Page MenuHome GnuPG
Feed Advanced Search

Jul 17 2025

gniibe added a parent task for T7709: Decryption with ECC smartcard keys broken: T7649: gnupg: Use KEM interface for encryption/decryption.
Jul 17 2025, 4:24 AM · gpd5x (gpd-5.0.0), gnupg26, Bug Report
gniibe added a subtask for T7649: gnupg: Use KEM interface for encryption/decryption: T7709: Decryption with ECC smartcard keys broken.
Jul 17 2025, 4:24 AM · gnupg26
gniibe committed rG4ad08a8998fa: agent: Fix for smartcard decryption returning x-coordinate only. (authored by gniibe).
agent: Fix for smartcard decryption returning x-coordinate only.
Jul 17 2025, 2:53 AM

Jul 16 2025

gniibe added a comment to T7709: Decryption with ECC smartcard keys broken.

Here is a patch.

diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 1e5de4671..bb42dd3b4 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -517,6 +517,9 @@ agent_card_ecc_kem (ctrl_t ctrl, const unsigned char *ecc_ct,
Jul 16 2025, 12:09 PM · gpd5x (gpd-5.0.0), gnupg26, Bug Report
gniibe committed rE8a38d914512c: w32:spawn: Support pipe I/O for GPGRT_PROCESS_DETACHED. (authored by gniibe).
w32:spawn: Support pipe I/O for GPGRT_PROCESS_DETACHED.
Jul 16 2025, 6:33 AM
gniibe added a comment to T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".

Fixed with new GPGRT_PROCESS_STDIO_NUL flag.

Jul 16 2025, 3:34 AM · Windows, gpgrt, Feature Request, Bug Report

Jul 15 2025

gniibe committed rE311fb769d1dd: w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL. (authored by gniibe).
w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL.
Jul 15 2025, 9:51 AM
gniibe committed rEf28bf71b86ba: w32:spawn: Fix resource leaks for HANDLEs by w32_open_null. (authored by gniibe).
w32:spawn: Fix resource leaks for HANDLEs by w32_open_null.
Jul 15 2025, 9:51 AM
gniibe committed rE0b01950237ab: w32:spawn: Fix inheriting HANDLEs. (authored by gniibe).
w32:spawn: Fix inheriting HANDLEs.
Jul 15 2025, 9:51 AM
gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Pushed the changes:

T7723 fix by rE311fb769d1dd: w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL.

Jul 15 2025, 8:47 AM · gpgrt, Feature Request, Bug Report
gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Before implementing this feature, it's better to fix T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL", and do some clean up.

Jul 15 2025, 8:35 AM · gpgrt, Feature Request, Bug Report
gniibe updated the task description for T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".
Jul 15 2025, 8:21 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe updated the task description for T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".
Jul 15 2025, 7:53 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe added a comment to T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".

If we will fix gpgconf using GPGRT_PROCESS_STDIO_NUL, we will need to fix gpg-connect-agent to see if it's NUL or not.

Jul 15 2025, 7:52 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe triaged T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL" as Wishlist priority.
Jul 15 2025, 7:50 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe closed T7340: Introduced a context with thread local storage, a subtask of T7338: Revamp the FIPS service indicator, as Resolved.
Jul 15 2025, 7:27 AM · libgcrypt, FIPS, Feature Request
gniibe closed T7340: Introduced a context with thread local storage as Resolved.
Jul 15 2025, 7:27 AM · libgcrypt, FIPS, Feature Request
gniibe closed T7668: gnupg: regexp and build with -fsanitize=address as Resolved.
Jul 15 2025, 7:26 AM · Bug Report, gnupg

Jul 11 2025

gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Here is an experimental change to support the feature.

Jul 11 2025, 10:50 AM · gpgrt, Feature Request, Bug Report
gniibe added a comment to T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd.

I'm testing the following patch with experimental change of libgpg-error.

Jul 11 2025, 10:45 AM · gnupg, Feature Request, Bug Report
gniibe triaged T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd as Wishlist priority.
Jul 11 2025, 10:44 AM · gnupg, Feature Request, Bug Report
gniibe renamed T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error from gpgrt:w32: Spawn detached process, with standard input and standard error to gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Jul 11 2025, 10:39 AM · gpgrt, Feature Request, Bug Report

Jul 10 2025

gniibe added a comment to T7138: Windows (Semi-hosted environment): filename and network access.

