Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Tue, Jan 6

werner added a comment to T1825: Add a re-encrypt to additional key.

Regarding my comment T1825#191055 : The mane page has long been updated and gpgme support is also available. For the symmetric session key, see the feature request T8016

Tue, Jan 6, 12:53 PM · gpd5x (gpd-5.0.0), gnupg26, Feature Request
werner triaged T8016: Keep symmetric encryption keys with --add-recipients as Low priority.
Tue, Jan 6, 12:51 PM · gpd5x, gnupg26, Feature Request
timegrid created T8015: Kleopatra: Status in certificate list not updated after import.
Tue, Jan 6, 12:37 PM · kleopatra, gpd5x
timegrid moved T1825: Add a re-encrypt to additional key from QA to Done on the gnupg26 board.
Tue, Jan 6, 12:28 PM · gpd5x (gpd-5.0.0), gnupg26, Feature Request
timegrid moved T1825: Add a re-encrypt to additional key from QA to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.0-beta479 @ win11:

  • gpg --show-only-session-key --decrypt FILE shows only the session key
  • gpg --add-recipients -r UID1 FILE adds recipients (tested with one or more uids)
  • gpg --change-recipients -r UID FILE changes the recipients (tested with one or more uids)
Tue, Jan 6, 12:28 PM · gpd5x (gpd-5.0.0), gnupg26, Feature Request
timegrid moved T7983: gpg: the validity of a secret key is changed by making a certification with it from QA to Done on the gnupg26 board.
Tue, Jan 6, 12:08 PM · gpd5x (gpd-5.0.0), keyboxd, Bug Report, gnupg26
timegrid moved T7983: gpg: the validity of a secret key is changed by making a certification with it from QA to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.0-beta479 @ win11.
I can't reproduce ebo's nor pl13's issue.

Tue, Jan 6, 12:07 PM · gpd5x (gpd-5.0.0), keyboxd, Bug Report, gnupg26
ebo moved T6731: Default save dir in okular/windows is wrong from Backlog to QA on the gpd5x board.
Tue, Jan 6, 11:28 AM · gpd5x (gpd-5.0.0), okular
ebo moved T7285: Okular: Improvement of error messages regarding signatures from Backlog to QA on the gpd5x board.
Tue, Jan 6, 11:28 AM · test on hold, gpd5x, okular
ebo moved T7983: gpg: the validity of a secret key is changed by making a certification with it from Backlog to QA on the gpd5x board.
Tue, Jan 6, 11:20 AM · gpd5x (gpd-5.0.0), keyboxd, Bug Report, gnupg26
ebo moved T7983: gpg: the validity of a secret key is changed by making a certification with it from Backlog to QA on the gnupg26 board.
Tue, Jan 6, 11:20 AM · gpd5x (gpd-5.0.0), keyboxd, Bug Report, gnupg26
ikloecker moved T8014: Kleopatra: Incorrect handling of unset keyserver in configuration dialog from Backlog to WIP on the gpd5x board.
Tue, Jan 6, 11:14 AM · gpd5x, kleopatra
ebo moved T7427: Kleopatra: Crash after decryption if files has an embedded file name from Backlog to QA on the gpd5x board.
Tue, Jan 6, 10:55 AM · gpd5x (gpd-5.0.0), kleopatra, Bug Report
ikloecker triaged T8014: Kleopatra: Incorrect handling of unset keyserver in configuration dialog as Normal priority.
Tue, Jan 6, 10:54 AM · gpd5x, kleopatra
ebo moved T7439: Kleopatra: DecryptVerifyFilesDialog crashes when output folder does not exist from Backlog to QA on the gpd5x board.
Tue, Jan 6, 10:54 AM · gpd5x (gpd-5.0.0), kleopatra, Bug Report
ebo moved T7549: Kleopatra: crash on click in certificate extension dialog from Backlog to QA on the gpd5x board.
Tue, Jan 6, 10:52 AM · gpd5x (gpd-5.0.0), kleopatra
ikloecker changed the status of T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver from Open to Testing.

Backported for VSD 3.4

Tue, Jan 6, 10:02 AM · gpd5x, vsd34, kleopatra
ikloecker committed rKLEOPATRAbed77c838ec2: Add config option for disabling upload of public third-party keys (authored by ikloecker).
Add config option for disabling upload of public third-party keys
Tue, Jan 6, 10:01 AM
ikloecker added a comment to T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.

