Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jun 14 2022

gniibe committed rS84bca08b45a3: Add back LABEL to cert. (authored by gniibe).
Add back LABEL to cert.
Jun 14 2022, 1:06 PM
gniibe committed rS1f1a51cd496d: Fix keyinfo listing. (authored by gniibe).
Fix keyinfo listing.
Jun 14 2022, 10:41 AM
gniibe committed rSb075581f0a34: Change the slot allocation logic. (authored by gniibe).
Change the slot allocation logic.
Jun 14 2022, 10:17 AM
gniibe committed rS5b456d22cb95: Fix slot_get_status. (authored by gniibe).
Fix slot_get_status.
Jun 14 2022, 9:01 AM
gniibe committed rS573b335a32b3: Cleanup. (authored by gniibe).
Cleanup.
Jun 14 2022, 9:01 AM
gniibe committed rS1a5d0f025318: Fix C_GetSlotInfo. (authored by gniibe).
Fix C_GetSlotInfo.
Jun 14 2022, 9:01 AM
gniibe committed rScdef61e65657: Add back the LABEL object. (authored by gniibe).
Add back the LABEL object.
Jun 14 2022, 9:01 AM
gniibe committed rSfe2763cb0a13: Fix for valid tokens. (authored by gniibe).
Fix for valid tokens.
Jun 14 2022, 9:01 AM
gniibe committed rS5348944e08da: Fix for CKA_ID. (authored by gniibe).
Fix for CKA_ID.
Jun 14 2022, 9:01 AM
gniibe committed rS07848a48bb11: Remove doc/version.texi from repo, as it's a generated file. (authored by gniibe).
Remove doc/version.texi from repo, as it's a generated file.
Jun 14 2022, 9:01 AM
gniibe committed rS39cd3d4a9521: Allow development with no VPATH build. (authored by gniibe).
Allow development with no VPATH build.
Jun 14 2022, 9:01 AM
gniibe committed rS22caf3116f4c: Experiment with KEYGRIP approach. (authored by gniibe).
Experiment with KEYGRIP approach.
Jun 14 2022, 9:01 AM
gniibe committed rS75e32e4a15b1: Use serialno of the card for the label. (authored by gniibe).
Use serialno of the card for the label.
Jun 14 2022, 9:01 AM
gniibe committed rS659d31e5d61d: Use the grip for scute_agent_get_cert. (authored by gniibe).
Use the grip for scute_agent_get_cert.
Jun 14 2022, 9:01 AM
gniibe committed rSaa4923375d44: No CERTREF any more. Use the grip. (authored by gniibe).
No CERTREF any more. Use the grip.
Jun 14 2022, 9:01 AM
gniibe committed rG4dbef2addca8: keygen: Fix reading AEAD preference (authored by Jakuje).
keygen: Fix reading AEAD preference
Jun 14 2022, 8:39 AM
gniibe added a project to T6019: Parsing AEAD preference string parsing causes reads uninitialized memory: Restricted Project.

Thank you. Applied.

Jun 14 2022, 8:39 AM · patch, gnupg (gpg23), Bug Report

Jun 13 2022

gniibe claimed T6019: Parsing AEAD preference string parsing causes reads uninitialized memory.
Jun 13 2022, 10:24 AM · patch, gnupg (gpg23), Bug Report
gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

I realized that we need to invent a way to represent KEYGRIP (40-byte string) in the scheme of PKCS#11; PKCS#11 uses fixed-size string (space padded) for it's label (32) and serialno (16). Basically, it identifies the device by slot number.

