfa1aee5b98: fips,kdf: Implement new FIPS service indicator for gcry_kdf_derive. (authored by gniibe).
fips,kdf: Implement new FIPS service indicator for gcry_kdf_derive.
Dec 5 2024, 6:59 AM
gniibe committed rCf51f4e98930e: fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the macro. (authored by gniibe).
fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the macro.
Dec 5 2024, 3:37 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

New external API is by GCRYCTL_FIPS_SERVICE_INDICATOR and/or the new macro gcry_get_fips_service_indicator.
This change is pushed by rCf51f4e98930e: fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the macro.

Dec 5 2024, 3:37 AM · libgcrypt, FIPS, Feature Request
gniibe committed rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator. (authored by gniibe).
fips: Introduce an internal API for FIPS service indicator.
Dec 5 2024, 3:32 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

New internal API is introduced with T7340 by the commit rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.

Dec 5 2024, 3:30 AM · libgcrypt, FIPS, Feature Request
gniibe changed the status of T7340: Introduced a context with thread local storage, a subtask of T7338: Revamp the FIPS service indicator, from Open to Testing.
Dec 5 2024, 3:28 AM · libgcrypt, FIPS, Feature Request
gniibe changed the status of T7340: Introduced a context with thread local storage from Open to Testing.

Change is pushed by rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.

Dec 5 2024, 3:28 AM · libgcrypt, FIPS, Feature Request

Dec 2 2024

gniibe closed T5931: OpenSSH 8.9, 9.0, and 9.1 can't authenticate with gpg-agent and usb token (Gnuk >= 1.2.16 is required) as Resolved.

Closed, since this was documentation for the workaround, four years ago.

Dec 2 2024, 9:52 AM · gnupg24, workaround, Documentation, gnupg (gpg23), ssh, gpgagent
gniibe lowered the priority of T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation from High to Normal.

Put it under lower priority, as it's basically programming error.

Dec 2 2024, 6:00 AM · libassuan
gniibe closed T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature), a subtask of T7403: GnuPG 2.4.6 rewrites Ed25519 MPIs into non-compliant MPI form , as Resolved.
Dec 2 2024, 5:49 AM · Not A Bug, gnupg24, Bug Report
gniibe closed T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature) as Resolved.

OK, it's done. closed.

Dec 2 2024, 5:49 AM · gnupg

Nov 29 2024

gniibe added a comment to T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation.

Here is my proposal to avoid unsynched state for data.

diff --git a/src/client.c b/src/client.c
index 410f940..0989984 100644
--- a/src/client.c
+++ b/src/client.c
@@ -250,6 +250,7 @@ assuan_transact (assuan_context_t ctx,
   int off;
   char *line;
   int linelen;
+  gpg_error_t last_err = 0;
Nov 29 2024, 8:29 AM · libassuan
gniibe closed T6606: Use new API of libassuan 3, a subtask of T6599: INT2FD and npth_accept, as Resolved.
Nov 29 2024, 8:10 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6606: Use new API of libassuan 3 as Resolved.

Done for 2.5.0.

Nov 29 2024, 8:10 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6597: Introduce FD_DBG to handle the cases for displaying the value, a subtask of T6508: Port GnuPG to 64-bit Windows, as Resolved.
Nov 29 2024, 8:08 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6597: Introduce FD_DBG to handle the cases for displaying the value as Resolved.

Done in 2.5.0.

Nov 29 2024, 8:08 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6592: GPGSM: Use estream_t instead of FD, a subtask of T6508: Port GnuPG to 64-bit Windows, as Resolved.
Nov 29 2024, 8:05 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6592: GPGSM: Use estream_t instead of FD as Resolved.

Fixed in 2.5.0.

Nov 29 2024, 8:05 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6562: gpgtar: --status-fd requires HANDLE (not POSIX fd) when spawning a process, a subtask of T6551: translate_sys2libc_fd_int on Windows 64-bit, as Resolved.
Nov 29 2024, 8:05 AM · Windows 64, Feature Request, gnupg26
gniibe closed T6562: gpgtar: --status-fd requires HANDLE (not POSIX fd) when spawning a process as Resolved.

Fixed in 2.5.0.

Nov 29 2024, 8:05 AM · Windows 64, Feature Request, gnupg26
gniibe closed T7058: KDF-DO is not properly implemented as Resolved.

Fixed in 2.5.0 and 2.4.6.

Nov 29 2024, 8:02 AM · scd, gnupg, Bug Report
gniibe closed T7160: scd: pipe server shutdown, a subtask of T7151: graceful shutdown: DEVINFO should be a gpg-agent command: also watching input close, as Resolved.
Nov 29 2024, 8:01 AM · gpgagent, scd, gnupg24, Bug Report
gniibe closed T7160: scd: pipe server shutdown as Resolved.

Fixed in 2.5.0 and 2.4.6.

Nov 29 2024, 8:01 AM · scd, gpgagent, Bug Report
gniibe closed T7288: gpg is not properly handling IPGP entries as Resolved.

Fixed in 2.4.6.

