No sorry, we won't do that for the regular source. However, the full source for the binary installer is xz compressed. That is because we are legally required to publish the source but in reality the source ist not used and weel, to build you have lots of other requirements with xz being the simplest one.

May 25 2019, 8:44 PM · gnupg, libgcrypt

vtorri created T4540: compress tarballs with xz in the S1 Public space.

May 25 2019, 7:51 PM · gnupg, libgcrypt

May 24 2019

slandden updated the diff for D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..

May 24 2019, 9:05 PM

slandden requested review of D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..

May 24 2019, 9:04 PM

slandden updated the diff for D491: Support for PowerPC's AES acceleration..

proper benchmarks

May 24 2019, 9:04 PM

slandden updated the diff for D492: Add PowerPC crypto acceleration support for SHA2..

Fix alignment needs of vcrypto instructions.

May 24 2019, 9:03 PM

• werner triaged T4539: libgpg-error on Windows: strerror_s can be used instead of strerror_r as Normal priority.

I guess we can do that. Thanks for the hint.

May 24 2019, 3:19 PM · gpgrt, Feature Request

vtorri created T4539: libgpg-error on Windows: strerror_s can be used instead of strerror_r.

May 24 2019, 1:19 PM · gpgrt, Feature Request

• werner added a comment to T4538: Support PSS signed CRLs.

Interesting tinge: The main CRL of the dgn.de CA uses a nextUpdate in the year 2034 (15 years in the future) which would force dirmngr to cache the CRL until then. However, the CRL of the intermediate certificate has a nextUpdate only one month in the future. There is currently no entry in that second level CRL, so their idea might be that an updated second level CRL will also trigger a reload of the main CRL. I have not checked how we implement that in Dirmngr but I doubt that such a thing will work for us and that it is in any way standard compliant.

May 24 2019, 11:59 AM · dirmngr, S/MIME, libksba

• werner added a subtask for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.

May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba

• werner added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.

May 24 2019, 9:10 AM · Release Info

• werner removed a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.

May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba

• werner removed a subtask for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.

May 24 2019, 9:10 AM · Release Info

• werner added a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.

May 24 2019, 9:08 AM · dirmngr, S/MIME, libksba

• werner added a subtask for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.

May 24 2019, 9:08 AM · Release Info

• werner removed a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling.

May 24 2019, 9:06 AM · Release Info

• werner removed a subtask for T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling: T4523: Gpg4win: Multiple problems reported 05-2019.

May 24 2019, 9:06 AM · gpg4win, gpgol

• werner created T4538: Support PSS signed CRLs.

May 24 2019, 8:58 AM · dirmngr, S/MIME, libksba

jukivili added a comment to D491: Support for PowerPC's AES acceleration..

Consider using tests/bench-slope to get cycles/byte results so they can be compared with https://github.com/dot-asm/cryptogams/blob/master/ppc/aesp8-ppc.pl#L34

May 24 2019, 8:44 AM

slandden planned changes to D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..

May 24 2019, 6:39 AM

slandden planned changes to D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:39 AM

slandden planned changes to D492: Add PowerPC crypto acceleration support for SHA2..

Didn't do sufficient testing.

May 24 2019, 6:31 AM

slandden updated the diff for D491: Support for PowerPC's AES acceleration..

Actually include modified perlasm file.

May 24 2019, 6:16 AM

slandden updated the summary of D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:15 AM

slandden updated the summary of D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:07 AM

slandden updated the summary of D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:07 AM

slandden updated the summary of D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:06 AM

slandden added a task to D492: Add PowerPC crypto acceleration support for SHA2.: T4530: libgcrypt: POWER SHA-2 Vector Acceleration.

May 24 2019, 6:06 AM

slandden added a revision to T4530: libgcrypt: POWER SHA-2 Vector Acceleration: D492: Add PowerPC crypto acceleration support for SHA2..

May 24 2019, 6:06 AM · libgcrypt, Feature Request

slandden created D492: Add PowerPC crypto acceleration support for SHA2..

May 24 2019, 6:06 AM

slandden updated the summary of D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:04 AM

slandden created D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:03 AM

slandden added a revision to T4529: libgcrypt: POWER AES Vector Acceleration: D491: Support for PowerPC's AES acceleration..

May 24 2019, 6:03 AM · libgcrypt, Feature Request

slandden created D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..

May 24 2019, 6:01 AM

May 23 2019

misterzed88 created T4537: gpgsm support for timestamp signatures.

May 23 2019, 4:25 PM · gnupg26, S/MIME, Feature Request

wheelerlaw reopened T3065: dirmngr: proxy issues with dnslookup causing failure as "Open".

Are you not reading what I am saying to you?? Once again, your explanation is INVALID because that would mean that gnupg would be BROKEN, because it would be a NON-COMPLIANT http client according to the RFC I quoted.

May 23 2019, 1:58 PM · gnupg (gpg22), dns, dirmngr

misterzed88 created T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.

May 23 2019, 11:18 AM · S/MIME, gnupg (gpg22), Bug Report

misterzed88 created T4535: gpgsm --sign prints misleading error message when using default key.

May 23 2019, 9:53 AM · gnupg (gpg22), S/MIME, Bug Report

• werner edited projects for T3287: Improve http proxy support by honoring SRV RRs., added: gnupg (gpg23); removed gnupg (gpg22).

May 23 2019, 9:43 AM · gnupg, dirmngr

• werner closed T3065: dirmngr: proxy issues with dnslookup causing failure as Wontfix.