The option

[Export]
AllowPublicKeyUpload=true

has been added. If this option is disabled (i.e. set to false) then Kleopatra only allows the upload of OpenPGP keys for which the user has the secret key.

Tue, Jan 6, 9:58 AM · gpd5x, vsd34, kleopatra
ikloecker committed rKLEOPATRA711daad6fc94: Add config option for disabling upload of public third-party keys (authored by ikloecker).
Add config option for disabling upload of public third-party keys
Tue, Jan 6, 9:55 AM
ikloecker claimed T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.
Tue, Jan 6, 9:14 AM · gpd5x, vsd34, kleopatra
werner triaged T8013: gpgconf does not support the --enable-win32-openssh-support option for gpg-agent as Normal priority.

Frankly, he OpenSSH support for Windows was experimental and I have never tested it. If it can be confirmed that this really works and is useful, it will be easy to add the opeion to gpgconf. Note that the gpgconf option feature handles only a subset of all options on purpose.

Tue, Jan 6, 8:53 AM · Feature Request, ssh, gnupg26, Windows
l10n daemon script <scripty@kde.org> committed rMTPae8b9f142a84: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6, 4:44 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEOc63175e1a3ba: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6, 4:43 AM
l10n daemon script <scripty@kde.org> committed rMTP389997ef92a9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6, 2:57 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEOad2e3cfed131: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6, 2:55 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA5caa3a50e1ad: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 6, 2:55 AM

Mon, Jan 5

the13thletter created T8013: gpgconf does not support the --enable-win32-openssh-support option for gpg-agent.
Mon, Jan 5, 9:22 PM · Feature Request, ssh, gnupg26, Windows
tfry committed rOJe09903855d28: Move away from email-address as client mapping key (authored by tfry).
Move away from email-address as client mapping key
Mon, Jan 5, 5:00 PM
ikloecker changed the status of T7848: Kleopatra: Remove whitespace from suggested export filename from Open to Testing.

Backported for VSD 3.4

Mon, Jan 5, 4:58 PM · gpd5x, vsd34, kleopatra
ikloecker committed rKLEOPATRA3fbe2175864f: Replace spaces and invalid characters in file names of exported keys (authored by ikloecker).
Replace spaces and invalid characters in file names of exported keys
Mon, Jan 5, 4:57 PM
ikloecker committed rKLEOPATRA379626310cd7: Add helper to sanitize strings used as file name (authored by ikloecker).
Add helper to sanitize strings used as file name
Mon, Jan 5, 4:57 PM
ikloecker committed rKLEOPATRA0d1ef9c40e3d: Rename StripSuffixTest to PathHelperTest (authored by ikloecker).
Rename StripSuffixTest to PathHelperTest
Mon, Jan 5, 4:57 PM
ikloecker committed rLIBKLEO078837dae86c: Add helper returning pretty name or email of a key (authored by ikloecker).
Add helper returning pretty name or email of a key
Mon, Jan 5, 4:57 PM
ikloecker added a comment to T7848: Kleopatra: Remove whitespace from suggested export filename.

Fixed everywhere where we export some certificate or public/secret (sub)key. Additionally, to space characters we also replace /, \, and : everywhere in the (proposed) file names now.