In libgpg-error, we have: rE65114f24e13f: w32: More changes to the extended length path handling.

Jul 10 2025, 3:51 AM · gnupg, Bug Report

Jul 9 2025

gniibe updated the task description for T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Jul 9 2025, 9:07 AM · gpgrt, Feature Request, Bug Report
gniibe triaged T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error as Wishlist priority.
Jul 9 2025, 6:44 AM · gpgrt, Feature Request, Bug Report
gniibe claimed T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Jul 9 2025, 6:44 AM · gpgrt, Feature Request, Bug Report
gniibe created T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Jul 9 2025, 6:43 AM · gpgrt, Feature Request, Bug Report

Jul 5 2025

gniibe committed rCf06e90f4137a: cipher:ecc: Silence GCC 15 warning. (authored by gniibe).
cipher:ecc: Silence GCC 15 warning.
Jul 5 2025, 2:38 AM
gniibe committed rCe414699f5da7: cipher:gcm: Minor fix for buffer size. (authored by gniibe).
cipher:gcm: Minor fix for buffer size.
Jul 5 2025, 2:38 AM

Jul 4 2025

gniibe committed rG944494978090: common: Remove openpgp_oid_to_kem_algo. (authored by gniibe).
common: Remove openpgp_oid_to_kem_algo.
Jul 4 2025, 7:38 AM
gniibe committed rG5efabec21883: gpg:ecc: Use the common function of gnupg_get_ecc_params. (authored by gniibe).
gpg:ecc: Use the common function of gnupg_get_ecc_params.
Jul 4 2025, 7:38 AM
gniibe committed rG5ab9d59ee19e: common:ecc: Have a field if the curve of ECC is Weierstrass. (authored by gniibe).
common:ecc: Have a field if the curve of ECC is Weierstrass.
Jul 4 2025, 7:38 AM
gniibe committed rCe9b1c3ec91a1: cipher:kem: Provide each enum constant as macro. (authored by gniibe).
cipher:kem: Provide each enum constant as macro.
Jul 4 2025, 2:55 AM
gniibe committed rC292cb75a723c: cipher:rsa: Fix missing initialization in generate_fips. (authored by gniibe).
cipher:rsa: Fix missing initialization in generate_fips.
Jul 4 2025, 2:55 AM

Jul 3 2025

gniibe committed rG5e623b71d5ce: common:kem: Factor out a function to retrieve ECC parameters. (authored by gniibe).
common:kem: Factor out a function to retrieve ECC parameters.
Jul 3 2025, 9:22 AM
gniibe closed T7648: Decryption to a Ky768_Cv25519 key does not work if the Cv25519 key is on a token as Resolved.
Jul 3 2025, 7:14 AM · PQC, Bug Report
gniibe committed rCd9acecb02a90: build: More changes to allow build with no Kyber. (authored by gniibe).
build: More changes to allow build with no Kyber.
Jul 3 2025, 4:18 AM
gniibe committed rCf2b7d7862ff9: build: Allow build with no Kyber. (authored by gniibe).
build: Allow build with no Kyber.
Jul 3 2025, 2:35 AM

Jul 2 2025

gniibe committed rEcac716808814: gpgrt-config: It's gcc which supports -print-search-dirs option. (authored by gniibe).
gpgrt-config: It's gcc which supports -print-search-dirs option.
Jul 2 2025, 3:18 AM
gniibe committed rC95beae482412: tests: Add a test for Dilithium. (authored by gniibe).
tests: Add a test for Dilithium.
Jul 2 2025, 2:15 AM
gniibe committed rC0a1fda8ce4d0: cipher:dilithium: Support "no-prefix" flag for Dilithium testing. (authored by gniibe).
cipher:dilithium: Support "no-prefix" flag for Dilithium testing.
Jul 2 2025, 2:15 AM
gniibe committed rC40c84d8a4c76: cipher:dilithium: Add ML-DSA into libgcrypt pubkey interface. (authored by gniibe).
cipher:dilithium: Add ML-DSA into libgcrypt pubkey interface.
Jul 2 2025, 2:15 AM
gniibe committed rC81a8332963e2: cipher:dilithium: Add dilithium functions for libgcrypt internal use. (authored by gniibe).
cipher:dilithium: Add dilithium functions for libgcrypt internal use.
Jul 2 2025, 2:15 AM