Jun 13 2022, 7:59 AM · Feature Request, scute

Jun 10 2022

gniibe committed rS60f19aa4977e: First step for multiple device support. Use keygrip. (authored by gniibe).
First step for multiple device support. Use keygrip.
Jun 10 2022, 9:19 AM
gniibe committed rS14afb3b7d293: Remove $DISPSERIALNO support. (authored by gniibe).
Remove $DISPSERIALNO support.
Jun 10 2022, 9:19 AM
gniibe committed rS0b287cd78dd6: Only use the first slot for now. (authored by gniibe).
Only use the first slot for now.
Jun 10 2022, 9:19 AM
gniibe committed rGdd600bbc84dd: scd: Support specifying keygrip for learn command. (authored by gniibe).
scd: Support specifying keygrip for learn command.
Jun 10 2022, 6:55 AM
gniibe committed rG273b8ec1931d: scd,openpgp: Support READCERT by keygrip. (authored by gniibe).
scd,openpgp: Support READCERT by keygrip.
Jun 10 2022, 4:47 AM

Jun 9 2022

gniibe closed T5831: Backport (f808012a) scd: Use lock_slot for apdu_send_direct. to GnuPG 2.2 as Resolved.
Jun 9 2022, 7:56 AM · gnupg (gpg22), Bug Report, scd
gniibe closed T5917: gpg-agent: Not writing password into file as Resolved.
Jun 9 2022, 7:55 AM · Bug Report, gpgagent
gniibe added a comment to T5804: Using empty passphrase key pair, gpg2.3.4 fails to decrypt with error "No passphrase given" on a gpg1.4/2.0 keyring format even though the secret keys migration was successful .

Because it's the library which refuses null passphrase as input, only possible options are either:

Jun 9 2022, 7:50 AM · gnupg24, Bug Report
gniibe committed rGaeee62593ae9: agent,scd: Make sure to set CONFIDENTIAL flag in Assuan. (authored by gniibe).
agent,scd: Make sure to set CONFIDENTIAL flag in Assuan.
Jun 9 2022, 7:44 AM
gniibe added a comment to T5977: Smartcard PIN stays in clear in memory.

Backported to GnuPG 2.2.

Jun 9 2022, 7:39 AM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report

Jun 8 2022

gniibe added a project to T6018: libassuan: Coverity reports: Restricted Project.

Applied the changes.

Jun 8 2022, 2:20 PM · patch, libassuan, Bug Report
gniibe committed rA850f404ef079: config: Remove 18 years unused variable (authored by Jakuje).
config: Remove 18 years unused variable
Jun 8 2022, 12:56 PM
gniibe committed rA2e310bb10e33: tests: Remove dead code (authored by Jakuje).
tests: Remove dead code
Jun 8 2022, 12:56 PM
gniibe committed rA70b465e0bf65: tests: Avoid leaking file descriptors on errors (authored by Jakuje).
tests: Avoid leaking file descriptors on errors
Jun 8 2022, 12:56 PM
gniibe committed rC6d32bf80846a: kdf: Add support for One-Step KDF with MAC. (authored by gniibe).
kdf: Add support for One-Step KDF with MAC.
Jun 8 2022, 6:42 AM
gniibe renamed T5912: libgpg-error: Drop WindowsCE support from libgpg-err: Drop WindowsCE support to libgpg-error: Drop WindowsCE support.
Jun 8 2022, 6:40 AM · gpgrt
gniibe renamed T5862: authentication with USB token from authentication with USB token, ~~screen lock on token removal~~ to authentication with USB token.
Jun 8 2022, 4:08 AM · gpgagent, Feature Request, scd
gniibe renamed T5862: authentication with USB token from authentication with USB token, screen lock on token removal to authentication with USB token, ~~screen lock on token removal~~.
Jun 8 2022, 4:07 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Now, it also supports a reader with pinpad.

Jun 8 2022, 3:38 AM · gpgagent, Feature Request, scd

Jun 7 2022

gniibe claimed T6018: libassuan: Coverity reports.
Jun 7 2022, 1:56 PM · patch, libassuan, Bug Report
gniibe committed rE13e7650f4924: Remove WindowsCE support. (authored by gniibe).
Remove WindowsCE support.
Jun 7 2022, 11:00 AM
gniibe committed rE043ce98bfb5c: More for WindowsCE support removal. (authored by gniibe).
More for WindowsCE support removal.
Jun 7 2022, 11:00 AM
gniibe added a comment to T5912: libgpg-error: Drop WindowsCE support.

