We should only allow this for v5. This way we get incentive to move forward. ed448 requires a newer version anyway and thus it is good to take this as an opportunity to also demand AEAD etc.

Nov 25 2021, 9:29 AM · gnupg24, OpenPGP, gnupg (gpg23)

• gniibe added a comment to T5704: Ed448/X448 defined in draft-ietf-openpgp-crypto-refresh-04.

The branch gniibe/v5/448 has the implementation.

Nov 25 2021, 6:33 AM · gnupg24, OpenPGP, gnupg (gpg23)

• gniibe triaged T5704: Ed448/X448 defined in draft-ietf-openpgp-crypto-refresh-04 as High priority.

Nov 25 2021, 6:33 AM · gnupg24, OpenPGP, gnupg (gpg23)

• gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

To be conservative, given the situation most implementations already support zero-removal and zero-recovery, it's better to output zero-removed signature, that is, signature with well-formed MPI.

Nov 25 2021, 6:29 AM · gnupg (gpg23), Bug Report

• gniibe added a comment to T5120: Incompatible Ed25519 secret key (no-encryption).

My proposal is applying SOS (MPI with leading zero octets) patches, for 2.2, because there may be existing keys with SOS already.

Nov 25 2021, 6:17 AM · gnupg (gpg22), Bug Report

• gniibe reopened T5120: Incompatible Ed25519 secret key (no-encryption), a subtask of T5114: GnuPG fails to import back generated and exported EdDSA secret key., as Open.

Nov 25 2021, 6:14 AM · gnupg, Restricted Project, gpgagent, Bug Report

• gniibe reopened T5120: Incompatible Ed25519 secret key (no-encryption) as "Open".

It's not yet solved.

Nov 25 2021, 6:14 AM · gnupg (gpg22), Bug Report

• gniibe updated the task description for T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

Nov 25 2021, 5:52 AM · gnupg (gpg23), Bug Report

• gniibe committed rE50e0f32b1935: build,tests: Run t-lock-single-posix only on platforms supported. (authored by • gniibe).

build,tests: Run t-lock-single-posix only on platforms supported.

Nov 25 2021, 4:45 AM

• gniibe committed rM8148237cb4ae: posix: Use poll instead, when available, removing use of select. (authored by • gniibe).

posix: Use poll instead, when available, removing use of select.

Nov 25 2021, 4:13 AM

• gniibe changed the status of T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS from Open to Testing.

Reading the documentation of musl, it seems that there are no equivalent feature which detects if an application is single-threaded or not.

Nov 25 2021, 4:11 AM · gpgrt, Bug Report

• gniibe added a project to T5637: Use poll for libgcrypt (support more than 1024 fds): Restricted Project.

Nov 25 2021, 3:31 AM · libgcrypt, Feature Request

• gniibe claimed T2385: support more than 1024 fds..

Nov 25 2021, 3:29 AM · gpgrt, Feature Request, gpgme

• gniibe added a project to T2385: support more than 1024 fds.: Restricted Project.

Nov 25 2021, 3:29 AM · gpgrt, Feature Request, gpgme

l10n daemon script <scripty@kde.org> committed rKLEOPATRAc63b9664dcf8: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).

GIT_SILENT made messages (after extraction)

Nov 25 2021, 1:30 AM

Nov 24 2021

• aheinecke committed rKLEOPATRAa2fd11a87974: Change std::mutex to QMutex for portability (authored by • aheinecke).

Change std::mutex to QMutex for portability

Nov 24 2021, 5:38 PM

• aheinecke committed rW88b5f0b327f2: Fix gen-tarball for git archvie and update pkgs (authored by • aheinecke).

Fix gen-tarball for git archvie and update pkgs

Nov 24 2021, 5:37 PM

• aheinecke committed rW2a3f8585cf04: Update ECM and remove related libkleo patch (authored by • aheinecke).

Update ECM and remove related libkleo patch

Nov 24 2021, 5:37 PM

• ikloecker committed rKLEOPATRAda5e65e83a03: Restrict file operations to OpenPGP if CMS is disabled (authored by • ikloecker).

Restrict file operations to OpenPGP if CMS is disabled

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRA6e23b46c260c: Filter out any non-OpenPGP keys in filtered key lists if CMS is disabled (authored by • ikloecker).

Filter out any non-OpenPGP keys in filtered key lists if CMS is disabled

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRA556f70fabd67: GIT_SILENT: Modernize code (authored by • ikloecker).

GIT_SILENT: Modernize code

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRAa541238972ca: Do not offer creation of S/MIME certificate requests if CMS is disabled (authored by • ikloecker).

Do not offer creation of S/MIME certificate requests if CMS is disabled

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRAf593e1df1134: Offer CMS-specific actions only if CMS is enabled (authored by • ikloecker).