Jul 1 2025

gniibe committed rCbef89f9316c8: cipher:dilithium: List the dilithium implementation to Makefile.am. (authored by gniibe).
cipher:dilithium: List the dilithium implementation to Makefile.am.
Jul 1 2025, 2:27 AM
gniibe committed rCaeb775adfafd: cipher:dilithium: Don't include unused freeze function. (authored by gniibe).
cipher:dilithium: Don't include unused freeze function.
Jul 1 2025, 2:27 AM
gniibe committed rCf78099b5a022: cipher:dilithium: Add DILITHIUM_INTERNAL_API_ONLY. (authored by gniibe).
cipher:dilithium: Add DILITHIUM_INTERNAL_API_ONLY.
Jul 1 2025, 2:27 AM
gniibe committed rCcce9c02988c2: cipher:dilithium: Have cipher/dilithium.h. (authored by gniibe).
cipher:dilithium: Have cipher/dilithium.h.
Jul 1 2025, 2:27 AM
gniibe committed rCa0bd76300f60: cipher:dilithium: Fix comment style. (authored by gniibe).
cipher:dilithium: Fix comment style.
Jul 1 2025, 2:27 AM
gniibe committed rC92f129fb9ddc: cipher:dilithium: For _GCRYPT_IN_LIBGCRYPT, add *_close function. (authored by gniibe).
cipher:dilithium: For _GCRYPT_IN_LIBGCRYPT, add *_close function.
Jul 1 2025, 2:27 AM
gniibe committed rC5cbf3180533d: cipher:dilithium: Make the implementation into three files. (authored by gniibe).
cipher:dilithium: Make the implementation into three files.
Jul 1 2025, 2:27 AM
gniibe committed rC28fb2e30790b: cipher:dilithium: Functions of poly for different DILITHIUM_MODE. (authored by gniibe).
cipher:dilithium: Functions of poly for different DILITHIUM_MODE.
Jul 1 2025, 2:27 AM
gniibe committed rCcb15a5563ade: cipher: Editorial clean up cipher/dilithium.c for headers. (authored by gniibe).
cipher: Editorial clean up cipher/dilithium.c for headers.
Jul 1 2025, 2:27 AM
gniibe committed rCcc7d750be1c7: cipher:dilithium: Export the external API only. (authored by gniibe).
cipher:dilithium: Export the external API only.
Jul 1 2025, 2:27 AM
gniibe committed rCa7fdda036591: cipher: Add headers to the Dilithium implementation. (authored by gniibe).
cipher: Add headers to the Dilithium implementation.
Jul 1 2025, 2:27 AM
gniibe committed rC1b422366e2b3: cipher: Put the original Dilithium implementation. (authored by gniibe).
cipher: Put the original Dilithium implementation.
Jul 1 2025, 2:27 AM
gniibe committed rEdffca928fbc9: spawn: Define _GPGRT_NEED_AFLOCAL for OS without AF_LOCAL. (authored by gniibe).
spawn: Define _GPGRT_NEED_AFLOCAL for OS without AF_LOCAL.
Jul 1 2025, 2:06 AM
gniibe committed rEf01a2e7c3f9a: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Jul 1 2025, 2:06 AM

Jun 27 2025

gniibe committed rCb945002e44ce: tests:common: Increse buffer size to allow input for PQC testing. (authored by gniibe).
tests:common: Increse buffer size to allow input for PQC testing.
Jun 27 2025, 2:57 AM

