Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Thu, Sep 12

werner changed the status of T6815: PQC encryption for GnuPG from Open to Testing.

See new subtask T7290 for smartcards and the link entries mentioned above.

Thu, Sep 12, 2:32 PM · gnupg26, OpenPGP, PQC, gnupg
werner changed the status of T6815: PQC encryption for GnuPG, a subtask of T6638: PQC for GnuPG, from Open to Testing.
Thu, Sep 12, 2:32 PM · OpenPGP, PQC, gnupg
werner triaged T7290: Kyber+ECC with smartcards as Normal priority.
Thu, Sep 12, 2:31 PM · gnupg26, OpenPGP, PQC, gnupg

Mon, Sep 2

werner added a comment to T6395: ADSK Feature .

FWIW: the encryption part of the ADSK feature has been released with

Mon, Sep 2, 5:00 PM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), OpenPGP

Jun 6 2024

werner added a project to T7101: Automagically create a PGP key from a X.509 cert: Restricted Project.
Jun 6 2024, 11:59 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg
werner raised the priority of T7101: Automagically create a PGP key from a X.509 cert from Normal to High.
Jun 6 2024, 11:36 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg

May 30 2024

dkg added a comment to T7137: unreliable RSA decryption.

It seems too late to reject on import, given that people might already have such a secret key in their ~/.gnupg/private-keys-v1.d/ They might have had it for years without knowing it, because the failure is so intermittent. They might just think that they did something wrong, and when they try again it works. It would be great to be more robust than that.

May 30 2024, 11:28 PM · OpenPGP, Not A Bug, gnupg
werner added a comment to T7137: unreliable RSA decryption.

In more than 25 years of OpenPGP we only had a few new implementations which got it wrong. I see no need to fix it here - maybe import could indeed reject such a key, though.

May 30 2024, 12:50 PM · OpenPGP, Not A Bug, gnupg

May 29 2024

dkg added a comment to T7137: unreliable RSA decryption.

Maybe there's a 4th possible option that's better than the three i identified?

May 29 2024, 9:14 PM · OpenPGP, Not A Bug, gnupg
dkg added a comment to T7137: unreliable RSA decryption.

So i see a range of ways that any OpenPGP software could deal with this:

May 29 2024, 9:13 PM · OpenPGP, Not A Bug, gnupg
werner closed T7137: unreliable RSA decryption as Resolved.

I can replicate that and it works if you disable the use of the CRT. Looking at the key:

pkey[0]: BC9E1CD66676208956B35357210C220508F9F883FE32F4D682CD36BFB4E8055938D4BA21C341D9F48527E420F951B80335B24DF6710F01C4364D554AF659FC35D322061B67CC2F303DC878076059E4F266CFAEF6AB7A29124E969B9C15B1FC2FBA0F0F90E6B059E36B5E3C9BEC4174162689108A1E0EF6D5DDEE61B6B48327A259746288A517B1D78A0E24F5EFF6E880FF39C0BEDDC464B66F787B559EC5487F248196C2CFB15730BD9695C48355DFB2839FA23D8A37FBD48C741F6BE19F9D48BF844C5147591E1E06803DA40BEA1186B3B39CDCBC0E7DAC9DACDBB60A20E56B7E6631E47A45989A256743FDD83C591CFD4110DEA1B04ADE91CCB575FB858C13
 pkey[1]: 010001
 skey[2]: 512FB977EB9872FECA8BDB96884A01A6AB2B7575D307B9ED4F55E777F2F55FBFFCBF4BF2D669D4D7F42CAC7C28F4ACC0ECEEF7B1D90E3D936850372352107F87E77E20A4D133C927F99FFD52277DEA17107BDA72A072AF950AB0B70023327E3B48D9CCB871237D3D6F6C9BA7FDB45AB46217E33FA01A8ED295795323E26505BC9471CAE4DDA94DBF4F35ED915B0CD025805DCA796EB6B208D8D3F63DBE52BC0045CF4CF9B128356359C7E55B661D7B9DCA57F8984095C5AD3FE4DBD19228B281D66609A154DD7E3EE940CFC66CC180DDC4DD00C45A52D5789286D89D49CA34E5F3C4E798D90955074DAE3D99F7F004CDFFBC9B8428E8EB603E240AE07BEE8D71
 skey[3]: F57D9F597750967DF272D9AC661DDC212D7C5CA4C6E91573A80756281351CDC3A2532B155D9251029F89A0A0807DF2BD177DC30FC6A847E07738B55606DF032ADAD8361E0AFEE9C0CF7D566793834977FAAE9C4B87132B94F665EFF463777CDE7EB89113FA3AAC194B6F2D30C40BE7C0DDE36A5855277C1E4D0204FC4C737BCB
 skey[4]: C4B135296B8F4390B953DDA84249FC8467CFF81FC715D1B5F3E01FCC8DC770813630AEA93982F2004705C4D272E07A10B1882AC5C09A45E88B14A1446B4C639B549420CE3BF90947E6E86503E426A8FDAC4C5CFC2809F5F0A1647ED5EE2457C054A40AA1F0666B28B2C970BE2093AE7B095A688B2D713CA8885826F23AFB37D9
 skey[5]: 0790A8E260C6CADC353FB3961D798EFD4F15F96752DA20B86841334C38861743DD7A1FEB2B750D0864F5901BE541B6C8FB63649B18FDC4A32A1233EF90872DCD35704A4B4063DB62752CF6A7FD00F086C6B1042A2B0CB6FB36B7D5269671DACF55242A838E60D514BA868354910CEB1C41FB9A43BF932B5036A6EFE35236FFC7
May 29 2024, 9:40 AM · OpenPGP, Not A Bug, gnupg

