Page MenuHome GnuPG
Feed All Stories

Jun 5 2025

CarlSchwan committed rOJ582cfed2cfc4: Add documentation for the communication (authored by CarlSchwan).
Add documentation for the communication
Jun 5 2025, 2:29 PM
CarlSchwan committed rOJ1673c9c12c49: Reuse sendMessageToNative/WebClient (authored by CarlSchwan).
Reuse sendMessageToNative/WebClient
Jun 5 2025, 2:29 PM
CarlSchwan committed rOJ598b4a37c861: web: Use generic action also to open composer (authored by CarlSchwan).
web: Use generic action also to open composer
Jun 5 2025, 2:29 PM
CarlSchwan committed rOJeedaae5aae97: Update security doc (authored by CarlSchwan).
Update security doc
Jun 5 2025, 2:29 PM
CarlSchwan committed rOJc9c41a472198: Forward message to client then there is only one available (authored by CarlSchwan).
Forward message to client then there is only one available
Jun 5 2025, 1:20 PM
Saturneric added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

In practice, calling gpgme_get_key() will often pick up most changes because GPGME asks the underlying GPG agent daemon, which may re-read the keyring. That gives the impression that a long-lived context automatically reflects live updates. However, as aheinecke noted, some updates can still go unnoticed in a single gpgme_ctx_t, so it isn’t a strictly frozen snapshot nor a perfectly live view—behaviors are mixed.

Jun 5 2025, 12:33 PM · gnupg, Bug Report
Saturneric added a comment to T7620: gpgme_get_key fails to detect secret encryption subkey after key generation on card (until context is recreated).

Maybe we should make the documentation clearer about context key reuse. But the context is specifically designed to cache information about a key, so as to avoid memory overhead. I learned early on that its best for each new operation to use a new context. A context is basically an instance of gpg or gpgsm. So you start one process, ask it for a keylist, keep the process running, start another process, modify the key database, and then ask the first process again about his worldview. Either the first process is a bit confused because it has read data and then that data changed (what happens here) or it has no idea about the change since it was efficient and only read the database once. But here in this example you should be able to reproduce this also by making any other modifications to the key, adding other subkeys, userids etc. That GPGME even notices the secret key is more of a side effect of how the programming works because the GPGME gpg process will ask the gpg-agent (so a third process).

Jun 5 2025, 12:14 PM · gnupg, Bug Report
Saturneric added a comment to T7673: Release GPGME 2.0.0.

We will keep the 1.24 branch for bug fixing. Do you really have a problem with gpgme 2.0? Ist that due to factoring out the c++ and qt bindings? That was actually a long standing request from the KDE community so that they can use their cmake stuff.

Jun 5 2025, 11:50 AM · Release Info, gpgme
werner added a comment to T7673: Release GPGME 2.0.0.

We will keep the 1.24 branch for bug fixing. Do you really have a problem with gpgme 2.0? Ist that due to factoring out the c++ and qt bindings? That was actually a long standing request from the KDE community so that they can use their cmake stuff.

Jun 5 2025, 11:37 AM · Release Info, gpgme
werner committed rWb9587aa45a8a: Again update gpgoljs (authored by werner).
Again update gpgoljs
Jun 5 2025, 11:21 AM
werner committed rD16150a3d07dd: Rename the legacy gnupgdesk to gpd and add a vsd entry (authored by werner).
Rename the legacy gnupgdesk to gpd and add a vsd entry
Jun 5 2025, 10:43 AM
werner added a comment to T7656: Kleopatra: Wrong update suggestion from 5.0.0 to 4.4.0.

I updated the version database. We now have entries for "gpg4win", "gpd", and "vsd"

Jun 5 2025, 10:43 AM · Bug Report, gpd5x, kleopatra
Saturneric added a comment to T7673: Release GPGME 2.0.0.

I'm wondering whether gpgme v1 will still be supported? Or it will be abandoned from now on.

Jun 5 2025, 10:37 AM · Release Info, gpgme
werner closed T7675: a user-id with just an email address (and not a display name) has no angle brackets surrounding the email address as Resolved.

I see, I had rfc2440 in mind which says:

By convention, it includes  an RFC 822 mail name, but there are no restrictions on its content.

thus 4880 refined it a bit. But in practice it is not the same because it is utf8 and not punycode or whatever. let's close this bug because they way it is used will work with all mail clients.