Nov 29 2024, 7:59 AM · dns, dirmngr, gnupg, Bug Report
gniibe closed T7201: More memory leaks in gnupg as Resolved.

Fixed in 2.4.6.

Nov 29 2024, 7:58 AM · gnupg, Bug Report
gniibe closed T7151: graceful shutdown: DEVINFO should be a gpg-agent command: also watching input close as Resolved.

Fixed in 2.4.6.

Nov 29 2024, 7:57 AM · gpgagent, scd, gnupg24, Bug Report
gniibe closed T7044: Deadlock on Windows in sdaemon as Resolved.

I believe this was fixed by T7386. Or it is now no hard lock up by T7402.
So, let me close this ticket.
If any new symptom, please add information into T7396.

Nov 29 2024, 7:56 AM · scd, Bug Report, Windows, gnupg24
gniibe closed T7402: No hard lockup when SCardConnect never returns, a subtask of T7396: Windows: hard lockup of scdaemon, as Resolved.
Nov 29 2024, 7:53 AM · Windows, scd
gniibe closed T7402: No hard lockup when SCardConnect never returns as Resolved.

I can say it's fixed in 2.4.7.

Nov 29 2024, 7:53 AM · Windows, scd
gniibe committed rD23835b971b02: Fix type by Ingo. (authored by gniibe).
Fix type by Ingo.
Nov 29 2024, 7:41 AM

Nov 25 2024

gniibe added a subtask for T7403: GnuPG 2.4.6 rewrites Ed25519 MPIs into non-compliant MPI form : T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature).
Nov 25 2024, 10:21 AM · Not A Bug, gnupg24, Bug Report
gniibe added a parent task for T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature): T7403: GnuPG 2.4.6 rewrites Ed25519 MPIs into non-compliant MPI form .
Nov 25 2024, 10:21 AM · gnupg
gniibe added a comment to T7403: GnuPG 2.4.6 rewrites Ed25519 MPIs into non-compliant MPI form .

For this ticket, I reviewed the code around my SOS changes.
Because I'd like to focus the point of retaining binary representation when doing import->export,
I created another thicket: T7426

Nov 25 2024, 10:21 AM · Not A Bug, gnupg24, Bug Report
gniibe updated the task description for T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature).
Nov 25 2024, 7:36 AM · gnupg
gniibe updated the task description for T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature).
Nov 25 2024, 7:14 AM · gnupg
gniibe added a comment to T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature).

Actually, it's a bug when importing a key. It's not-intended-side-effect of the change in rG0a5a854510fd: gpg: Fix false negatives in Ed25519 signature verification..
Fixed in rG70c49ce02401: gpg: Fix modifying signature data by pk_verify for Ed25519.

Nov 25 2024, 6:46 AM · gnupg
gniibe triaged T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature) as Normal priority.
Nov 25 2024, 3:46 AM · gnupg

Nov 18 2024

gniibe updated the task description for T7396: Windows: hard lockup of scdaemon.
Nov 18 2024, 10:11 AM · Windows, scd
gniibe triaged T7400: Netkey 3.0 card slow detection as Normal priority.
Nov 18 2024, 6:44 AM · Bug Report, scd
gniibe committed rG261a08566e38: scd: No hard lock-up when apdu_connect never returns. (authored by gniibe).
scd: No hard lock-up when apdu_connect never returns.
Nov 18 2024, 6:33 AM
gniibe changed the status of T7402: No hard lockup when SCardConnect never returns, a subtask of T7396: Windows: hard lockup of scdaemon, from Open to Testing.
Nov 18 2024, 6:30 AM · Windows, scd
gniibe changed the status of T7402: No hard lockup when SCardConnect never returns from Open to Testing.

In select_application function, we can minimize the holding W-lock.

Nov 18 2024, 6:30 AM · Windows, scd
gniibe added a comment to T7401: PC/SC: Cancel SCardConnect with timeout.

This may requires major changes for scdaemon.

Nov 18 2024, 5:35 AM · Windows, scd
gniibe lowered the priority of T7401: PC/SC: Cancel SCardConnect with timeout from High to Wishlist.
Nov 18 2024, 5:35 AM · Windows, scd
gniibe triaged T7402: No hard lockup when SCardConnect never returns as High priority.
Nov 18 2024, 5:33 AM · Windows, scd
gniibe added a comment to T7401: PC/SC: Cancel SCardConnect with timeout.

For the cancelling operation, each card reader access should have an independent resource manager context.
Currently, a single pcsc.context is shared by all reader accesses.

Nov 18 2024, 5:24 AM · Windows, scd
gniibe triaged T7401: PC/SC: Cancel SCardConnect with timeout as High priority.
Nov 18 2024, 5:21 AM · Windows, scd
gniibe added a comment to T7396: Windows: hard lockup of scdaemon.

Hard lockup should be avoided. In particular, following conditions should meet:

  • gpgconf --kill scdaemon can kill scdaemon
  • KEYINFO requests can be answered for other connections of scdaemon
Nov 18 2024, 3:49 AM · Windows, scd
gniibe updated subscribers of T7396: Windows: hard lockup of scdaemon.

