Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Fri, Sep 5

werner moved T7759: Kleopatra: Notepad encryption with S/MIME fails from Backlog to QA on the gpd5x board.
Fri, Sep 5, 2:39 PM · gnupg26, gpgme, kleopatra, gpd5x
werner changed the status of T7759: Kleopatra: Notepad encryption with S/MIME fails from Open to Testing.

Uses gpgme-2.0.0 with the above mentioned patches. I have seen no problems in my quick tests.

Fri, Sep 5, 2:38 PM · gnupg26, gpgme, kleopatra, gpd5x

Thu, Sep 4

werner added a project to T7335: S/MIME keys are not listed correctly: gnupg26.

Is that really the same bug? I would be interested in seeing a more detailed report. BTW, Windows or Linux? Used standard beta installer on Windows?

Thu, Sep 4, 9:52 PM · gnupg26, gnupg, Bug Report

Wed, Sep 3

werner added a comment to T7804: de-vs compliance not shown if also password encrypted.

In contrast to gnupg22 master did not proper show OCB compliance - not everything has yet been forward ported. But we can do so now and test master by setting GNUPG_ASSUME_COMPLIANCE=de-vs

Wed, Sep 3, 4:27 PM · gnupg22, Bug Report, vsd, gnupg26
werner edited projects for T7804: de-vs compliance not shown if also password encrypted, added: gnupg22; removed gnupg24.
Wed, Sep 3, 4:20 PM · gnupg22, Bug Report, vsd, gnupg26
werner triaged T7804: de-vs compliance not shown if also password encrypted as Normal priority.
Wed, Sep 3, 3:48 PM · gnupg22, Bug Report, vsd, gnupg26

Tue, Sep 2

werner moved T7333: Allow gpg to auto-upload a new own key to LDAP servers from Backlog to QA on the gnupg26 board.
Tue, Sep 2, 3:00 PM · gnupg26, vsd33, gnupg22
werner moved T7333: Allow gpg to auto-upload a new own key to LDAP servers from Backlog to WiP on the gnupg22 board.
Tue, Sep 2, 3:00 PM · gnupg26, vsd33, gnupg22
werner moved T7730: gpg: retrieve a certificate from an LDAP server before sending it to the LDAP server from WIP to QA on the gnupg26 board.
Tue, Sep 2, 2:59 PM · gnupg22, gnupg26, Feature Request, gpd5x
werner moved T7788: Invalid selection in addkey from QA to Done on the gnupg26 board.
Tue, Sep 2, 2:58 PM · gnupg26, Bug Report
werner moved T7788: Invalid selection in addkey from Backlog to QA on the gnupg26 board.
Tue, Sep 2, 2:58 PM · gnupg26, Bug Report
werner moved T7649: gnupg: Use KEM interface for encryption/decryption from WIP to QA on the gnupg26 board.
Tue, Sep 2, 2:57 PM · gnupg26
werner moved T7491: Confusing additional pinentry on creation of new keypair with ADSK configured from WIP to QA on the gnupg26 board.
Tue, Sep 2, 2:57 PM · gpgagent, gnupg26, gnupg
werner moved T7742: Extend the LDAP scheme for non-NTDS installations from WIP to QA on the gnupg26 board.
Tue, Sep 2, 2:56 PM · dirmngr, LDAP, gnupg26
werner moved T7757: Kleopatra: Error "no data" on decryption of tar.gpg archive from Done to QA on the gnupg26 board.
Tue, Sep 2, 2:56 PM · gnupg26, gpd5x, kleopatra

Mon, Sep 1

gniibe added a comment to T7759: Kleopatra: Notepad encryption with S/MIME fails.

I fixed the problem (which I identified above) in gniibe/t7759 branch. There might be other causes/problems for the particular symptom, so, I don't know the fix resolves the symptom or not.

Mon, Sep 1, 4:16 AM · gnupg26, gpgme, kleopatra, gpd5x

Wed, Aug 27

werner added a comment to T6465: Store the ECDH parameters in the key file.

@gniibe: Now that we use the KEM API, how do we proceed with this ticket?

Wed, Aug 27, 4:16 PM · gnupg26, OpenPGP, scd, Bug Report
werner lowered the priority of T7618: gpgsm: Allow selecting keys by SHA2 fpr from Normal to Wishlist.

