Page MenuHome GnuPG
Feed All Stories

Mar 13 2020

werner added a comment to T4872: Support opaque MPI with gcry_mpi_print.

I am not sure whether this is related but when using Libgcrypt master and verifying a signature created with an ed25519 key, I get the error below with valgrind. Both with 2.2. current and 2.3. It does not happen with the current Libgcrypt 1.8.

Mar 13 2020, 5:25 PM · Restricted Project, Feature Request, libgcrypt
werner committed rG6a4443c8425f: gpg: Make use of the included key block in a signature. (authored by werner).
gpg: Make use of the included key block in a signature.
Mar 13 2020, 5:18 PM
werner committed rG865d48518024: gpg: New option --include-key-block. (authored by werner).
gpg: New option --include-key-block.
Mar 13 2020, 5:18 PM
werner committed rG32493ce50ad8: gpg: Add property "fpr" for use by --export-filter. (authored by werner).
gpg: Add property "fpr" for use by --export-filter.
Mar 13 2020, 1:20 PM
werner added a project to T4856: GPG: Key Exchange Put public OpenPGP key into signature: Feature Request.
Mar 13 2020, 1:17 PM · Feature Request, gpgol, Keyserver, gnupg

Mar 12 2020

dkg updated the task description for T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:29 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
dkg created T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:01 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
dkg added a comment to T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.

For reference, here's an error message from openssl smime when it is trying to verify an e-mail message with no embedded certificate at all (despite it knowing about the relevant certificate):

Mar 12 2020, 2:01 PM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
werner committed rG90fb4a69d2f6: doc: Add a comment to explain the signature postscript. (authored by werner).
doc: Add a comment to explain the signature postscript.
Mar 12 2020, 11:06 AM
Laurent Montel <montel@kde.org> committed rLIBKLEO04efafdcfb6c: GIT_SILENT: Reduce deprecated version in release (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Reduce deprecated version in release
Mar 12 2020, 10:46 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA1b2b354071ba: GIT_SILENT: Reduce deprecated version in release (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Reduce deprecated version in release
Mar 12 2020, 10:44 AM
werner changed the status of T4788: System wide configuration of the GnuPG system from Open to Testing.

There are likely some bugs in the new code and I also want to do some improvements; see rGb4f1159a5bd7. But things should basically work as before and thus I set this again to testing