Jun 5 2025, 10:17 AM · OpenPGP, Documentation
werner committed rWecb08a109cdb: download.sh: Print the actually downloaded files. (authored by werner).
download.sh: Print the actually downloaded files.
Jun 5 2025, 10:10 AM
ikloecker added a comment to T7675: a user-id with just an email address (and not a display name) has no angle brackets surrounding the email address.

Let's have a look at the section of RFC4880 linked by the reporter:

A User ID packet consists of UTF-8 text that is intended to represent
the name and email address of the key holder.  By convention, it
includes an RFC 2822 [RFC2822] mail name-addr, but there are no
restrictions on its content.  [...]
Jun 5 2025, 10:09 AM · OpenPGP, Documentation
werner added a comment to T7675: a user-id with just an email address (and not a display name) has no angle brackets surrounding the email address.

Let's have a look at the spec (rfc2822 3.4):

address         =       mailbox / group
Jun 5 2025, 9:38 AM · OpenPGP, Documentation
gniibe added a comment to rGeb7d5d4d8507: scd: Fix detecting digest OID in the message to be signed..

OK, fixed in rG27e6622322b5: scd: Take care of possible buffer overflow in do_auth.

Jun 5 2025, 3:25 AM
gniibe committed rG27e6622322b5: scd: Take care of possible buffer overflow in do_auth. (authored by gniibe).
scd: Take care of possible buffer overflow in do_auth.
Jun 5 2025, 3:25 AM
gniibe added a comment to T7589: Unable to export SSH keys for ED25519 keys generate on a SmartCard.

The problem was: In scdaemon, PKSIGN with OPENPGP.3 didn't work well for Ed25519 (done by do_auth function in app-openpgp.c), when --hash=sha512 (not SHA1).

Jun 5 2025, 2:52 AM · gnupg, ssh, Bug Report
gouttegd added a comment to T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token.

So I’ve played a bit with agent/pkdecrypt.c. I don’t claim to understand everything that is going on there, but:

Jun 5 2025, 1:53 AM · gnupg26, Bug Report

Jun 4 2025

Paul Schwabauer <pschwabauer@intevation.de> committed rGPGMEPY2711b5e7a918: Move file copy to `copystamp` target (authored by Paul Schwabauer <pschwabauer@intevation.de>).
Move file copy to `copystamp` target
Jun 4 2025, 5:51 PM
CarlSchwan committed rOJ1b5452646b02: server: Only connect to localhost also when using Qt < 6.8 (authored by CarlSchwan).
server: Only connect to localhost also when using Qt < 6.8
Jun 4 2025, 5:02 PM
CarlSchwan committed rOJae18eae0c29a: Don't use Kleo::KeyCache to load user own keys (authored by CarlSchwan).
Don't use Kleo::KeyCache to load user own keys
Jun 4 2025, 4:56 PM
CarlSchwan committed rOJc5b55a742f6d: server: Fix sending error to web client (authored by CarlSchwan).
server: Fix sending error to web client
Jun 4 2025, 4:56 PM
m <meik.michalke@gnupg.com> committed rOJ13ca3a1a9089: updated README.md (authored by m <meik.michalke@gnupg.com>).
updated README.md
Jun 4 2025, 4:54 PM
CarlSchwan committed rW265cad1d1d0d: Bump gpgoljs package (authored by CarlSchwan).
Bump gpgoljs package
Jun 4 2025, 4:10 PM
CarlSchwan committed rOJcb2b3ba956ba: Don't install web assets in sub-directory dist (authored by CarlSchwan).
Don't install web assets in sub-directory dist
Jun 4 2025, 3:59 PM
Paul Schwabauer <pschwabauer@intevation.de> committed rGPGMEPYb975b846cfde: Only copy necessary files and add them to the clean list (authored by Paul Schwabauer <pschwabauer@intevation.de>).
Only copy necessary files and add them to the clean list
Jun 4 2025, 3:40 PM
svuorela committed rKLEOPATRA25087a04419e: Dbus-by-default off on windows and similar (authored by svuorela).
Dbus-by-default off on windows and similar
Jun 4 2025, 3:18 PM
svuorela committed rKLEOPATRAc27e2725698e: KWatchGnupg build: use dbus link variable (authored by svuorela).
KWatchGnupg build: use dbus link variable
Jun 4 2025, 2:49 PM
werner committed rW16fa1b772b2e: Also update gpg4win-tools and add patch to the Makiefile (authored by werner).
Also update gpg4win-tools and add patch to the Makiefile
Jun 4 2025, 2:48 PM
CarlSchwan committed rKLEOPATRA74fc903a7357: Dbus-by-default off on windows and similar (authored by svuorela).
Dbus-by-default off on windows and similar
Jun 4 2025, 2:45 PM
svuorela committed rKLEOPATRA3d940a3c44b2: Link autotests on windows; The uniqueservice stuff needs kf6i18n and… (authored by svuorela).
Link autotests on windows; The uniqueservice stuff needs kf6i18n and…
Jun 4 2025, 2:40 PM
CarlSchwan committed rWbc293d082c14: Bump gpgoljs snapshot (authored by CarlSchwan).
Bump gpgoljs snapshot
Jun 4 2025, 2:24 PM
CarlSchwan committed rOJ39f8a59b3d9e: Remove duplicated icon (authored by CarlSchwan).
Remove duplicated icon
Jun 4 2025, 2:21 PM
gouttegd created T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token.
Jun 4 2025, 2:03 PM · gnupg26, Bug Report
CarlSchwan committed rOJ607f0adaabc1: Install icons with ecm_install_icons (authored by CarlSchwan).
Install icons with ecm_install_icons
Jun 4 2025, 1:56 PM
svuorela committed rKLEOPATRAdd4279419a95: Fix some build-parts with msvc (authored by svuorela).
Fix some build-parts with msvc
Jun 4 2025, 1:50 PM
jap created T7675: a user-id with just an email address (and not a display name) has no angle brackets surrounding the email address.
Jun 4 2025, 1:42 PM · OpenPGP, Documentation
sj98ta added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