Offer CMS-specific actions only if CMS is enabled

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRA489204d86bf3: Offer only OpenPGP keys for signing/encrypting notepad if CMS is disabled (authored by • ikloecker).

Offer only OpenPGP keys for signing/encrypting notepad if CMS is disabled

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRAb22938a68cf8: Add option to disable CMS-only functionality in the main UI (authored by • ikloecker).

Add option to disable CMS-only functionality in the main UI

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRAf2166808794e: Add support for QPointer<T> to KDAB_SET_OBJECT_NAME() (authored by • ikloecker).

Add support for QPointer<T> to KDAB_SET_OBJECT_NAME()

Nov 24 2021, 12:37 PM

• ikloecker committed rKLEOPATRAd26810c90af8: Modernize API of make_actions_from_data() (authored by • ikloecker).

Modernize API of make_actions_from_data()

Nov 24 2021, 12:37 PM

• ikloecker committed rLIBKLEO359c6bad4ac0: Bump library version (authored by • ikloecker).

Bump library version

Nov 24 2021, 12:28 PM

• ikloecker committed rLIBKLEOc658a0a2a419: Add helper for removing elements matching a predicate from a vector (authored by • ikloecker).

Add helper for removing elements matching a predicate from a vector

Nov 24 2021, 12:28 PM

• ikloecker committed rLIBKLEOe76b558e90a1: Bump library version (authored by • ikloecker).

Bump library version

Nov 24 2021, 12:19 PM

• ikloecker committed rLIBKLEO83374e3f9514: Add possibility to force filtering by protocol for all filters (authored by • ikloecker).

Add possibility to force filtering by protocol for all filters

Nov 24 2021, 12:19 PM

• ikloecker committed rLIBKLEO200ceb8e72d5: Check if key matches for super class before checking special rule (authored by • ikloecker).

Check if key matches for super class before checking special rule

Nov 24 2021, 12:19 PM

• aheinecke committed rW706cf4ba3dce: Improve gen-tarball script (authored by • aheinecke).

Improve gen-tarball script

Nov 24 2021, 12:18 PM

• aheinecke committed rWeb55b5a7cdbe: Fix execute flag of qt patch (authored by • aheinecke).

Fix execute flag of qt patch

Nov 24 2021, 12:18 PM

• aheinecke committed rW7b39036f2156: Fix gen-tarball for make dist packages (authored by • aheinecke).

Fix gen-tarball for make dist packages

Nov 24 2021, 12:18 PM

• aheinecke committed rW28e3e9093ae1: Update download target in Makefile (authored by • aheinecke).

Update download target in Makefile

Nov 24 2021, 12:18 PM

• aheinecke committed rWe4fa4a4d6ad5: Fix Gpg4win-3 detection (authored by • aheinecke).

Fix Gpg4win-3 detection

Nov 24 2021, 12:18 PM

• aheinecke committed rW8322d96dc24b: Update GPGME, Kleopatra and Libkleo (authored by • aheinecke).

Update GPGME, Kleopatra and Libkleo

Nov 24 2021, 12:18 PM

• gniibe committed rC40ab39966650: fips: Release random resources after selftests. (authored by • gniibe).

fips: Release random resources after selftests.

Nov 24 2021, 5:54 AM

• gniibe committed rC204be8a385ae: random: Extend semantics of _gcry_random_close_fds. (authored by • gniibe).

random: Extend semantics of _gcry_random_close_fds.

Nov 24 2021, 5:37 AM

• gniibe triaged T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS as Normal priority.

Nov 24 2021, 3:20 AM · gpgrt, Bug Report

• gniibe added a comment to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

In the libgpg-error implementation, it may skip synchronization when it can detect an application is single threaded. The t-lock-single-thread test checks if it really skips as intended.

Nov 24 2021, 3:20 AM · gpgrt, Bug Report

• gniibe claimed T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

Nov 24 2021, 2:55 AM · gpgrt, Bug Report

• gniibe added a comment to T5393: gnupg coverity static analysis reports.

Thank you.

Nov 24 2021, 2:52 AM · gnupg (gpg23), Bug Report

• gniibe committed rG426d82fcf1c1: gpg: Fix function prototype to match declaration. (authored by Jakuje).

gpg: Fix function prototype to match declaration.