Created gniibe/t5912 branch.
It works for me.

Jun 7 2022, 9:31 AM · gpgrt
gniibe committed rCf8c983cb14f8: kdf: Add One-Step KDF with hash. (authored by gniibe).
kdf: Add One-Step KDF with hash.
Jun 7 2022, 8:58 AM
gniibe committed rC8d8e80ad7536: Fix for struct gcry_thread_cbs. (authored by gniibe).
Fix for struct gcry_thread_cbs.
Jun 7 2022, 8:58 AM
gniibe added a comment to T5964: gnupg should use the KDFs implemented in libgcrypt.

I can only find this one: https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors

Jun 7 2022, 8:51 AM · gnupg26, FIPS, Feature Request

Jun 6 2022

gniibe added projects to T5862: authentication with USB token: gpgagent, Restricted Project.
Jun 6 2022, 7:02 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Updated (with T6012):

authproto-gpg-auth2.sh3 KBDownload

handle-inquiry2.sh327 BDownload

Jun 6 2022, 7:00 AM · gpgagent, Feature Request, scd

Jun 2 2022

gniibe added a project to T6012: gpg-agent: Add --format=ssh option for READKEY: Restricted Project.
Jun 2 2022, 1:48 PM · gpgagent, Feature Request
gniibe committed rGd7a3c455c5e2: agent: Support --format=ssh option for READKEY. (authored by gniibe).
agent: Support --format=ssh option for READKEY.
Jun 2 2022, 1:47 PM
gniibe triaged T6012: gpg-agent: Add --format=ssh option for READKEY as Normal priority.
Jun 2 2022, 10:54 AM · gpgagent, Feature Request
gniibe added a project to T6010: gpg-connect-agent: /definqprog semantics enhancement: Restricted Project.
Jun 2 2022, 8:53 AM · Feature Request, scd
gniibe committed rG5a327e8001c4: tools: Add a way to cancell INQUIRE for gpg-connect-agent. (authored by gniibe).
tools: Add a way to cancell INQUIRE for gpg-connect-agent.
Jun 2 2022, 8:52 AM
gniibe added a comment to T5862: authentication with USB token.

See https://github.com/google/xsecurelock/blob/master/helpers/authproto.h
for the interaction between xsecurelock and the helper.

Jun 2 2022, 8:25 AM · gpgagent, Feature Request, scd
gniibe triaged T6010: gpg-connect-agent: /definqprog semantics enhancement as Normal priority.
Jun 2 2022, 8:15 AM · Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

I changed gpg-connect-agent (added --unbuffered option) so that we can write shell script interacting gpg-agent.

Jun 2 2022, 8:06 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Wrote a shell script for xsecurelock's authproto (helper executable):

authproto-gpg-auth.sh2 KBDownload

Jun 2 2022, 8:02 AM · gpgagent, Feature Request, scd
gniibe committed rG24d02b8a3275: tools: Add --unbuffered option to gpg-connect-agent. (authored by gniibe).
tools: Add --unbuffered option to gpg-connect-agent.
Jun 2 2022, 6:23 AM

