Feed Advanced Search

Yesterday

werner edited projects for T5114: GnuPG fails to import back generated and exported EdDSA secret key., added: gnupg; removed gnupg (gpg22).

Its done for 2.2 thus changing the tag.

Mon, Nov 23, 1:43 PM · gnupg, Testing, gpgagent, Bug Report
werner added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

I though about this too but we need to take care about the logging functions of Libgcrypt which are intertwined with nPth (clamp function of libgpg-error).

Mon, Nov 23, 9:01 AM · Feature Request, gpgagent

Thu, Nov 19

Hafiz added a comment to T5136: Mega888.

{F1982353}

Thu, Nov 19, 9:36 PM · gpgagent, Feature Request
gniibe added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

Thanks. I understand the situation. Basically, gpg-agent's computation is done by a single thread (in current implementation), although it accepts many requests simultaneously.

Thu, Nov 19, 3:21 AM · Feature Request, gpgagent

Wed, Nov 18

andrey.arapov added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

Note that you actually run 30 independent processes with gpg 1.4 but with gpg-agent there is just one process to handle the private key operations (decrypt). To utilize more cores you need to setup several GNUPGHOME with the same private keys.

Wed, Nov 18, 2:33 PM · Feature Request, gpgagent
andrey.arapov added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

I think that it is not gpg-agent but pinentry which causes millions of futex syscall errors.
For interactive use case, pinentry may be the point of contention.
I might be wrong if your key is not protected by passphrase.

If possible, please try adding arguments for gpg invocation: --pinentry-mode loopback --passphrase-file YOUR_FILE_FOR_PASSPHRASE
This can avoid the invocation of pinentry entirely.

Wed, Nov 18, 2:32 PM · Feature Request, gpgagent

Tue, Nov 17

werner triaged T5137: gpg-agent 2.x poor performance / futex errors as Normal priority.

I change this to a feature request: Allow several processes to run public key decryption using the same set of private keys.

Tue, Nov 17, 8:35 AM · Feature Request, gpgagent

Mon, Nov 16

werner closed T5136: Mega888 as Spite.
Mon, Nov 16, 4:10 PM · gpgagent, Feature Request
Hafiz created T5136: Mega888.
Mon, Nov 16, 12:39 PM · gpgagent, Feature Request
gniibe renamed T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned from agent: Disrepancy of handling MPI for the interpretation of signed and unsigned to agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.
Mon, Nov 16, 8:09 AM · libgcrypt, gpgagent, gnupg

Wed, Nov 4

gniibe changed the status of T5116: GnuPG master shows an error when importing Ed25519 keys generated, a subtask of T5114: GnuPG fails to import back generated and exported EdDSA secret key., from Open to Testing.
Wed, Nov 4, 3:14 AM · gnupg, Testing, gpgagent, Bug Report

Fri, Oct 30

gniibe added a commit to T5116: GnuPG master shows an error when importing Ed25519 keys generated: rG813e24108a13: gpg: Fix SOS handling with libgcrypt version <= 1.8..
Fri, Oct 30, 9:09 AM · Testing, gnupg, Bug Report
gniibe added a comment to T5116: GnuPG master shows an error when importing Ed25519 keys generated.

One bug is fixed in rGdd4fb1c8f668: gpg: Fix first zero-byte case for SOS handling..

Fri, Oct 30, 9:03 AM · Testing, gnupg, Bug Report
gniibe added a commit to T5116: GnuPG master shows an error when importing Ed25519 keys generated: rGdd4fb1c8f668: gpg: Fix first zero-byte case for SOS handling..
Fri, Oct 30, 7:23 AM · Testing, gnupg, Bug Report
gniibe changed the status of T5114: GnuPG fails to import back generated and exported EdDSA secret key. from Open to Testing.

Fixed in 2.2 branch.
Also, I found another issue of libgcrypt master, which is fixed in [rC361a0588).
Further, I found different issue, and created T5116: GnuPG master shows an error when importing Ed25519 keys generated.