Mar 12 2020, 10:36 AM · gnupg (gpg23), Feature Request, gpg4win, g10code
werner committed rGb4f1159a5bd7: gpgconf: Rewrite the gpgconf-comp module. (authored by werner).
gpgconf: Rewrite the gpgconf-comp module.
Mar 12 2020, 10:23 AM
werner triaged T4873: Enable AES GCM in FIPS mode as Low priority.
Mar 12 2020, 9:59 AM · FIPS, libgcrypt, Feature Request
werner triaged T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed as Low priority.
Mar 12 2020, 9:59 AM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
dkg created T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.
Mar 12 2020, 7:51 AM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
Laurent Montel <montel@kde.org> committed rKLEOPATRA9549881b2445: GIT_SILENT: it's autogenerated now (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: it's autogenerated now
Mar 12 2020, 6:57 AM
gniibe claimed T4869: constant-time mpi_invm.
Mar 12 2020, 6:50 AM · libgcrypt
gniibe added a project to T4624: libassuan-config and libassuan.pc both put -lws2_32 before -lgpg-error, which fails during static linking: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, libassuan, Bug Report
gniibe added a project to T4623: pkg-config for mingw needs to emit -lws2_32: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, gpgrt, Bug Report
gniibe added a project to T4301: Handling multiple subkeys on two SmartCards: Restricted Project.
Mar 12 2020, 6:45 AM · Restricted Project, gnupg, scd, Bug Report
gniibe changed the status of T4810: A key with only "C" capability cannot be selected as default key. from Open to Testing.
Mar 12 2020, 6:43 AM · Restricted Project, gnupg (gpg22)
gniibe changed the status of T4244: Better enum_secret_keys by asking gpg-agent KEYINFO --list from Open to Testing.
Mar 12 2020, 6:40 AM · Restricted Project, gnupg
gniibe added a project to T4491: Compile error in nPth's t-fork.c on Solaris 11.3 i86pc: Restricted Project.
Mar 12 2020, 6:39 AM · npth, Bug Report
gniibe added projects to T4583: pinentry-tty should accept backspace, delete, and ctrl-U: Restricted Project, pinentry.
Mar 12 2020, 6:39 AM · pinentry, Restricted Project, Bug Report
gniibe added a project to T4585: pinentry-tty mishandles ctrl-C: Restricted Project.
Mar 12 2020, 6:38 AM · Restricted Project, Bug Report
gniibe changed the status of T3300: scd: Support multiple readers by PC/SC driver from Open to Testing.
Mar 12 2020, 6:36 AM · Restricted Project, gnupg (gpg23), scd
gniibe added a project to T3207: FASTWIPE_T undefined: Restricted Project.
Mar 12 2020, 6:34 AM · Restricted Project, ntbtls, Bug Report
gniibe changed the status of T4597: Support GCM modes for ntbtls. from Open to Testing.
Mar 12 2020, 6:33 AM · Restricted Project, Feature Request, ntbtls
gniibe changed the status of T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools from Open to Testing.
Mar 12 2020, 6:32 AM · Restricted Project, libassuan, Feature Request
gniibe changed the status of T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified from Open to Testing.
Mar 12 2020, 6:31 AM · gnupg (gpg23), Restricted Project, scd, Feature Request
gniibe added a project to T4678: libassuan.pc missing include dir directive in cflags: Restricted Project.
Mar 12 2020, 6:30 AM · Restricted Project, libassuan
gniibe committed rC4c89767677b3: constant-time-invm: Calculate k^-1 before dsa_modify_k. (authored by gniibe).
constant-time-invm: Calculate k^-1 before dsa_modify_k.
Mar 12 2020, 6:29 AM

Mar 11 2020

jcross added a watcher for gnupg (gpg23): jcross.
Mar 11 2020, 7:15 PM
Thaodan committed rGTO2c2783e43bce: Import CardWidgets from kleopatra (authored by Thaodan).
Import CardWidgets from kleopatra
Mar 11 2020, 6:16 PM
Thaodan committed rGTOca58a83af51d: Add card widgets per card type and update them if changed (authored by Thaodan).
Add card widgets per card type and update them if changed
Mar 11 2020, 6:16 PM
aheinecke created T4877: GpgOL: Look for S/MIME sec keys on inserted smartcards if no key is available.
Mar 11 2020, 3:25 PM · gpgol
aheinecke created T4876: Generic smartcard widget for PKCS# 15 and other apps.
Mar 11 2020, 3:22 PM · Restricted Project, kleopatra
aheinecke created T4875: Kleopatra: Improve support for S/MIME Smartcards and add additional card support.
Mar 11 2020, 2:30 PM · kleopatra
aheinecke committed rDce77159e7933: web: Update my picture (authored by aheinecke).
web: Update my picture
Mar 11 2020, 10:26 AM
aheinecke changed the status of T4874: GpgOL: Make Address book integration more visible from Open to Testing.

This is now implemented

Mar 11 2020, 9:16 AM · gpgol
Laurent Montel <montel@kde.org> committed rLIBKLEOa7066cadb13b: GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5.
Mar 11 2020, 8:45 AM
gniibe changed the status of T4872: Support opaque MPI with gcry_mpi_print from Open to Testing.

Fixed in master.

Mar 11 2020, 8:13 AM · Restricted Project, Feature Request, libgcrypt
gniibe committed rCb4b04ae6c2e5: mpi: Support opaque MPI with gcry_mpi_print. (authored by gniibe).
mpi: Support opaque MPI with gcry_mpi_print.
Mar 11 2020, 8:13 AM
gniibe added a comment to T4872: Support opaque MPI with gcry_mpi_print.

A program like tests/t-mpi-point assumes gcry_mpi_print can do that.
We have a sort of regression with --debug option with t-mpi-point, the point q is not printed out correctly.