No other processes that I have seen. However please see this last update by Kulbarsch. https://github.com/cri-o/cri-o/issues/8906#issuecomment-2936351035

Jun 4 2025, 12:55 PM · golang, gpgme, Bug Report
CarlSchwan committed rKLEOPATRAb6552ab0a009: flatpak: bump ktextaddons version (authored by CarlSchwan).
flatpak: bump ktextaddons version
Jun 4 2025, 11:56 AM
ikloecker committed rWda88912ca159: Add patch for gpgol 2.6.1 (authored by ikloecker).
Add patch for gpgol 2.6.1
Jun 4 2025, 11:48 AM
CarlSchwan committed rKLEOPATRAd2abc97e1904: flatpak: Update gpgme to 2.0.0 release (authored by CarlSchwan).
flatpak: Update gpgme to 2.0.0 release
Jun 4 2025, 11:48 AM
svuorela committed rKLEOPATRA2cca42ccb582: KWatchGnupg build: use dbus link variable (authored by svuorela).
KWatchGnupg build: use dbus link variable
Jun 4 2025, 11:05 AM
svuorela committed rKLEOPATRA9116f186aa96: Dbus-by-default off on windows and similar (authored by svuorela).
Dbus-by-default off on windows and similar
Jun 4 2025, 11:03 AM
svuorela committed rKLEOPATRA92db78a86121: Link autotests on windows; The uniqueservice stuff needs kf6i18n and… (authored by svuorela).
Link autotests on windows; The uniqueservice stuff needs kf6i18n and…
Jun 4 2025, 11:02 AM
CarlSchwan committed rOJ94275b1bab5e: Fix unique window on Windows (authored by CarlSchwan).
Fix unique window on Windows
Jun 4 2025, 10:43 AM
CarlSchwan committed rOJ91b8f25d91c2: Add qrc for icons (authored by CarlSchwan).
Add qrc for icons
Jun 4 2025, 10:43 AM
werner added a comment to rGeb7d5d4d8507: scd: Fix detecting digest OID in the message to be signed..

We should also add a check that INDATALEN is > 15 to make the function robust against bad args.

Jun 4 2025, 10:22 AM
TobiasFella updated the task description for T7674: Kleopatra: Restore behavior of RSAKeySizes and PGPKeyType.
Jun 4 2025, 10:15 AM · vsd33, kleopatra
werner committed rWdaa38eb6cfe4: The regular gpgme tarball is bz2 compressed. (authored by werner).
The regular gpgme tarball is bz2 compressed.
Jun 4 2025, 9:45 AM
werner committed rW17648f8e546f: Update Kleopatra and gpgoljs (authored by werner).
Update Kleopatra and gpgoljs
Jun 4 2025, 9:42 AM
ikloecker committed rMca6419d5ec4d: NEWS: Mention the split of gpgme (authored by ikloecker).
NEWS: Mention the split of gpgme
Jun 4 2025, 9:13 AM
werner committed rW5df06db16952: po: Update gpg4win.pot (authored by werner).
po: Update gpg4win.pot
Jun 4 2025, 8:54 AM
werner committed rW38c41bf6da4f: po: Update all po files for the translators. (authored by werner).
po: Update all po files for the translators.
Jun 4 2025, 8:54 AM
gniibe committed rGeb7d5d4d8507: scd: Fix detecting digest OID in the message to be signed. (authored by gniibe).
scd: Fix detecting digest OID in the message to be signed.
Jun 4 2025, 6:58 AM
gniibe changed the status of T7589: Unable to export SSH keys for ED25519 keys generate on a SmartCard from Open to Testing.

