Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Thu, May 8

ikloecker added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).
In T7620#200845, @Saturneric wrote:

I think it would be much better if GnuPG automatically performed a key listing immediately after key generation when a smartcard is involved. This would allow GnuPG to detect the presence of the subkey on the card right away, rather than leaving it marked as a stub until the user manually lists keys.

Thu, May 8, 9:14 PM · gnupg, gpgme, Bug Report
Saturneric added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

I see that you generated the secret encryption subkey with backup. This means that the secret subkey is generated on your computer, then copied to the card, and then deleted from your computer. The deletion is the reason why the subkey is marked as stub. Only after listing the keys on the card gpg notices that the secret key is actually on the card.

Thu, May 8, 6:37 PM · gnupg, gpgme, Bug Report

Wed, May 7

ametzler1 added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

works for me, thanks

Wed, May 7, 6:48 PM · gpgme, Bug Report

Tue, May 6

ikloecker added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

The first call of get_key receives the following key listing from gpg:

2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: sec:-:256:19:C4A24EB0B5F2E025:1746474606:::u:::s
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: cESCA:::D2760001240100000006180489130000::brainp
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: oolP256r1:23::0:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: fpr:::::::::DEC0948C398A6E7B50746EC6C4A24EB0B5F2
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: E025:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: grp:::::::::06BDACFBDEDBC5783A75AE5E7251FA3369C4
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: 0FF4:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: uid:-::::1746474606::2222D8E2F373B9BDEE0DEA2A20A
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: 9402214E9F984::Eric <eric@bktus.com>::::::::::0:
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: <LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: ssb:-:256:19:EAFC5EA29B758B22:1746474606::::::a:
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: ::D2760001240100000006180489130000::brainpoolP25
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: 6r1:23:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: fpr:::::::::1AD596DDEC9B8CF3C1AC6C41EAFC5EA29B75
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: 8B22:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: grp:::::::::52F0797C0B0439BBD718E2534D46656A6C45
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: 6A78:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: ssb:-:256:18:A874804DB497B91C:1746474606::::::e:
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: ::#::brainpoolP256r1:23:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: fpr:::::::::33B273C7BD46E4EB63DD6874A874804DB497
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: B91C:<LF>
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: grp:::::::::34A1F8D9B2AA0CF07C2E042D70E10F9D4EBE
2025-05-05 21:50:23 gpgme[57059]     _gpgme_io_read: check: E734:<LF>

Note the line

ssb:-:256:18:A874804DB497B91C:1746474606::::::e:::#::brainpoolP256r1:23:<LF>

where the # marks the subkey as stub.

Tue, May 6, 9:21 AM · gnupg, gpgme, Bug Report

Mon, May 5

Saturneric added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

I have now identified the exact conditions and a reproducible path for the issue I previously reported. I will also attach the relevant gpgme.log.

Mon, May 5, 10:01 PM · gnupg, gpgme, Bug Report
werner added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

I doubt that this is a gpgme problem. With a gpgme log we will be able see the exact commands send to gpg and replicate this on the command line.

Mon, May 5, 5:45 PM · gnupg, gpgme, Bug Report
ikloecker moved T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t from Backlog to QA for next release on the gpgme board.
Mon, May 5, 5:42 PM · gpgme, Bug Report
ikloecker closed T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t as Resolved.

Should be fixed.

Mon, May 5, 5:41 PM · gpgme, Bug Report
ikloecker added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

For gpgme 2 we changed the data types of the time fields to unsigned: rMf2d40473b522e348d96a70c089d2191d0b978098 . Since this change breaks the ABI we use the above change for the 1.24 branch.

Mon, May 5, 5:41 PM · gpgme, Bug Report
werner changed the status of T3325: Allow encryption/signing in GPGME using a specified subkey from Open to Testing.
Mon, May 5, 4:46 PM · gpgme
werner triaged T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t as Normal priority.
Mon, May 5, 4:41 PM · gpgme, Bug Report
svuorela added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

tested @ikloecker

Mon, May 5, 3:20 PM · gpgme, Bug Report
ikloecker added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

The following patch for gpgme 1.24 should fix the test.

diff --git a/lang/cpp/src/key.cpp b/lang/cpp/src/key.cpp
index 42046aa..2b14d90 100644
--- a/src/key.cpp
+++ b/src/key.cpp
@@ -633,7 +633,7 @@ time_t Subkey::creationTime() const
Mon, May 5, 3:15 PM · gpgme, Bug Report
svuorela added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

I did a local change (on amdahl.d.o) changing _gpgme_subkey.expires to long long (ABI-break) and all tests succeeded.

Mon, May 5, 12:44 PM · gpgme, Bug Report
svuorela added a comment to T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.

It looks like the entirety of gpgme timestamping was missed when the 64bit time transition happened in Debian and Ubuntu.

Mon, May 5, 12:43 PM · gpgme, Bug Report
ikloecker edited projects for T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t, added: gpgme; removed gpgmeqt, qt.