Mar 11 2020, 8:12 AM · Restricted Project, Feature Request, libgcrypt
gniibe added a project to T4872: Support opaque MPI with gcry_mpi_print: Feature Request.
Mar 11 2020, 8:10 AM · Restricted Project, Feature Request, libgcrypt
Laurent Montel <montel@kde.org> committed rKLEOPATRAa566117ff7ee: GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5.
Mar 11 2020, 7:35 AM
gniibe added a project to T4872: Support opaque MPI with gcry_mpi_print: libgcrypt.
Mar 11 2020, 6:12 AM · Restricted Project, Feature Request, libgcrypt

Mar 10 2020

Valodim added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

ftr, here is the thread I had in mind but couldn't recall above. @aheinecke is that your thinking, or a more pgp/mime bound mechanism as @dkg assumed?

Mar 10 2020, 5:50 PM · Feature Request, gpgol, Keyserver, gnupg
Jetersen closed T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows as Invalid.
Mar 10 2020, 4:52 PM · gnupg, gpg4win
dkg added a comment to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows.

"log" and "lock" are easy typo/confusions to make, @aheinecke was just trying to understand your report better, since there wasn't much information in it.

Mar 10 2020, 4:23 PM · gnupg, gpg4win
aheinecke committed rO6f5f48c3d60e: Don't allow setting a keys for distrib. lists (authored by aheinecke).
Don't allow setting a keys for distrib. lists
Mar 10 2020, 4:21 PM
aheinecke committed rOdc69b195aba2: Additional get_object_name helper (authored by aheinecke).
Additional get_object_name helper
Mar 10 2020, 4:21 PM
werner added a comment to T4873: Enable AES GCM in FIPS mode.

This requires re-evaluation of Libgcrypt to match the current FIPS specs.

Mar 10 2020, 4:13 PM · FIPS, libgcrypt, Feature Request
aheinecke committed rOe5bc1579b24a: Enable / Disable Address book button dynamically (authored by aheinecke).
Enable / Disable Address book button dynamically
Mar 10 2020, 3:41 PM
aheinecke committed rO1283e384babe: Add UI code to open gpgolkeyadder from explorer (authored by aheinecke).
Add UI code to open gpgolkeyadder from explorer
Mar 10 2020, 3:41 PM
aheinecke committed rO016e3f957ea5: Add helper to get a std::string object name (authored by aheinecke).
Add helper to get a std::string object name
Mar 10 2020, 3:41 PM
aheinecke committed rOf09fe121e126: Make address book callback work with Explorer, too (authored by aheinecke).
Make address book callback work with Explorer, too
Mar 10 2020, 3:41 PM
aheinecke committed rOb222292f3148: Add some shared_disp_t helper functions (authored by aheinecke).
Add some shared_disp_t helper functions
Mar 10 2020, 3:41 PM
aheinecke committed rO64353d40f311: Track opened contacts in Addressbook (authored by aheinecke).
Track opened contacts in Addressbook
Mar 10 2020, 3:41 PM
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

@wiktor-k, "just extend the spec" doesn't necessarily work with existing clients, which might be surprised to find unexpected packets in the signature section of an e-mail. It seems more likely to me that they'd be able to handle (meaning: ignore) an unknown subpacket (as long as it's well-formed) than to handle additional packets. But all of these surmises require testing with existing clients, of course. Has anyone done any of that testing?

Mar 10 2020, 3:19 PM · Feature Request, gpgol, Keyserver, gnupg
aheinecke committed rW247976a7b141: doc: Add more missing content to org manual (authored by aheinecke).
doc: Add more missing content to org manual
Mar 10 2020, 2:17 PM
aheinecke committed rW42f769503ac2: Improve german translation (authored by aheinecke).
Improve german translation
Mar 10 2020, 2:17 PM
aheinecke committed rWb8003da5a502: doc: Add missing content to org manual (authored by aheinecke).
doc: Add missing content to org manual
Mar 10 2020, 2:17 PM
aheinecke created T4874: GpgOL: Make Address book integration more visible.
Mar 10 2020, 1:12 PM · gpgol
pmgdeb created T4873: Enable AES GCM in FIPS mode.
Mar 10 2020, 11:31 AM · FIPS, libgcrypt, Feature Request
Jetersen added a comment to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows.