Jun 26 2025

gniibe changed the status of T7698: Add support of secp256k1 for KEM API, a subtask of T7649: gnupg: Use KEM interface for encryption/decryption, from Open to Testing.
Jun 26 2025, 6:49 AM · gnupg26
gniibe changed the status of T7698: Add support of secp256k1 for KEM API from Open to Testing.
Jun 26 2025, 6:49 AM · gnupg26
gniibe changed the status of T7696: POSIX: spawn fixes from Open to Testing.
Jun 26 2025, 6:49 AM · gpgrt, Bug Report
gniibe changed the status of T7696: POSIX: spawn fixes, a subtask of T7660: GPGME invocation by cri-o hangs on gpgme_op_verify, from Open to Testing.
Jun 26 2025, 6:49 AM · golang, gpgme, Bug Report
gniibe committed rE6cb61bb9cb55: spawn:posix: Use 1024 for arbitrary limit, following GPGME. (authored by gniibe).
spawn:posix: Use 1024 for arbitrary limit, following GPGME.
Jun 26 2025, 4:50 AM
gniibe committed rEd302aff1eff1: spawn:posix: Add an improvement when closefrom is not available. (authored by gniibe).
spawn:posix: Add an improvement when closefrom is not available.
Jun 26 2025, 4:50 AM
gniibe committed rE9cc016c38df1: posix:spawn: Use getdents64 when closefrom is not available. (authored by gniibe).
posix:spawn: Use getdents64 when closefrom is not available.
Jun 26 2025, 4:50 AM
gniibe committed rC10c0ce88ba3f: cipher:kem:ecc: Support secp256k1 by KEM API. (authored by gniibe).
cipher:kem:ecc: Support secp256k1 by KEM API.
Jun 26 2025, 4:15 AM

Jun 25 2025

gniibe triaged T7698: Add support of secp256k1 for KEM API as High priority.
Jun 25 2025, 3:19 AM · gnupg26

Jun 24 2025

gniibe committed rCcbefff5fcaa6: cipher: Support random-override with PUBKEY_FLAG_BYTE_STRING. (authored by gniibe).
cipher: Support random-override with PUBKEY_FLAG_BYTE_STRING.
Jun 24 2025, 9:04 AM
gniibe committed rC3bb4a54f4387: cipher: Add PUBKEY_FLAG_BYTE_STRING to support byte string data. (authored by gniibe).
cipher: Add PUBKEY_FLAG_BYTE_STRING to support byte string data.
Jun 24 2025, 9:04 AM
gniibe closed T7664: tests/openpgp/ecc.scm fails when building GPG with address sanitizer as Resolved.

Fixed in 2.5.8.

Jun 24 2025, 8:50 AM · gnupg, Bug Report
gniibe added a comment to T7649: gnupg: Use KEM interface for encryption/decryption.

secp256k1 failure:
https://lists.gnupg.org/pipermail/gnupg-users/2025-June/067731.html

Jun 24 2025, 8:07 AM · gnupg26

Jun 23 2025

werner awarded rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization. a Pterodactyl token.
Jun 23 2025, 9:10 AM
gniibe committed rE2c029e737e88: spawn:posix: Fix spawning a process on POSIX machine. (authored by gniibe).
spawn:posix: Fix spawning a process on POSIX machine.
Jun 23 2025, 8:54 AM
gniibe updated the task description for T7696: POSIX: spawn fixes.
Jun 23 2025, 8:31 AM · gpgrt, Bug Report
gniibe triaged T7696: POSIX: spawn fixes as Normal priority.
Jun 23 2025, 7:21 AM · gpgrt, Bug Report
gniibe changed the status of T7694: GPGME: gpgme_io_spawn issues from Open to Testing.

Done by: rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization.

Jun 23 2025, 7:17 AM · gpgme, Bug Report
gniibe changed the status of T7694: GPGME: gpgme_io_spawn issues, a subtask of T7660: GPGME invocation by cri-o hangs on gpgme_op_verify, from Open to Testing.
Jun 23 2025, 7:17 AM · golang, gpgme, Bug Report
gniibe committed rM075e5be9fbee: Fix debug output of posix-io.c. (authored by gniibe).
Fix debug output of posix-io.c.
Jun 23 2025, 7:13 AM
gniibe committed rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization. (authored by gniibe).
Use sysconf as a fallback mechanism in the initialization.
Jun 23 2025, 7:13 AM

Jun 20 2025

gniibe added a comment to T7694: GPGME: gpgme_io_spawn issues.

OK. I'll add a code for setting the fallback value in _gpgme_io_subsystem_init and use it from get_max_fds.