Jun 1 2022

gniibe claimed T5931: OpenSSH 8.9, 9.0, and 9.1 can't authenticate with gpg-agent and usb token (Gnuk >= 1.2.16 is required).
Jun 1 2022, 5:09 AM · gnupg24, workaround, Documentation, gnupg (gpg23), ssh, gpgagent
gniibe claimed T5973: libgcrypt: Minor test issues reported by coverity.
Jun 1 2022, 5:09 AM · backport, patch, libgcrypt, Bug Report
gniibe claimed T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd').
Jun 1 2022, 5:08 AM · backport, hppa, libgcrypt, Gentoo, Bug Report
gniibe claimed T5980: compilation error libgcrypt 1.10.1.
Jun 1 2022, 5:08 AM · backport, ppc, AIX, libgcrypt, Bug Report
gniibe claimed T5977: Smartcard PIN stays in clear in memory.
Jun 1 2022, 5:05 AM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report
gniibe committed rP523a4f2d5d1c: Remove old code which makes sure NUL-termination of strings. (authored by gniibe).
Remove old code which makes sure NUL-termination of strings.
Jun 1 2022, 4:54 AM
gniibe committed rP0d3be7b81eb1: Remove USE_CAPABILITIES. (authored by gniibe).
Remove USE_CAPABILITIES.
Jun 1 2022, 4:54 AM
gniibe committed rP88cad4621be3: secmem: Remove use of cap_set_proc. (authored by gniibe).
secmem: Remove use of cap_set_proc.
Jun 1 2022, 4:54 AM
gniibe committed rP96771ae57e86: pinentry: Remove dead code (authored by Jakuje).
pinentry: Remove dead code
Jun 1 2022, 4:54 AM
gniibe committed rPcd753c8560cd: pinentry: Terminate the buffer in the right place (authored by Jakuje).
pinentry: Terminate the buffer in the right place
Jun 1 2022, 4:54 AM
gniibe committed rPc2e7cc560bdb: secmem: Do not pass negative values to strerr (authored by Jakuje).
secmem: Do not pass negative values to strerr
Jun 1 2022, 4:54 AM
gniibe triaged T6007: coverity issues in pinentry as Normal priority.
Jun 1 2022, 4:35 AM · pinentry, Bug Report
gniibe added a project to T6007: coverity issues in pinentry: Restricted Project.
Jun 1 2022, 4:35 AM · pinentry, Bug Report
gniibe committed rCd7c900a97b62: secmem: Clean up ERRNO handling. (authored by gniibe).
secmem: Clean up ERRNO handling.
Jun 1 2022, 4:14 AM
gniibe committed rCfd9aa21983a1: secmem: Remove RISC OS support. (authored by gniibe).
secmem: Remove RISC OS support.
Jun 1 2022, 4:14 AM
gniibe committed rC43f51d0ec6b5: secmem: Remove getting cap_ipc_lock by capabilities support. (authored by gniibe).
secmem: Remove getting cap_ipc_lock by capabilities support.
Jun 1 2022, 4:14 AM
gniibe claimed T6007: coverity issues in pinentry.

I take this ticket. The way to go is removing all such cases.

Jun 1 2022, 2:06 AM · pinentry, Bug Report

May 31 2022

gniibe added a comment to T6007: coverity issues in pinentry.

Reference to a CVE for old MinGW-W64: https://nvd.nist.gov/vuln/detail/CVE-2018-1000101
https://sourceforge.net/p/mingw-w64/bugs/709/

May 31 2022, 3:40 PM · pinentry, Bug Report
gniibe moved T5975: Allow signature verification using specific RSA keys <2k in FIPS mode from Next to Ready for release on the FIPS board.
May 31 2022, 11:16 AM · backport, patch, libgcrypt, FIPS, Feature Request
gniibe added a comment to T5973: libgcrypt: Minor test issues reported by coverity.

Also applied to 1.10.

May 31 2022, 8:27 AM · backport, patch, libgcrypt, Bug Report
gniibe committed rCa15cb31bf733: tests: Fix copy paste error (authored by Jakuje).
tests: Fix copy paste error
May 31 2022, 8:25 AM
gniibe committed rCef2e1523c33c: Fix memory leaks in tests (authored by Jakuje).
Fix memory leaks in tests
May 31 2022, 8:25 AM
gniibe added a project to T5973: libgcrypt: Minor test issues reported by coverity: Restricted Project.
May 31 2022, 8:25 AM · backport, patch, libgcrypt, Bug Report
gniibe added a comment to T5973: libgcrypt: Minor test issues reported by coverity.

Applied and pushed.

May 31 2022, 8:24 AM · backport, patch, libgcrypt, Bug Report
gniibe added a comment to T5964: gnupg should use the KDFs implemented in libgcrypt.

I learned that it's now called "OneStep KDF" in SP 800-56Cr2.
It's "SSKDF" in OpenSSL (Single Step KDF, perhaps).