This looks like a problem in gpgme. struct _gpgme_subkey stores the expiration date as long int expires which is a signed 32-bit value on all 32-bit architectures. gpgmepp casts this to time_t, but that doesn't help if the 32-bit value is already negative. The same problem exists with all other timestamps in gpgme (i.e. key creation date, signature expiration date, etc.).

Mon, May 5, 12:14 PM · gpgme, Bug Report
werner reopened T3325: Allow encryption/signing in GPGME using a specified subkey as "Open".
Mon, May 5, 11:41 AM · gpgme
ikloecker added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

The logs of gpgme would be helpful, i.e. run your test program with GPGME_DEBUG=8:$(pwd)/gpgme-$(date +"%Y-%m-%d-%H%M%S").log to create a log file with gpgme's logs.

Mon, May 5, 11:07 AM · gnupg, gpgme, Bug Report

Sat, Apr 26

ametzler1 created T7627: gpgme(qt) testsuite error on 32bit archs with 64bit time_t.
Sat, Apr 26, 1:56 PM · gpgme, Bug Report

Tue, Apr 22

werner added projects to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated): gpgme, gnupg.
Tue, Apr 22, 9:35 AM · gnupg, gpgme, Bug Report

Wed, Apr 16

ebo closed T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs as Resolved.

This is resolved in the final Beta15.

Wed, Apr 16, 10:35 AM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra

Mon, Apr 14

ebo moved T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs from Backlog to QA on the vsd33 board.
Mon, Apr 14, 11:28 AM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra

Apr 11 2025

ballapete added a comment to T7533: gpgme-1.24.1 and gpgme-1.24.2 do not compile on Mac OS X 10.4.11, Tiger, because of problem with strcasecmp/strncasecmp in gpgme-tool.c.

Tiger-Patches.diff2 KBDownload
patch set used.

Apr 11 2025, 9:01 PM · gpgme
ballapete added a comment to T7533: gpgme-1.24.1 and gpgme-1.24.2 do not compile on Mac OS X 10.4.11, Tiger, because of problem with strcasecmp/strncasecmp in gpgme-tool.c.

I tried to apply crude patches. Since _POSIX_C_SOURCE is defined when <string.h> is included (in pre-compiled source I see

Apr 11 2025, 8:57 PM · gpgme
werner added a comment to T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs.

That error code is actually not an error code but it is the ERROR state from the Kleo SFM. We have seen that yesterday already.

Apr 11 2025, 3:42 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra
ebo added a comment to T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs.

this exact case is fixed in VS-Desktop-3.3.90.12-Beta
Adding further UIDs and making more certifications still works, too.

Apr 11 2025, 3:15 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra
ebo updated the task description for T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs.
Apr 11 2025, 2:48 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra

Apr 10 2025

ikloecker added a comment to T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs.

Very likely this bug exists since 2017 when support for promotion of local certifications to exportable certifications was added.

Apr 10 2025, 3:57 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra
ikloecker changed the status of T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs from Open to Testing.
Apr 10 2025, 3:54 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra
ikloecker added projects to T7600: Kleopatra: gpg.exe hangs on trying to exportably certify an already locally signed certificate with multiple UIDs: gpd5x, gpgme.

Fixed in gpgmepp for gpd5x. I think for VSD 3.3 we'll add a patch to gpg4win.

Apr 10 2025, 3:53 PM · vsd33 (vsd-3.3.1), gpgme, gpd5x, kleopatra

Mar 19 2025

bjk added a comment to T3325: Allow encryption/signing in GPGME using a specified subkey .

Attached is a patch which adds gpgme_subkey_set_flag() to handle both encryption and signing keys. Or maybe it would be better to add another signing function that does recpstring?

Mar 19 2025, 3:38 AM · gpgme

Mar 14 2025

werner added a comment to T6694: Random numbers from gpgme.

BTW, do we really need a C++ API for this? Might make sense due to the need for a context.

Mar 14 2025, 1:10 PM · gpd5x, gpgpass, gpgme, Feature Request
werner changed the status of T6694: Random numbers from gpgme from Open to Testing.
Mar 14 2025, 1:09 PM · gpd5x, gpgpass, gpgme, Feature Request

Mar 10 2025

calvin added a comment to T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2.

This was using GCC to build, but on AIX. I believe support for dollar signs in identifiers are platform specific.

Mar 10 2025, 12:47 PM · gpgme, gnupg, pinentry
gniibe added a comment to T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2.

GCC allows dollars in identifier, that's the reason why we haven't encountered this issue, I suppose.

Mar 10 2025, 10:32 AM · gpgme, gnupg, pinentry
gniibe changed the status of T7541: libassuan AC_DEFINE_UNQUOTED m4 fix needs propagating to pinentry and gnupg2 from Open to Testing.
Mar 10 2025, 3:50 AM · gpgme, gnupg, pinentry
Next