Jun 20 2025, 10:35 AM · gpgme, Bug Report
gniibe committed rMe8e5434cc4f5: posix: Clean up get_max_fds implementation. (authored by gniibe).
posix: Clean up get_max_fds implementation.
Jun 20 2025, 3:30 AM
gniibe updated the task description for T7694: GPGME: gpgme_io_spawn issues.
Jun 20 2025, 2:28 AM · gpgme, Bug Report
gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

For issues of get_max_fds, I created a sub task, although it seems not the direct cause of this particular problem.

Jun 20 2025, 2:13 AM · golang, gpgme, Bug Report
gniibe removed a project from T7694: GPGME: gpgme_io_spawn issues: golang.
Jun 20 2025, 2:09 AM · gpgme, Bug Report
gniibe triaged T7694: GPGME: gpgme_io_spawn issues as Normal priority.
Jun 20 2025, 2:07 AM · gpgme, Bug Report

Jun 19 2025

gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

I test following test program (gcc -o t-gmf t-gmf.c) on Debian machine of S390x.

Jun 19 2025, 9:26 AM · golang, gpgme, Bug Report

Jun 17 2025

gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

In the log, we can observe duplicated lines generated by
https://dev.gnupg.org/source/gpgme/browse/master/src/posix-io.c$545
Example is like:

2025-05-19 20:16:35 gpgme[21970.55d7]   _gpgme_io_spawn: check: fd[0] = 0x1c -> 0x1
2025-05-19 20:16:35 gpgme[21970.55d7]   _gpgme_io_spawn: check: fd[0] = 0x1c -> 0x1
Jun 17 2025, 10:01 AM · golang, gpgme, Bug Report
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt, a subtask of T6191: FIPS: Supporting running FIPS enabled machine, as Resolved.
Jun 17 2025, 2:38 AM · gnupg24, FIPS, Bug Report
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt, a subtask of T7649: gnupg: Use KEM interface for encryption/decryption, as Resolved.
Jun 17 2025, 2:38 AM · gnupg26
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt as Resolved.
Jun 17 2025, 2:38 AM · gnupg26, FIPS, Feature Request
gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime as Resolved.

Done in 1.11.1.

Jun 17 2025, 2:30 AM · MacOS, libgcrypt, Bug Report
gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime, a subtask of T7165: Release Libgcrypt 1.11.0, as Resolved.
Jun 17 2025, 2:30 AM · Release Info, libgcrypt
gniibe closed T7184: Libgcrypt v1.11.0 make fails at cipher/blake2.c:834:6 (has no member named 'use_avx512') as Resolved.

Done in 1.11.1.

Jun 17 2025, 2:29 AM · libgcrypt, Bug Report
gniibe closed T7277: libgcrypt: Adding Known Answer Tests for KEM as Resolved.

Done in 1.11.1.

Jun 17 2025, 2:28 AM · PQC, libgcrypt

Jun 13 2025

gniibe added a comment to T7640: ML-DSA for libgcrypt.

Reading https://openssl-library.org/files/blog/Request_to_Extend_IETF_WGLC_for_PQ_Key_Specifications.pdf ,
seed (with "S") is included in the private-key.

Jun 13 2025, 3:40 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

The commit rC23543b6c1497: Add mldsa_compute_keygrip and let private-key include "p". works well for me.

Jun 13 2025, 2:51 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

To support Dilithium, we need to extend data handling of libgcrypt.
I propose following changes:

  • internal flag of PUBKEY_FLAG_BYTE_STRING to ask opaque MPI for data to be signed/verified.
  • The format of data as: (data(raw)[(flags no-prefix)](value ...)[(label ...)][(random-override ...)]): message, context, and random. Optional no-prefix flag to ask specific way of signing, controlling the internal, for Known Answer Tests (siggen).
Jun 13 2025, 2:50 AM · PQC, libgcrypt

Jun 6 2025

gniibe changed the status of T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token from Open to Testing.
Jun 6 2025, 7:27 AM · gnupg26, Bug Report
gniibe added a comment to T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token.

My test coverage was not good (even if I daily use Curve25519 on Gnuk Token).
Your analysis is correct.

Jun 6 2025, 7:18 AM · gnupg26, Bug Report
gniibe committed rGfde915af1cf4: agent: Fix for the prefix 0x40 in the point representation. (authored by gniibe).
agent: Fix for the prefix 0x40 in the point representation.
Jun 6 2025, 7:16 AM