scd: New debug flags "card".
scd:p15: Fix reading certificates without length info.
scd:p15: Fix reading certificates without length info.
scd: New debug flags "card".
I've applied the patch and can confirm that the segfault is fixed, but gpg still has severe problems communicating with the Yubikey over pcsc-lite.
Force the entered expiration date into the allowed range
Reword UI texts for refresh command
Use RefreshOpenPGPKeysJob for OpenPGP and show detailed result
qt: Revert change of result signal of RefreshKeysJob
qt: Use lambda instead of std::bind
cpp: Allow retrieving import result of key listing with locate mode
qt: Emit import result when refreshing OpenPGP keys
cpp: Allow merging the results of two imports
core: Handle import status lines during keylist operation
Ours are even newer (5.4.3). Did you the Yubico tools to switch to curve443?
In any case, is it possible that you apply my fix and test again?
scd:openpgp: Fix a segv for cards supporting unknown curves.
Your Yubikey's firmware version is 5.2.7 - let me see what versions we have in stock to test my fix.
This can be bypassed by entering the date manually, was reported by a customer and I have just confirmed this.
When we implemented this first, Libgcrypt had no appropriate KDF support. I recall that I considered to change this but it turned out the for 2.2 the changes are too large. For 2.3 we will consider such a change.
Laurent Montel <montel@kde.org> committed
rKLEOPATRA6674f3752bec: Remove duplicate header between header cpp file (authored by Laurent Montel <montel@kde.org>).
Remove duplicate header between header cpp file
I've taken the liberty to regenerate the valgrind report including libc and gnupg debugsyms. Maybe it'll help.
I am not sure about the crash but the unknown curve is
1.3.6.1.4.1.11591.15.1.2 which seems to be a GNU OID for curve448
It segfaults on SERIALNO. Here's what valgrind outputs:
What I would do in this case is to stop the gnupg daemon amd anything whiuch might start them and run scdaemon under valgrind.
Update binary version of GnuPG with Authenticode signed builds.
Fix quoting in AUTHENTICODE_sign make template
Fix use of osslsigncode along with stow
Nitrokey Start uses Gnuk as its firmware. You need to upgrade its firmware to version 1.2.16 or newer.
Please note that when upgrading the firmware, your keys will be removed.
GIT_SILENT Clear list of words to ignore by codespell (again)
GIT_SILENT Clear list of words to ignore by codespell (again)
Laurent Montel <montel@kde.org> committed
rLIBKLEO5b8c1d5bfec8: GIT_SILENT: exclude .xml file (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: exclude .xml file
Laurent Montel <montel@kde.org> committed
rLIBKLEO744dcc2eb7eb: GIT_SILENT: compile fine without deprecated kf5.94 method (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: compile fine without deprecated kf5.94 method
Laurent Montel <montel@kde.org> committed
rKLEOPATRA5d7ef9b1dbd4: GIT_SILENT: compile fine without deprecated kf5.94 method (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: compile fine without deprecated kf5.94 method
Laurent Montel <montel@kde.org> committed
rKLEOPATRA86eb466e36f2: GIT_SILENT: exclude .xml file (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: exclude .xml file
Its a nitrokey start. I gave it another spin just to make sure, and again when updating to openssh 9.0 and "gpg (GnuPG) 2.3.6-unknown", it fails (again with careful gpgconf --kill gpg-agent etc. Double checked the downloaded source code by arch's makepkg, appears to have that patch applied. Also tried adding -o KexAlgorithms=-sntrup761x25519-sha512@openssh.com to the ssh command, which didn't help.
Looks like somebody is writing to the shared config after it has been destroyed already. Probably some global object that is destroyed by the runtime on shutdown.
Debian requires all builds to use software that we have local copies of in the archive, which appears to rule out the use of speedo (it fetches source over the internet during build). So i've to annotate that the Windows builds need a different version of libgpg-error than that defined in .
Return null subkey if there are no subkeys with the given key grip
Add possibility to refresh an individual certificate
qt: Use GpgME::Locate alias
qt: Add job for refreshing OpenPGP keys
qt,doc: Fix some API documentation
qt: Factor out helper for getting the fingerprints of some keys
cpp: Add RAII class for saving/restoring the key list mode
qt: Add debug helper for Result classes with output stream operator
Add EN version of privacy policy
msi: Add installers target to prepare unsigned msi
qt: Fix connection to readyReadStandardOutput signal
qt: Add test runner for refresh job
qt: Make RefreshKeysJob result compatible with standard job result
qt: Allow refreshing a list of keys
qt: Rename QGpgMERefreshKeysJob to QGpgMERefreshSMIMEKeysJob
cpp,tests: Verify that requested keylist mode is used
Background: I encountered a problem error message shows irrelevant; While it should say 'No such file or directly', it says 'Unknown Packet'.
FWIW, the original idea with gpgscm was to provide code which does no rely on any gpg stuff so it can be merged back into upstream. I am not sure whether this still makes sense.
gpgscm: Fix handling an error for chdir.
tests: Fix plain invocation of "make check".
tests: Add a test for Ed25519 keys for non-protected secret.
tests: Add a test for Ed25519 keys for non-protected secret.
Please describe what token is used. For my use cases with rGe8fb8e2b3e66: scd: Don't inhibit SSH authentication for larger data if it can., both of Gnuk (>= 1.2.16) and Yubikey (>= 5) work well.
l10n daemon script <scripty@kde.org> committed
rLIBKLEO7bce371453c3: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
l10n daemon script <scripty@kde.org> committed
rLIBKLEO628b00f20593: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
Alexander Lohnau <alexander.lohnau@gmx.de> committed
rKLEOPATRA6020c349d539: Remove ServiceTypes from context menu services (authored by Nicolas Fella <nicolas.fella@gmx.de>).
Remove ServiceTypes from context menu services
Nicolas Fella <nicolas.fella@gmx.de> committed
rKLEOPATRA3a4acbad14dc: Remove ServiceTypes from context menu services (authored by Nicolas Fella <nicolas.fella@gmx.de>).
Remove ServiceTypes from context menu services
tests/basic: add testing for partial bulk processing code paths
sm4: add XTS bulk processing
sm4-aesni-avx2: add generic 1 to 16 block bulk processing function
camellia-avx2: add bulk processing for XTS mode
Add SM4 x86-64/GFNI/AVX2 implementation
sm4: deduplicate bulk processing function selection
Move bulk OCB L pointer array setup code to common header
cipher/bulkhelp: add functions for CTR/CBC/CFB/OCB bulk processing
camellia-avx2: add partial parallel block processing
Add detection for HW feature "intel-gfni"
Add GFNI/AVX2 implementation of Camellia