Apr 24 2024

werner triaged T7101: Automagically create a PGP key from a X.509 cert as Normal priority.
Apr 24 2024, 3:03 PM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg
werner moved T6815: PQC encryption for GnuPG from Backlog to QA on the gnupg26 board.
Apr 24 2024, 10:04 AM · gnupg26, OpenPGP, PQC, gnupg
werner added a project to T6815: PQC encryption for GnuPG: gnupg26.
Apr 24 2024, 10:02 AM · gnupg26, OpenPGP, PQC, gnupg
werner added a comment to T6815: PQC encryption for GnuPG.

Most things are done. Missing stuff

Apr 24 2024, 10:01 AM · gnupg26, OpenPGP, PQC, gnupg

Apr 23 2024

werner added a comment to T6815: PQC encryption for GnuPG.

Alright: We have support for all our combined algos ky{768,1024}_bp{256,384,512}and ky{768,1024}_cv{25519,448} as well as test keys and encrypted test messages.

Apr 23 2024, 5:47 PM · gnupg26, OpenPGP, PQC, gnupg

Apr 16 2024

matheusmoreira added a comment to T5783: All s2k hardenings silently ignored when exporting private keys.

What is the current status of this issue?

Apr 16 2024, 2:46 PM · Not A Bug, gpgagent, OpenPGP, gpg4win, gnupg

Apr 15 2024

werner added a comment to T6815: PQC encryption for GnuPG.

Here comes a new test key along with its 3 secret parts (one for the primary and two for the composite Kyber subkey).

Apr 15 2024, 5:42 PM · gnupg26, OpenPGP, PQC, gnupg
gniibe changed the status of T7014: agent: Enhancement of PKDECRYPT for KEM interface, a subtask of T6815: PQC encryption for GnuPG, from Open to Testing.
Apr 15 2024, 3:19 AM · gnupg26, OpenPGP, PQC, gnupg

Apr 11 2024

werner added a comment to T6815: PQC encryption for GnuPG.

Wit the test keys posted in T7014 it is now possible to decrypt the sample data. The test data has been slightly adjusted for the new format; see

pubkeyenc.hex2 KBDownload
for a hex dump and
pubkeyenc.bin1 KBDownload
for the binary version.

Apr 11 2024, 4:00 PM · gnupg26, OpenPGP, PQC, gnupg
werner added a parent task for T7083: Show revocation reasons also with a standard -k listing: T7078: Kleopatra: Add automatic offer of revocation certificate export to the revocation process.
Apr 11 2024, 11:42 AM · OpenPGP, Feature Request, gnupg26
werner triaged T7083: Show revocation reasons also with a standard -k listing as Normal priority.
Apr 11 2024, 11:41 AM · OpenPGP, Feature Request, gnupg26

Mar 4 2024

werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.

See also: https://gnupg.org/blog/20240125-smartcard-backup-key.html

Mar 4 2024, 3:38 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report

Feb 26 2024

werner added a subtask for T6815: PQC encryption for GnuPG: T7014: agent: Enhancement of PKDECRYPT for KEM interface.
Feb 26 2024, 10:41 AM · gnupg26, OpenPGP, PQC, gnupg
Next