At no point did I mention log files ? So not sure where that is coming from.

Mar 10 2020, 11:27 AM · gnupg, gpg4win
aheinecke added a comment to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows.

apologies but I do not understand this issue. Please clarify. Were you having issues with "log" files or "lock" files?
What was your issue?

Mar 10 2020, 10:16 AM · gnupg, gpg4win
wiktor-k added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

This is a nice idea and although it overlaps with Autocrypt it has other uses too: for example verification of signed files that can be vastly simplified (just get the file and the signature, no key fetching needed, downside: the key attached to the signature could be stale).

Mar 10 2020, 10:04 AM · Feature Request, gpgol, Keyserver, gnupg
gniibe committed rC41ede3b56efd: constant-time-invm: Focus on odd case. (authored by gniibe).
constant-time-invm: Focus on odd case.
Mar 10 2020, 6:27 AM
gniibe committed rC5e6ff3ae9de7: constant-time--invm: Coding style change for libgcrypt. (authored by gniibe).
constant-time--invm: Coding style change for libgcrypt.
Mar 10 2020, 5:48 AM
gniibe committed rC74fd4287a10f: constant-invm: Fix odd_u calculation by our mpih_rshift result. (authored by gniibe).
constant-invm: Fix odd_u calculation by our mpih_rshift result.
Mar 10 2020, 5:09 AM
Thaodan committed rGTOfb1729591042: Add tabbardialog and use it. Card files missing see next commit. (authored by Thaodan).
Add tabbardialog and use it. Card files missing see next commit.
Mar 10 2020, 3:32 AM
gniibe created T4872: Support opaque MPI with gcry_mpi_print.
Mar 10 2020, 2:20 AM · Restricted Project, Feature Request, libgcrypt
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

Ah, thanks for pointing out the subpacket option (i guess it could be hashed or unhashed). i don't think any of the subpackets currently defined in RFC4880 supports this use case -- but i guess you could mint a new one, or use a notation.

Mar 10 2020, 1:22 AM · Feature Request, gpgol, Keyserver, gnupg
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRA23e18a6d21ce: Merge remote-tracking branch 'origin/release/19.12' (authored by Albert Astals Cid <aacid@kde.org>).
Merge remote-tracking branch 'origin/release/19.12'
Mar 10 2020, 12:44 AM
Valodim added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

Werner said that it's possible in OpenPGP to also put the pubkey into the signature. (...) The nice advantage is that this will also work for files.

Mar 10 2020, 12:31 AM · Feature Request, gpgol, Keyserver, gnupg

Mar 9 2020

Jetersen added projects to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows: gpg4win, gnupg.
Mar 9 2020, 10:42 PM · gnupg, gpg4win
Laurent Montel <montel@kde.org> committed rKLEOPATRA26e016983326: Autogenerate categories file (authored by Laurent Montel <montel@kde.org>).
Autogenerate categories file
Mar 9 2020, 10:34 PM
Moonchild added a comment to T4249: No connection to Keyserver possible.

I'm using enigmail 1.9.9 because I'm on a mail client that doesn't use WebExtensions, so it's using gnupg for keyserver stuff. In this case that means I've been able to verify it's a gnupg issue (both Kleopatra and enigmail displaying the same issue as CLI).

Mar 9 2020, 9:54 PM · gnupg, dirmngr, Bug Report, gpg4win
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

Hi @aheinecke, thanks for thinking about this, and thanks for tagging me here too. I'm definitely interested.

Mar 9 2020, 9:53 PM · Feature Request, gpgol, Keyserver, gnupg
Jetersen created T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows in the S1 Public space.
Mar 9 2020, 8:55 PM · gnupg, gpg4win
dkg added a comment to T4857: GPGSM: Put encryption key also into signature.

This is an important fix for a sensible S/MIME use case. Thanks for working on it!