Mon, Jan 5, 4:28 PM · gpd5x, vsd34, kleopatra
werner updated the task description for T7906: Memory Corruption in ASCII-Armor Parsing.
Mon, Jan 5, 4:27 PM · gnupg, Bug Report
ikloecker committed rKLEOPATRA3c379f4e98e1: Replace spaces and invalid characters in file names of exported keys (authored by ikloecker).
Replace spaces and invalid characters in file names of exported keys
Mon, Jan 5, 4:24 PM
ikloecker committed rKLEOPATRA5e235f92da07: Rename StripSuffixTest to PathHelperTest (authored by ikloecker).
Rename StripSuffixTest to PathHelperTest
Mon, Jan 5, 4:24 PM
ikloecker committed rKLEOPATRAd37384a4da70: Add helper to sanitize strings used as file name (authored by ikloecker).
Add helper to sanitize strings used as file name
Mon, Jan 5, 4:24 PM
ikloecker committed rLIBKLEO2228092d0648: Bump library version (authored by ikloecker).
Bump library version
Mon, Jan 5, 4:19 PM
ikloecker committed rLIBKLEOaa0d63322b77: Add helper returning pretty name or email of a key (authored by ikloecker).
Add helper returning pretty name or email of a key
Mon, Jan 5, 4:19 PM
werner committed rG5f4ad39b16a4: doc: Rename an internal function to clarity the purpose. (authored by werner).
doc: Rename an internal function to clarity the purpose.
Mon, Jan 5, 4:08 PM
werner triaged T8012: Missing error on first key search without keyserver as Normal priority.
Mon, Jan 5, 3:17 PM · dirmngr, Bug Report, gnupg26
werner committed rG8d4fc76677cc: dirmngr: Help detection of bad keyserver configurations. (authored by werner).
dirmngr: Help detection of bad keyserver configurations.
Mon, Jan 5, 2:45 PM
ikloecker claimed T7848: Kleopatra: Remove whitespace from suggested export filename.
Mon, Jan 5, 1:54 PM · gpd5x, vsd34, kleopatra
ikloecker changed the status of T7637: Kleopatra: certifications by available secret key which is *not* set to "ultimate" owner trust are disregarded from Open to Testing.

Fixed and backported for VSD 3.4

Mon, Jan 5, 1:53 PM · vsd34, gpd5x, kleopatra
ikloecker committed rKLEOPATRA9d5dbed2c25a: Avoid confusion with shared team keys (authored by ikloecker).
Avoid confusion with shared team keys
Mon, Jan 5, 1:52 PM
ikloecker committed rKLEOPATRA92e518ec0e12: Make tooltip less wide (authored by ikloecker).
Make tooltip less wide
Mon, Jan 5, 1:52 PM
timegrid created T8012: Missing error on first key search without keyserver.
Mon, Jan 5, 1:37 PM · dirmngr, Bug Report, gnupg26
timegrid moved T7730: gpg: retrieve a certificate from an LDAP server before sending it to the LDAP server from QA to Done on the gnupg26 board.
Mon, Jan 5, 12:54 PM · gpd5x (gpd-5.0.0), gnupg22 (gnupg-2.2.52), gnupg26, Feature Request
timegrid moved T7730: gpg: retrieve a certificate from an LDAP server before sending it to the LDAP server from WIP to Done on the gpd5x board.

The problem was the keyserver configuration, which does not include a scheme (ldap:):

keyserver ldap.gnupg.test:389:uid=LordPrivySeal,ou=GnuPG Users,dc=gnupg,dc=test:pass:dc=gnupg,dc=test:
Mon, Jan 5, 12:53 PM · gpd5x (gpd-5.0.0), gnupg22 (gnupg-2.2.52), gnupg26, Feature Request
ikloecker committed rKLEOPATRAb5ee4174225b: Avoid confusion with shared team keys (authored by ikloecker).
Avoid confusion with shared team keys
Mon, Jan 5, 12:26 PM
ikloecker committed rKLEOPATRA822552b7abe2: Make tooltip less wide (authored by ikloecker).
Make tooltip less wide
Mon, Jan 5, 12:26 PM
werner changed the visibility for T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks.
Mon, Jan 5, 11:27 AM · Not A Bug, gnupg
werner changed the visibility for T7901: Cleartext Signature Forgery in NotDashEscaped header implementation in GnuPG.
Mon, Jan 5, 11:26 AM · gnupg, Bug Report
werner changed the visibility for T7900: Cleartext Signature Forgery in GnuPG.
Mon, Jan 5, 11:26 AM · Not A Bug, OpenBSD, gnupg
ikloecker claimed T7637: Kleopatra: certifications by available secret key which is *not* set to "ultimate" owner trust are disregarded .
Mon, Jan 5, 11:05 AM · vsd34, gpd5x, kleopatra
gniibe changed the status of T7968: Fixes needed for newer GCC/Mingw from Open to Testing.
Mon, Jan 5, 9:51 AM
ikloecker added a comment to T6453: Kleopatra: Show isQualified in Certificate details if true.

What does gpgsm -k --with-colons print for Werner's QES key? The usage / capabilities should contain s (for signing) and q (for qualified signing). If q is missing then something isn't set up correctly.