I located the bug in scdaemon.

Jun 4 2025, 6:58 AM · gnupg, ssh, Bug Report
gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

@sj98ta
Does cri-o invokes processes (other than the ones of gpgme) by its threads?

Jun 4 2025, 2:07 AM · golang, gpgme, Bug Report

Jun 3 2025

werner committed rW4f32dce409a7: Update gpgme, gpgmepp, and qgpgme to 2.0.0 (authored by werner).
Update gpgme, gpgmepp, and qgpgme to 2.0.0
Jun 3 2025, 6:20 PM
ikloecker committed rGPGMEQT71f68de65b90: build: Fix logic for CONFIGURE_FOR_DISTRIBUTION (authored by ikloecker).
build: Fix logic for CONFIGURE_FOR_DISTRIBUTION
Jun 3 2025, 6:12 PM
werner committed rD21f74e7f19f3: swdb: Actually release qgpgme (authored by werner).
swdb: Actually release qgpgme
Jun 3 2025, 6:10 PM
werner committed rGPGMEQTdc02742e52ae: Post release updates (authored by werner).
Post release updates
Jun 3 2025, 6:09 PM
werner committed rGPGMEQT2e002d8024b9: Release 2.0.0 (authored by werner).
Release 2.0.0
Jun 3 2025, 6:09 PM
werner committed rGPGMEQT4eed625f2c92: Fix for the sign-release make target. (authored by werner).
Fix for the sign-release make target.
Jun 3 2025, 6:09 PM
werner committed rGPGMEQT6fd0726ad8ce: Add a missing include. (authored by werner).
Add a missing include.
Jun 3 2025, 6:09 PM
CarlSchwan committed rWcfc875257676: Install icons for gpgolweb (authored by CarlSchwan).
Install icons for gpgolweb
Jun 3 2025, 5:41 PM
CarlSchwan committed rOJ3e203c20fdc5: Fix installing icons for system tray (authored by CarlSchwan).
Fix installing icons for system tray
Jun 3 2025, 5:40 PM
werner closed T3325: Allow encryption/signing in GPGME using a specified subkey as Resolved.
Jun 3 2025, 5:29 PM · gpgme
werner committed rD3733f8bac4ab: swdb: gpgme and gpgmepp 2.0.0 (authored by werner).
swdb: gpgme and gpgmepp 2.0.0
Jun 3 2025, 5:27 PM
werner committed rGPGMEPPcd13d4b00cd1: Merge branch 'Release branch' (authored by werner).
Merge branch 'Release branch'
Jun 3 2025, 5:02 PM
werner committed rGPGMEPPbd948c7d1a20: Post release updates. (authored by werner).
Post release updates.
Jun 3 2025, 5:02 PM
werner committed rGPGMEPP301d39f8b97a: Release 2.0.0 (authored by werner).
Release 2.0.0
Jun 3 2025, 5:02 PM
CarlSchwan committed rOJa96b032e4ba6: Use native separators for manifest path (authored by CarlSchwan).
Use native separators for manifest path
Jun 3 2025, 4:51 PM
TobiasFella set External Link to https://invent.kde.org/pim/libkleo/-/merge_requests/192 on T7674: Kleopatra: Restore behavior of RSAKeySizes and PGPKeyType.
Jun 3 2025, 4:13 PM · vsd33, kleopatra
TobiasFella committed rLIBKLEO1909efac8c77: Use RSAKeySizes and PGPKeyType again (authored by TobiasFella).
Use RSAKeySizes and PGPKeyType again
Jun 3 2025, 4:13 PM
TobiasFella triaged T7674: Kleopatra: Restore behavior of RSAKeySizes and PGPKeyType as Normal priority.
Jun 3 2025, 4:09 PM · vsd33, kleopatra
sj98ta added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

I am not sure that I am clear on what you are asking. I am not an expert on cri-o, but is does seem that there are multiple processes (threads), which all call gpgme_op_verify There are also calls to gpgme_op_import