The problem here is that we don't have the sha-2 fingerprint in our SQL tables. Thus we would not only need to do a full table search but also parse the actual blob to compute the sha-2 fingerprint.

Wed, Aug 27, 4:14 PM · S/MIME, gnupg26, Feature Request
werner lowered the priority of T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy from Normal to Wishlist.
Wed, Aug 27, 4:04 PM · gnupg26, S/MIME, Restricted Project
werner changed the status of T7491: Confusing additional pinentry on creation of new keypair with ADSK configured from Open to Testing.
Wed, Aug 27, 4:02 PM · gpgagent, gnupg26, gnupg
werner moved T7491: Confusing additional pinentry on creation of new keypair with ADSK configured from Backlog to WIP on the gnupg26 board.
Wed, Aug 27, 3:40 PM · gpgagent, gnupg26, gnupg
werner renamed T7491: Confusing additional pinentry on creation of new keypair with ADSK configured from Kleopatra: Confusing additional pinentry on creation of new keypair with ADSK configured to Confusing additional pinentry on creation of new keypair with ADSK configured .
Wed, Aug 27, 3:09 PM · gpgagent, gnupg26, gnupg
werner closed T7713: Allow to skip the qualified signature confirmation prompt as Resolved.

I have done testing using my QES certificate with all combinations of the two options.

Wed, Aug 27, 12:02 PM · S/MIME, Feature Request, gnupg26
werner moved T7759: Kleopatra: Notepad encryption with S/MIME fails from Backlog to WIP on the gnupg26 board.
Wed, Aug 27, 10:34 AM · gnupg26, gpgme, kleopatra, gpd5x
werner changed the status of T7791: encryption fails with "Invalid Length" error when using Kyber1024 keys from Open to Testing.
Wed, Aug 27, 9:54 AM · PQC, gnupg26, Bug Report
gniibe claimed T7791: encryption fails with "Invalid Length" error when using Kyber1024 keys.

Thank you for the report.

Wed, Aug 27, 8:10 AM · PQC, gnupg26, Bug Report
gniibe added a comment to T7759: Kleopatra: Notepad encryption with S/MIME fails.

Similar situation could happen with gpgsm + gpg-agent, when gpg-agent is invoked by gpgsm.
(1) No gpg-agent.
(2) In gpgme, by engine-gpgsm, gpgsm is invoked with --logger.
(3) In gpgsm_keylist, it makes sure gpg-agent is available by GETINFO agent-check, using gpgsm_assuan_simple_command.
(4) In the server side, it tries to connect gpg-agent, invokes gpg-agent, and connect to the agent again.
(5) On Windows, it may takes time to invoke gpg-agent. And it may try to connect multiple times. Each trial may generate debug messages.
(6) When it takes too much time, the debug messages are too much. It may fill the pipe.
(7) And it blocks at log_string in my_libassuan_log_handler.
(8) ... it hangs.

Wed, Aug 27, 6:53 AM · gnupg26, gpgme, kleopatra, gpd5x
gniibe added a comment to T7759: Kleopatra: Notepad encryption with S/MIME fails.

Hypothetical scenario (gpgsm --server + dirmngr):
(0) It may hang when much debug messages are generated by libassuan to the pipe of --logger (diag_cb).
(1) In gpgme, by engine-gpgsm, gpgsm is invoked with --logger.
(2) If it's the case of standard gpgme interactions which uses gpgsm_io_event, no problem. Because the data on diag_cb is consumed well.
(3) In case of gpgsm_encrypt (or other commands), it uses gpgsm_assuan_simple_command which does not consume the data on diag_cb pipe at all.
(4) In particular, in set_recipients, gpgsm_assuan_simple_command is called by the number of recipients.
(5) IIUC, in the server side, dirmngr is used by the call chain of:

  • gpgsm_add_to_certlist
  • gpgsm_validate_chain...
  • gpgsm_dirmngr_isvalid

(6) In gpgsm_dirmngr_isvalid function, libassuan is used as client side, it generates debug messages.
(7) When there are many recipients, the debug message may be big enough to fill the pipe.
(8) When pipe is filled, it blocks by log_string in my_libassuan_log_handler, waiting the data in pipe is consumed.
(9) ... it hangs.

Wed, Aug 27, 5:12 AM · gnupg26, gpgme, kleopatra, gpd5x
Next