Mar 9 2020, 8:40 PM · gnupg, S/MIME
dkg added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

Yes, i'd surmised that the ::::: lines are continuation lines of the error message. but why not just percent-escape the newline in the error message too? Where in the documentation of this API does it say to expect continuation lines of error messages? Is gpgconf expected to be used programmatically?

Mar 9 2020, 6:21 PM · gnupg (gpg22), Bug Report
dkg added a comment to T4249: No connection to Keyserver possible.

@Moonchild wrote:

using enigmail with the new version

Mar 9 2020, 6:14 PM · gnupg, dirmngr, Bug Report, gpg4win
gniibe committed rC4d911eadae3c: const-invm: Fix ->nlimbs. (authored by gniibe).
const-invm: Fix ->nlimbs.
Mar 9 2020, 1:15 PM
Simrah added a comment to T4870: Kleopatra - do not change the language from Russian.

Added variable value

set language
LANGUAGE=en_US

I launched the Kleopatra again. I did not notice any changes.

Mar 9 2020, 1:13 PM · Windows 64, Windows, kleopatra, Bug Report
Moonchild added a comment to T4249: No connection to Keyserver possible.

Just registered to report pretty much the same.
I've been using gpg 2 for a long while and it's been doing just fine, up to the point where people started using keys it didn't recognise that require a later version.

Mar 9 2020, 1:03 PM · gnupg, dirmngr, Bug Report, gpg4win
werner added a comment to T4867: with non-existent homedir, `gpgconf --check-programs` produces surprising output..

Well, I misread the output. What you see is what is expected. From the gpgconf man page:

Mar 9 2020, 12:57 PM · gnupg (gpg22), Bug Report
aheinecke triaged T4870: Kleopatra - do not change the language from Russian as Low priority.

Thanks for your report. Yes this is sadly a known issue. Our backend system has it's own localization that uses the system language and does not care about the Kleopatra configuration.

Mar 9 2020, 12:46 PM · Windows 64, Windows, kleopatra, Bug Report
werner added a comment to T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().

We don't consider this a security problem because the tool you used is a debug helper which we use during development (if at all). All real code needs to verify that it does not request a division by zero. The div-by-zero checks we added 8 years agot to other code paths (e.g. mpi_pow, rC2c54c4da19d3a79e9f749740828026dd41f0521a) are failstop measurements which should never be triggered.

Mar 9 2020, 12:45 PM · Bug Report
Simrah created T4870: Kleopatra - do not change the language from Russian.
Mar 9 2020, 12:29 PM · Windows 64, Windows, kleopatra, Bug Report
aheinecke committed rD25b3f852a8fa: swdb: Add gpg4win-3.1.11 (authored by aheinecke).
swdb: Add gpg4win-3.1.11
Mar 9 2020, 12:29 PM
Research_Team_loginsoft added a comment to T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr().

Thanks for quick response and fixing the issue. We wanted to request for a CVE since libgcrypt is widely used and a patch has been provided. Please let us know if you have any disclosure policy.

Mar 9 2020, 11:53 AM · Bug Report
bernhard committed rM11edc073a3d2: python: fix minor typo in howto (authored by bernhard).
python: fix minor typo in howto
Mar 9 2020, 11:43 AM
bernhard committed rW625734c73821: Localize: tiny http -> https (authored by bernhard).
Localize: tiny http -> https
Mar 9 2020, 10:59 AM
werner committed rCffbc5702ab16: mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr. (authored by werner).
mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr.
Mar 9 2020, 10:45 AM
werner closed T4868: Heap buffer overflow in _gcry_mpi_tdiv_qr() as Resolved.

You are providing invaldid data to this debug helper tools and run into a div-by-zero. I will add the usual test earlier in the code path so that a fatal error is triggered. Thanks for the report.

Mar 9 2020, 10:39 AM · Bug Report
werner committed rCafbab896fa04: mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr. (authored by werner).
mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr.
Mar 9 2020, 10:37 AM
gniibe committed rCcd9c5fdee643: Rough sketch of SCR mpi_invm using Niels Möller algorithm. (authored by gniibe).
Rough sketch of SCR mpi_invm using Niels Möller algorithm.
Mar 9 2020, 9:06 AM