Jun 3 2025, 3:59 PM · golang, gpgme, Bug Report
ikloecker committed rW708bd53a90c1: gen-tarball: Make it easier to create tarballs of gpgmepp/gpgmeqt (authored by ikloecker).
gen-tarball: Make it easier to create tarballs of gpgmepp/gpgmeqt
Jun 3 2025, 3:51 PM
ikloecker committed rWfd77828cac1c: kxmlgui: Remove obsolete patch (authored by ikloecker).
kxmlgui: Remove obsolete patch
Jun 3 2025, 3:51 PM
ikloecker committed rGPGMEQTe598181d462a: build: Add option CONFIGURE_FOR_DISTRIBUTION (authored by ikloecker).
build: Add option CONFIGURE_FOR_DISTRIBUTION
Jun 3 2025, 3:43 PM
ikloecker committed rGPGMEPP592efbfcfb61: build: Add option CONFIGURE_FOR_DISTRIBUTION (authored by ikloecker).
build: Add option CONFIGURE_FOR_DISTRIBUTION
Jun 3 2025, 3:43 PM
CarlSchwan committed rW0cb83e89e840: Update to newer gpgoljs snapshot (authored by CarlSchwan).
Update to newer gpgoljs snapshot
Jun 3 2025, 3:39 PM
CarlSchwan committed rWe97cbfd5ef84: Add patch to expose QWebSocketServer::originAuthenticationRequired (authored by CarlSchwan).
Add patch to expose QWebSocketServer::originAuthenticationRequired
Jun 3 2025, 3:39 PM
CarlSchwan committed rOJ7c15884305cf: Rework gpgol-server to have both http and websocket on the same port (authored by CarlSchwan).
Rework gpgol-server to have both http and websocket on the same port
Jun 3 2025, 3:35 PM
CarlSchwan committed rOJf3f18dc4de90: Forward debug logs from server process to client (authored by CarlSchwan).
Forward debug logs from server process to client
Jun 3 2025, 3:35 PM
ikloecker committed rGPGMEQTe44510289a7e: build: Fix logic for appending "-unknown" to version number (authored by ikloecker).
build: Fix logic for appending "-unknown" to version number
Jun 3 2025, 3:34 PM
ikloecker committed rGPGMEPP1e948b3f3ee1: build: Fix logic for appending "-unknown" to version number (authored by ikloecker).
build: Fix logic for appending "-unknown" to version number
Jun 3 2025, 3:09 PM
svuorela committed rKLEOPATRAcfdbaa3dbdc3: tests/CMake: remove if statement; useless (authored by svuorela).
tests/CMake: remove if statement; useless
Jun 3 2025, 2:09 PM
werner committed rM6aa0fef87347: Post release update (authored by werner).
Post release update
Jun 3 2025, 1:46 PM
werner committed rMddaae2b8525b: Update autogen.sh and libtool for gpgrt. (authored by werner).
Update autogen.sh and libtool for gpgrt.
Jun 3 2025, 1:46 PM
werner committed rMe17ba5788619: Release 2.0.0 (authored by werner).
Release 2.0.0
Jun 3 2025, 1:46 PM
werner updated the task description for T7440: Release GPGME 1.24.1.
Jun 3 2025, 1:10 PM · gpgme, Release Info
werner triaged T7673: Release GPGME 2.0.0 as Normal priority.
Jun 3 2025, 1:09 PM · Release Info, gpgme
werner committed rW6f1e9f5c8714: Update the gen-gnupg.sh script. (authored by werner).
Update the gen-gnupg.sh script.
Jun 3 2025, 11:12 AM
werner committed rW7390e9f85407: Update GnuPG to 2.5.8 (authored by werner).
Update GnuPG to 2.5.8
Jun 3 2025, 11:12 AM
ikloecker added inline comments to rOJ17ec46e02a1e: Extract all the keys from CertificateLineEdit.
Jun 3 2025, 10:40 AM
CarlSchwan committed rOJ17ec46e02a1e: Extract all the keys from CertificateLineEdit (authored by CarlSchwan).
Extract all the keys from CertificateLineEdit
Jun 3 2025, 10:18 AM
gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

@sj98ta Please let us know if cri-o invokes other processes (except the ones by gpgme) or not.
If cri-o invokes other processes (by other threads), my theory matters; With the interference by other processes holding pipe file descriptors, gpgme keeps polling pipe file descriptors.

Jun 3 2025, 9:05 AM · golang, gpgme, Bug Report
gniibe committed rG2436afa057f3: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Jun 3 2025, 7:00 AM