Mon, Jan 5, 9:35 AM · gpd5x (gpd-5.0.0), kleopatra
l10n daemon script <scripty@kde.org> committed rMTPe2a4c5ac40bc: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Mon, Jan 5, 4:45 AM
l10n daemon script <scripty@kde.org> committed rMTPf7ea1d83509b: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Mon, Jan 5, 2:55 AM

Sun, Jan 4

anthumchris closed T8010: Publish to NPM registry, a subtask of T7975: Official GPGme interface/bindings for Nodejs (node), as Resolved.
Sun, Jan 4, 11:45 PM · gpgme, Feature Request
anthumchris closed T8010: Publish to NPM registry as Resolved.

Published to NPM as gpgmejs, which provides disambiguation from gpgme, gpgmepp, gpgmepy, etc.

Sun, Jan 4, 11:45 PM · gpgme, Feature Request
anthumchris changed the status of T8010: Publish to NPM registry, a subtask of T7975: Official GPGme interface/bindings for Nodejs (node), from Open to Testing.
Sun, Jan 4, 10:45 PM · gpgme, Feature Request
anthumchris changed the status of T8010: Publish to NPM registry from Open to Testing.
Sun, Jan 4, 10:45 PM · gpgme, Feature Request
anthumchris triaged T8010: Publish to NPM registry as Normal priority.
Sun, Jan 4, 10:44 PM · gpgme, Feature Request
ikloecker committed rKLEOPATRA108194fcf848: Remove CI configuration (authored by ikloecker).
Remove CI configuration
Sun, Jan 4, 9:42 PM
ikloecker committed rMTP0d37c57a405b: Remove Linux CI job (authored by ikloecker).
Remove Linux CI job
Sun, Jan 4, 9:42 PM
ikloecker committed rLIBKLEO03ffe03f43a0: Remove CI configuration (authored by ikloecker).
Remove CI configuration
Sun, Jan 4, 9:37 PM
ikloecker committed rLIBKLEOf5df85ee2f7f: Remove Linux CI job (authored by ikloecker).
Remove Linux CI job
Sun, Jan 4, 9:29 PM
l10n daemon script <scripty@kde.org> committed rMTPf6070eac25c7: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Sun, Jan 4, 4:40 AM
anthumchris closed T8003: Create first gnupgme nodejs binding for gpg version as Resolved.

completed working test and repo:
https://github.com/anthumchris/gpgmejs/

Sun, Jan 4, 4:25 AM · gpgme, Feature Request
anthumchris closed T8003: Create first gnupgme nodejs binding for gpg version, a subtask of T7975: Official GPGme interface/bindings for Nodejs (node), as Resolved.
Sun, Jan 4, 4:25 AM · gpgme, Feature Request
l10n daemon script <scripty@kde.org> committed rMTP00e7c980b210: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Sun, Jan 4, 2:55 AM
thesamesam added a comment to T7990: export-minimal unexpectedly omits expired key.

That'd be great if possible, thank you!

Sun, Jan 4, 2:35 AM · gnupg26, Feature Request, Gentoo

Sat, Jan 3

heirecka committed rKLEOPATRA977ec6b88c0a: GIT_SILENT Update Appstream for new release (authored by heirecka).
GIT_SILENT Update Appstream for new release
Sat, Jan 3, 11:58 AM
heirecka committed rKLEOPATRAfffce3a24727: GIT_SILENT Upgrade release service version to 25.12.1. (authored by heirecka).
GIT_SILENT Upgrade release service version to 25.12.1.
Sat, Jan 3, 11:58 AM
heirecka committed rKLEOPATRAdbeb948b1ac8: GIT_SILENT Update Appstream for new release (authored by heirecka).
GIT_SILENT Update Appstream for new release
Sat, Jan 3, 11:58 AM
mfilippov updated the diff for D622: secmem: Add VirtualLock support for Windows..

secmem: Add VirtualLock support for Windows.