I explained why the keyserver access requires access to the DNS. If that is not possible the keyserver code will not work. If you don't allow DNS to work you either have to use Tor (which we use to also tunnel DNS requests) or get your keys from elsewhere. Also note that the keyserver network is current several broken and under DoS and thus it is unlikely that it can be operated in the future.

May 23 2019, 9:42 AM · gnupg (gpg22), dns, dirmngr

• werner edited projects for T4422: `repair-keys` does not reorder signatures on non-merge imports, added: gnupg (gpg23); removed gnupg (gpg22).

May 23 2019, 9:31 AM · gnupg24, Bug Report

• gniibe closed T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon. as Resolved.

Simply sending "KILLSCD" is implemented.

May 23 2019, 3:19 AM · Bug Report, scd, gpgagent

• gniibe committed rG7158a5696dc8: agent: Stop scdaemon after reload when disable_scdaemon. (authored by • gniibe).

agent: Stop scdaemon after reload when disable_scdaemon.

May 23 2019, 3:18 AM

• gniibe committed rG265e6d670682: g10: Copy expiredate from primary key when marked expired. (authored by • gniibe).

g10: Copy expiredate from primary key when marked expired.

May 23 2019, 2:42 AM

• gniibe changed the status of T3343: show-unusable-subkeys claims "expired: never" when primary key is expired from Open to Testing.

There is also a confusing case: a subkey expiration date is set, but the associated primary key is expired.
Pushing a fix in master.

May 23 2019, 2:41 AM · gnupg, Bug Report

• gniibe closed T3283: Set 'mym4_revision' to 0 if not a git repo as Resolved.

May 23 2019, 1:59 AM · libgcrypt, Bug Report

May 22 2019

• werner closed T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC) as Resolved.

You need to update the public key and convey it to the sender. This will solve the problems. You should also ask the sender to update their software so that an MDC is always used regardless of the flag.

May 22 2019, 7:24 PM · Not A Bug, gpg4win

• werner added a comment to T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

Actually I have a different approach to fix this bug(let). Please give me a few days.

May 22 2019, 7:21 PM · patch, Bug Report, gnupg

cdeibert added a comment to T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC).

Yes, very exactly indeed: It's GPgOL within gpg4win-3.1.1... ;) But you're right, the key itself is a legacy key, created back in 2001 with a commercial PGP Solution and later on the key was "spiced up" cipher-wise...Goal ist to get everybody (also the sender) to gpg4win-3.1.7, but how can I achive not having lots of eMails which one will never be able to decrypt?

May 22 2019, 7:13 AM · Not A Bug, gpg4win

matheusmoreira updated the diff for D489: po: add portuguese translation for the new command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:28 AM

matheusmoreira updated the diff for D488: gpg: add the --delete-secret-key-stubs command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:27 AM

matheusmoreira updated the summary of D486: po: add portuguese description for new command.

May 22 2019, 2:26 AM

matheusmoreira updated the diff for D486: po: add portuguese description for new command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:26 AM

matheusmoreira updated the diff for D485: gpg: add the --delete-secret-subkeys command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:20 AM

matheusmoreira updated the diff for D483: po: add portuguese primary key deletion message.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:18 AM

matheusmoreira updated the diff for D482: gpg: confirm again before deleting primary key.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:17 AM

matheusmoreira updated the diff for D481: gpg: confirm deletion of each key individually.

Rebased on top of master: 4c7d63cd5b02
Add the if (okay) conditional back to the code

May 22 2019, 2:15 AM

matheusmoreira updated the diff for D480: gpg: factor out secret key deletion function.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:13 AM

matheusmoreira updated the diff for D479: gpg: avoid deletion of keys not specified by user.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:12 AM

matheusmoreira added a comment to T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

@werner Thanks for merging the --dry-run patch in 110a4550179f !

May 22 2019, 2:10 AM · patch, Bug Report, gnupg

May 21 2019

matheusmoreira abandoned D487: gpg: don't delete any keys if --dry-run is passed.

Committed to master: 110a4550179f

May 21 2019, 11:09 PM

• werner added a comment to T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC).

Do you know which software the sender uses for encryption? That software may simply ignore the preferences or the sender also encrypts to a legacy key using a software which does not force the use of an MDC. Sometimes keys are generated with gpg but used with other software - without updating the preferences of the keys.

May 21 2019, 6:31 PM · Not A Bug, gpg4win

• werner added a comment to T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression.

I don't see why the documentation needs to be fixed. gcry_sexp_canon_len returns 0 for certain and s-expressions, meaning tha the s-expression is not valid. After all the s-expression code in libgcrypt does not claim to be a general purpose parser for s-expression but is targeted towards Libgcrypt needs.

May 21 2019, 6:26 PM · libgcrypt, Bug Report

dkg added a comment to T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression.

By marking this as "wontfix", you appear to be saying that you won't even fix the documentation to describe the constraints that gcrypt intends to enforce. This is surprising to me.

May 21 2019, 5:59 PM · libgcrypt, Bug Report

• werner committed rG30f44957ccd1: gpg: Do not bail on an invalid packet in the local keyring. (authored by • werner).

gpg: Do not bail on an invalid packet in the local keyring.

May 21 2019, 5:40 PM

• werner committed rG4c7d63cd5b02: gpg: Do not bail on an invalid packet in the local keyring. (authored by • werner).

gpg: Do not bail on an invalid packet in the local keyring.

May 21 2019, 5:28 PM

• werner closed T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression as Wontfix.

May 21 2019, 4:30 PM · libgcrypt, Bug Report

• werner committed rGd32963eeb33f: gpg: Do not allow creation of user ids larger than our parser allows. (authored by • werner).

gpg: Do not allow creation of user ids larger than our parser allows.

May 21 2019, 4:29 PM