Nov 24 2021, 2:52 AM

• gniibe committed rG46efee8cb700: kbx: Fix allocation check (authored by Jakuje).

kbx: Fix allocation check

Nov 24 2021, 2:52 AM

• gniibe committed rG6ee3eb420207: homedir: Avoid memory leaks on errors (authored by Jakuje).

homedir: Avoid memory leaks on errors

Nov 24 2021, 2:52 AM

• gniibe committed rG940af3f05231: dirmngr: Avoid memory leaks on errors (authored by Jakuje).

dirmngr: Avoid memory leaks on errors

Nov 24 2021, 2:52 AM

• gniibe committed rG07671917e476: gpg: Fix key conversion for SSH. (authored by • gniibe).

gpg: Fix key conversion for SSH.

Nov 24 2021, 2:45 AM

• gniibe committed rGa9be9f4e6e6d: gpg: Fix format_keyid. (authored by • gniibe).

gpg: Fix format_keyid.

Nov 24 2021, 2:45 AM

l10n daemon script <scripty@kde.org> committed rKLEOPATRA4c762ae60aea: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).

GIT_SILENT made messages (after extraction)

Nov 24 2021, 1:29 AM

Nov 23 2021

joelnordell added a comment to T5702: Display prompt to user when YubiKey is waiting for touch confirmation.

Thanks @ikloecker - I'll rebase to the original repo and send it to the email list.

Nov 23 2021, 4:36 PM · patch, Feature Request

• ikloecker added a comment to T5702: Display prompt to user when YubiKey is waiting for touch confirmation.

And you may want to read the section "Sending patches" of https://dev.gnupg.org/source/gnupg/browse/master/doc/HACKING.

Nov 23 2021, 4:08 PM · patch, Feature Request

Jakuje added a comment to T5393: gnupg coverity static analysis reports.

(forgot to upload the patch to the last comment)

gnupg-coverity.patch3 KBDownload

Nov 23 2021, 3:59 PM · gnupg (gpg23), Bug Report

Jakuje added a comment to T5393: gnupg coverity static analysis reports.

I am fine with either way. The memcmp variant is probably cleaner to make sure all works as expected in all cases.

Nov 23 2021, 3:59 PM · gnupg (gpg23), Bug Report

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Hi Werner, Here is the DCO. Thanks.

Nov 23 2021, 3:51 PM · patch, ppc, libgcrypt, Feature Request

• werner triaged T5701: Mismatch between enums and config table as High priority.

Thanks for the well written bug report and the fix.

Nov 23 2021, 1:29 PM · gnupg (gpg23), Bug Report

• werner changed the status of T5644: Heuristic for default reader detection from Open to Testing.

Nov 23 2021, 1:28 PM · Restricted Project, Feature Request, gnupg (gpg22)

• werner closed T5650: Check problems with gpgconf and global config files as Resolved.

Nov 23 2021, 1:27 PM · Restricted Project, gnupg (gpg22)

• werner closed T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu as Resolved.

Nov 23 2021, 1:26 PM · Restricted Project, scd, ssh, Bug Report

• werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2021q4/000467.html on T5641: Release GnuPG 2.2.33.

Nov 23 2021, 1:26 PM · Release Info, gnupg (gpg22)

adriaandegroot added a comment to T5701: Mismatch between enums and config table.

So that you don't need to chase the downstream bug report, the problem from a user's perspective looks like this:

Nov 23 2021, 12:21 PM · gnupg (gpg23), Bug Report

• werner committed rD590e4c8499d9: swdb: GnuPG 2.2.33 (authored by • werner).

swdb: GnuPG 2.2.33

Nov 23 2021, 12:17 PM

• werner committed rW3ab78a7bbf49: version-3: Update GnuPG to 2.2.33 (authored by • werner).

version-3: Update GnuPG to 2.2.33

Nov 23 2021, 12:06 PM

• werner updated the task description for T5641: Release GnuPG 2.2.33.

Nov 23 2021, 11:56 AM · Release Info, gnupg (gpg22)

• werner committed rG9adee2dd3383: po: Auto update (authored by • werner).

po: Auto update

Nov 23 2021, 11:49 AM

• werner committed rG65c80d6b0f6a: Post release updates (authored by • werner).

Post release updates

Nov 23 2021, 11:49 AM

• werner committed rG007fea8ce9af: po: Update Russian translation. (authored by Ineiev <ineiev@gnu.org>).

po: Update Russian translation.

Nov 23 2021, 11:49 AM

• werner committed rG457f6ac1ef6d: Release 2.2.33 (authored by • werner).

Release 2.2.33

Nov 23 2021, 11:49 AM

• werner triaged T5703: Release GnuPG 2.2.34 as Low priority.

Nov 23 2021, 11:47 AM · Release Info, gnupg (gpg22)

Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you. Extending the semantics of GCRYCTL_CLOSE_RANDOM_DEVICE sounds good to me. I think the deinit functions were created initially especially not to change the semantics of existing code using GCRYCTL_CLOSE_RANDOM_DEVICE, but I agree that it will probably not be an issue.