May 31 2022, 8:17 AM · gnupg26, FIPS, Feature Request

May 27 2022

gniibe committed rG9f1dcfc7a7b4: agent: New field "Prompt" to prevent asking card key insertion. (authored by gniibe).
agent: New field "Prompt" to prevent asking card key insertion.
May 27 2022, 3:02 AM
gniibe added a project to T5987: card: New field to specify refusing operations when card/token is not available: Restricted Project.
May 27 2022, 3:02 AM · ssh, gpgagent, scd
gniibe added a comment to T5987: card: New field to specify refusing operations when card/token is not available.

Default is "yes". When Prompt: no is specified, it doesn't ask but fails.

May 27 2022, 2:48 AM · ssh, gpgagent, scd
gniibe added a comment to T5987: card: New field to specify refusing operations when card/token is not available.

The behavior has been changed by T5996, to ask card insertion for the consistency of the semantics of configuration.

May 27 2022, 2:47 AM · ssh, gpgagent, scd
gniibe updated the task description for T5987: card: New field to specify refusing operations when card/token is not available.
May 27 2022, 2:45 AM · ssh, gpgagent, scd

May 26 2022

gniibe added a project to T5985: private-key: Support "Use-for-ssh" flag: Restricted Project.
May 26 2022, 10:39 AM · Feature Request, ssh, gpgagent
gniibe added a comment to T5985: private-key: Support "Use-for-ssh" flag.

With the change for T5996 applied, the semantics is clear. "Use-for-ssh" flag is a key not for "OpenPGP.3", but other keys (not only OpenPGP.[12], but also for normal keys.)

May 26 2022, 10:38 AM · Feature Request, ssh, gpgagent
gniibe committed rGd86b6c28fcca: agent,ssh: Support "Use-for-ssh" flag in private key. (authored by gniibe).
agent,ssh: Support "Use-for-ssh" flag in private key.
May 26 2022, 10:36 AM
gniibe committed rG193fcc2f7a8c: agent,ssh: Make not-inserted OpenPGP.3 keys available for SSH. (authored by gniibe).
agent,ssh: Make not-inserted OpenPGP.3 keys available for SSH.
May 26 2022, 10:20 AM
gniibe committed rG64c878610568: scd,piv: Fix status report of KEYPAIRINFO. (authored by gniibe).
scd,piv: Fix status report of KEYPAIRINFO.
May 26 2022, 10:20 AM
gniibe committed rGc07c79a1d795: agent: Fix get_keyinfo_on_cards. (authored by gniibe).
agent: Fix get_keyinfo_on_cards.
May 26 2022, 10:20 AM
gniibe committed rG295a6a759197: agent: Handle USAGE information in KEYINFO. (authored by gniibe).
agent: Handle USAGE information in KEYINFO.
May 26 2022, 10:20 AM
gniibe committed rG5264d3f58e8a: scd: Return USAGE information for KEYINFO command. (authored by gniibe).
scd: Return USAGE information for KEYINFO command.
May 26 2022, 10:20 AM
gniibe added a project to T5996: ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available: Restricted Project.
May 26 2022, 10:19 AM · ssh, gpgagent, scd

May 25 2022

gniibe added a project to T5702: Display prompt to user when YubiKey is waiting for touch confirmation: Restricted Project.

This feature is implemented in different way, by T5099.

May 25 2022, 1:11 PM · patch, Feature Request
gniibe added a subtask for T5702: Display prompt to user when YubiKey is waiting for touch confirmation: T5099: Confirmation dialog for remote access (restricted extra socket).
May 25 2022, 1:03 PM · patch, Feature Request
gniibe added a parent task for T5099: Confirmation dialog for remote access (restricted extra socket): T5702: Display prompt to user when YubiKey is waiting for touch confirmation.
May 25 2022, 1:03 PM · Feature Request, gnupg
gniibe committed rAaafbde956f88: struct assuan_context_s: Move boolean fields to flags. (authored by gniibe).
struct assuan_context_s: Move boolean fields to flags.
May 25 2022, 10:49 AM
First
Prev
Next