As of 2024-11-18, my hypothesis is:

  • there are some sort of race conditions between PC/SC + card reader (or its driver) + smartcard + scdaemon on Windows, at least at initial use after boot
  • because of this, SCardConnect of PC/SC call wrongly fails (somehow confirmed by @ebo's experiments + @gniibe's speculation), or wrongly never returns (@gniibe's guess, side info: its slowness is observed in T7400).
Nov 18 2024, 3:40 AM · Windows, scd
gniibe added a parent task for T7400: Netkey 3.0 card slow detection: T7396: Windows: hard lockup of scdaemon.
Nov 18 2024, 3:10 AM · Bug Report, scd
gniibe added a subtask for T7396: Windows: hard lockup of scdaemon: T7400: Netkey 3.0 card slow detection.
Nov 18 2024, 3:10 AM · Windows, scd
gniibe lowered the priority of T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent) from High to Normal.

@ebo Thank you for your testing.

Nov 18 2024, 3:09 AM · Windows, Bug Report, scd
gniibe added projects to T7400: Netkey 3.0 card slow detection: scd, Bug Report.
Nov 18 2024, 2:49 AM · Bug Report, scd

Nov 15 2024

gniibe added a project to T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent): Windows.

Please note that a card insertion to a card reader and a card reader connection to PC are different things.
It may cause different results.

Nov 15 2024, 8:40 AM · Windows, Bug Report, scd
gniibe created T7400: Netkey 3.0 card slow detection.
Nov 15 2024, 6:39 AM · Bug Report, scd
gniibe added a comment to T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent).

ebo: Thank you for your testing.

Nov 15 2024, 6:36 AM · Windows, Bug Report, scd
gniibe added a comment to T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent).

I found an issue in libassuan, which might be related possibly, it is described in T7399.
When the response is not consumed like the case in T7399, if repeatedly, it may fill up the buffer eventually.

Nov 15 2024, 5:20 AM · Windows, Bug Report, scd
gniibe renamed T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation from assuan: GPG_ERR_ASS_NO_INQUIRE_CB situation to assuan: GPG_ERR_ASS_NO_DATA_CB situation.
Nov 15 2024, 5:19 AM · libassuan
gniibe updated the task description for T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation.
Nov 15 2024, 5:18 AM · libassuan
gniibe added a project to T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation: libassuan.
Nov 15 2024, 3:51 AM · libassuan
gniibe triaged T7399: assuan: GPG_ERR_ASS_NO_DATA_CB situation as High priority.
Nov 15 2024, 3:51 AM · libassuan

Nov 14 2024

gniibe added projects to T7396: Windows: hard lockup of scdaemon: scd, Windows.
Nov 14 2024, 7:45 AM · Windows, scd
gniibe updated the task description for T7396: Windows: hard lockup of scdaemon.
Nov 14 2024, 7:44 AM · Windows, scd
gniibe triaged T7396: Windows: hard lockup of scdaemon as High priority.
Nov 14 2024, 7:39 AM · Windows, scd
gniibe claimed T7044: Deadlock on Windows in sdaemon.

I put "scd" tag and let me claim this ticket.

Nov 14 2024, 7:31 AM · scd, Bug Report, Windows, gnupg24
gniibe committed rEeb005c30157f: spawn:w32: Fix a memory leak on an error path. (authored by gniibe).
spawn:w32: Fix a memory leak on an error path.
Nov 14 2024, 6:44 AM
gniibe changed the status of T7378: Kleopatra: loading X.509 certificate from Signature card hangs from Open to Testing.

This symptom can be explained by the nPth bug of T7386.

Nov 14 2024, 3:33 AM · Restricted Project, kleopatra
gniibe added a comment to T7386: npth:w32: npth_cond_broadcast only wakes up the first waiter.

The symptom of this bug was:

  • there are multiple waiters for COND.
  • COND is fired by npth_cond_broadcast, all waiters should be waken up, but only one wakes up by the old code of 1.7.
  • other waiters keep waiting forever.
Nov 14 2024, 3:21 AM · Windows, npth, Bug Report
gniibe added a comment to T7386: npth:w32: npth_cond_broadcast only wakes up the first waiter.

After I fixed the problem, I realized that the description of this ticket was not accurate, so, modified.

Nov 14 2024, 3:16 AM · Windows, npth, Bug Report
gniibe renamed T7386: npth:w32: npth_cond_broadcast only wakes up the first waiter from npth:w32: npth_cond_broadcast no return to npth:w32: npth_cond_broadcast only wakes up the first waiter.
Nov 14 2024, 3:10 AM · Windows, npth, Bug Report

Nov 13 2024

gniibe added a comment to T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent).

After fixing two bugs, I changed the title to express the scope of this ticket.

Nov 13 2024, 7:50 AM · Windows, Bug Report, scd
gniibe renamed T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent) from scdaemon hangs up (when output from scdaemon is not consumed gpg-agent) to scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent).
Nov 13 2024, 5:31 AM · Windows, Bug Report, scd
First
Prev
Next