Nov 23 2021, 9:59 AM · FIPS, libgcrypt, Bug Report

• werner closed T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired as Resolved.

Nov 23 2021, 9:18 AM · gnupg (gpg22), Bug Report

• werner closed T5205: GNuPG compile error as Resolved.

Nov 23 2021, 9:17 AM · gnupg (gpg22), toolchain, Support

• ikloecker claimed T5688: Kleopatra: Configure to hide CSR creation.

Nov 23 2021, 9:17 AM · kleopatra, Restricted Project

• werner updated the task description for T5058: Review --trusted-key.

Nov 23 2021, 9:16 AM · gnupg24, gnupg (gpg23)

• ikloecker added a comment to T5690: Kleopatra: Custom placeholder text in newcertificatewizard.

Example:

[CertificateCreationWizard]
CN_placeholder=Common Name
CN_prefill=false
EMAIL_placeholder=name@example.com
EMAIL_prefill=false
NAME_placeholder=Firstname Lastname
NAME_prefill=false

Nov 23 2021, 9:16 AM · kleopatra, Restricted Project

• werner closed T5120: Incompatible Ed25519 secret key (no-encryption), a subtask of T5114: GnuPG fails to import back generated and exported EdDSA secret key., as Resolved.

Nov 23 2021, 9:15 AM · gnupg, Restricted Project, gpgagent, Bug Report

• werner closed T5120: Incompatible Ed25519 secret key (no-encryption) as Resolved.

I guess this is solved. Feel free to re-open and schedule for 2.2.34

Nov 23 2021, 9:15 AM · gnupg (gpg22), Bug Report

• werner lowered the priority of T5235: Delays in dirmngr http connections on Windows from Normal to Low.

Nov 23 2021, 9:14 AM · can't replicate, dirmngr, ntbtls, Windows, gnupg (gpg22)

• werner added a project to T5235: Delays in dirmngr http connections on Windows: can't replicate.

Might be a TOR Thing?

Nov 23 2021, 9:14 AM · can't replicate, dirmngr, ntbtls, Windows, gnupg (gpg22)

• werner closed T5656: Error emitted: gpg: error reading symlink '/proc/curproc/file': No such file or directory as Resolved.

Nov 23 2021, 9:07 AM · gnupg (gpg23), MacOS, Bug Report

• werner triaged T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le as Normal priority.

FWIW: We need a DCO; see doc/HACKING.

Nov 23 2021, 9:06 AM · patch, ppc, libgcrypt, Feature Request

• werner added a project to T5701: Mismatch between enums and config table: gnupg (gpg23).

Nov 23 2021, 9:04 AM · gnupg (gpg23), Bug Report

• werner changed the status of T5598: AppImage of gpg from Open to Testing.

Nov 23 2021, 9:03 AM · AppImage, gnupg, Restricted Project, Feature Request

• werner changed the status of T5598: AppImage of gpg, a subtask of T5592: AppImage of Kleopatra, from Open to Testing.

Nov 23 2021, 9:03 AM · Restricted Project, kleopatra, Feature Request

• werner added a comment to T5598: AppImage of gpg.

No, too much release work. Better just one AppImage. Or well one VSD (based on 2.2) and one regular (based on 2.3)

Nov 23 2021, 9:02 AM · AppImage, gnupg, Restricted Project, Feature Request

• ikloecker changed the status of T5690: Kleopatra: Custom placeholder text in newcertificatewizard from Open to Testing.

Nov 23 2021, 8:59 AM · kleopatra, Restricted Project

• ikloecker added a comment to T5690: Kleopatra: Custom placeholder text in newcertificatewizard.

I have decided to use two different sets of settings for the placeholders and for controlling the prefilling of the values. Overloading the semantics of a specified placeholder text would have confused users and developers alike.

Nov 23 2021, 8:58 AM · kleopatra, Restricted Project

• ikloecker committed rKLEOPATRA61dd7d8868b2: Allow prefilling of name/email for new certificates to be disabled (authored by • ikloecker).

Allow prefilling of name/email for new certificates to be disabled

Nov 23 2021, 8:48 AM

• ikloecker committed rKLEOPATRAaa694114b663: Allow specifying placeholder texts for name and email entry fields (authored by • ikloecker).

Allow specifying placeholder texts for name and email entry fields

Nov 23 2021, 8:48 AM

• aheinecke committed rW7c09f71fb8a1: Update libassuan and libgpg-error (authored by • aheinecke).

Update libassuan and libgpg-error

Nov 23 2021, 8:35 AM

• aheinecke committed rW53f24161241d: Update libkleo and kleopatra (authored by • aheinecke).

Update libkleo and kleopatra