Sat, Jan 3, 11:03 AM
mfilippov requested review of D622: secmem: Add VirtualLock support for Windows..
Sat, Jan 3, 10:55 AM
jukivili committed rCd5cf2b90c7d0: rijndael-aesni: use assembly for moving first and last round key (authored by jukivili).
rijndael-aesni: use assembly for moving first and last round key
Sat, Jan 3, 12:06 AM
jukivili committed rC7afdbb2812b2: rijndael-aesni: prevent inlining AESNI functions by LTO (authored by jukivili).
rijndael-aesni: prevent inlining AESNI functions by LTO
Sat, Jan 3, 12:06 AM
jukivili committed rC9e3af928ee11: rijndael: add VAES/AVX512 accelerated implementation (authored by jukivili).
rijndael: add VAES/AVX512 accelerated implementation
Sat, Jan 3, 12:06 AM
jukivili committed rCef372b484e0f: rijndael-riscv-zvkned: optimize aes192 key setup (authored by jukivili).
rijndael-riscv-zvkned: optimize aes192 key setup
Sat, Jan 3, 12:06 AM
jukivili committed rCc1d9fff3b2eb: chacha20: avoid AVX512/AVX2/SSSE3 for single block processing with Zen5 (authored by jukivili).
chacha20: avoid AVX512/AVX2/SSSE3 for single block processing with Zen5
Sat, Jan 3, 12:06 AM
jukivili committed rC4c9d7a3ba939: rijndael-riscv-zvkned: optimize do_prepare_decryption (authored by jukivili).
rijndael-riscv-zvkned: optimize do_prepare_decryption
Sat, Jan 3, 12:06 AM
jukivili committed rC8b538a8c7669: camellia-gfni-avx512: add 1-block constant-time implementation (authored by jukivili).
camellia-gfni-avx512: add 1-block constant-time implementation
Sat, Jan 3, 12:06 AM
jukivili committed rCe5bc3b28260e: blake2: avoid AVX/AVX2/AVX512 when CPU has high vector inst latency (authored by jukivili).
blake2: avoid AVX/AVX2/AVX512 when CPU has high vector inst latency
Sat, Jan 3, 12:06 AM
jukivili committed rC861896b0fad8: aria-x86_64: fixes for CFI markings (authored by jukivili).
aria-x86_64: fixes for CFI markings
Sat, Jan 3, 12:06 AM
jukivili committed rCb9bafd6c6cc5: camellia-simd128: optimize round key loading and key setup (authored by jukivili).
camellia-simd128: optimize round key loading and key setup
Sat, Jan 3, 12:06 AM
jukivili committed rCf5848080d41a: camellia-aesni-avx: optimize camellia_f used for key setup (authored by jukivili).
camellia-aesni-avx: optimize camellia_f used for key setup
Sat, Jan 3, 12:06 AM

Fri, Jan 2

werner committed rGb8805d9a0f52: gpg: Error out on unverified output for non-detached signatures. (authored by werner).
gpg: Error out on unverified output for non-detached signatures.
Fri, Jan 2, 4:38 PM
werner changed the status of T7900: Cleartext Signature Forgery in GnuPG from Open to Testing.

(Testing for now for better visibility. Real or Semi-real bugs with fixes are already set to Resolved)

Fri, Jan 2, 4:38 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7902: OpenPGP Cleartext Signature Framework, a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Fri, Jan 2, 4:35 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7902: OpenPGP Cleartext Signature Framework from Open to Testing.
Fri, Jan 2, 4:35 PM · Not A Bug, OpenPGP, FAQ, gnupg
werner closed T7903: Multiple Plaintext Attack on Detached PGP Signatures in GnuPG, a subtask of T7900: Cleartext Signature Forgery in GnuPG, as Resolved.
Fri, Jan 2, 4:24 PM · Not A Bug, OpenBSD, gnupg
werner closed T7903: Multiple Plaintext Attack on Detached PGP Signatures in GnuPG as Resolved.
Fri, Jan 2, 4:24 PM · Not A Bug, OpenPGP, gnupg
werner changed the status of T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks, a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Fri, Jan 2, 4:22 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks from Open to Testing.

The described attack is not easy to understand and as of today the
gpg.fail website seems to have the same content as the draft we
received on 2025-10-23. There it states:

Fri, Jan 2, 4:22 PM · Not A Bug, gnupg
anthumchris renamed T8009: Wasm for browser support from Consider Wasm for browser support to Wasm for browser support.
Fri, Jan 2, 3:34 PM · gpgme, Feature Request
First
Prev
Next