Fri, Oct 30, 2:23 AM · gnupg, Testing, gpgagent, Bug Report
gniibe added a commit to T5114: GnuPG fails to import back generated and exported EdDSA secret key.: rGba321b60bc3b: agent: Fix secret key import for Ed25519..
Fri, Oct 30, 2:22 AM · gnupg, Testing, gpgagent, Bug Report
gniibe created T5116: GnuPG master shows an error when importing Ed25519 keys generated.
Fri, Oct 30, 12:55 AM · Testing, gnupg, Bug Report
gniibe added a comment to T5114: GnuPG fails to import back generated and exported EdDSA secret key..

I think that it may occur with eddsa secret keys generated with 2.2, too. (In the 50% probability)

Fri, Oct 30, 12:51 AM · gnupg, Testing, gpgagent, Bug Report

Thu, Oct 29

werner triaged T5114: GnuPG fails to import back generated and exported EdDSA secret key. as High priority.

In short eddsa secret keys generated with current 2.3 can't be imported with 2.2, right? That will lead to a compatibility problem, so we need to fix that in 2.2.

Thu, Oct 29, 9:23 AM · gnupg, Testing, gpgagent, Bug Report
gniibe added a comment to T5114: GnuPG fails to import back generated and exported EdDSA secret key..

IIUC, it is an issue of GnuPG 2.2.
The condition is where the secret 'd' starts by the first bit = 1 (that is, >= 0x80).
I located the bug in agent/cvt-openpgp.c. The function do_unprotect calls convert_secret_key with skey[1] as usual MPI (not opaque),
and gcry_sexp_build with "(d%m)" will put additional 0x00 at the beginning, which results 33-byte secret in R_KEY. Then, when gcry_pk_testkey is called with R_KEY, when it checks, because 32-byte is expected, it returns GPG_ERR_INV_OBJ. Then, do_unprotect returns GPG_ERR_BAD_PASSPHRASE.

Thu, Oct 29, 8:58 AM · gnupg, Testing, gpgagent, Bug Report
gniibe edited projects for T5114: GnuPG fails to import back generated and exported EdDSA secret key., added: gnupg (gpg22), gpgagent; removed gnupg (gpg23).
Thu, Oct 29, 7:26 AM · gnupg, Testing, gpgagent, Bug Report

Oct 23 2020

werner edited projects for T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path, added: gnupg (gpg23); removed libassuan.

What can be done is to use gpgconf --list-dirs bindir as a fallback for pinentry.

Oct 23 2020, 6:51 PM · gnupg (gpg23), gpgagent

Oct 1 2020

bvieira added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

@werner can you confirm if the environment I provided will work with OpenSSH support fully implemented?

Oct 1 2020, 5:49 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Sep 4 2020

bvieira added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

So, if there's no support for native OpenSSH yet, I'll wait for it. After it's supported, I should be able to get the scenery I described working, right?

Sep 4 2020, 1:52 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request
werner added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Unfortunately you can't pass extra arguments.

Sep 4 2020, 7:47 AM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Sep 3 2020

gpguser123 added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

@bvieira You need to set pinentry-mode=loopback for gpg program used in git.

Sep 3 2020, 4:22 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Sep 2 2020

bvieira added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

I'm actually trying to do the following:

Sep 2 2020, 2:10 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request
avemilia added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

In the meantime you can use [0]. I have tested with ssh key on yubikey and AuthenticationMethods publickey, win32-ssh (or ssh-portable, which is the new repository name) correctly works with gpg and pinentry is called. Despite it being called wsl, wsl environment is not required.

Sep 2 2020, 1:59 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Aug 25 2020

werner closed T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail as Resolved.

[These damned typos in commit messages ;-)]

Aug 25 2020, 11:26 AM · gpgagent, gnupg, Bug Report
werner added a commit to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail: rGb17846e4fd02: agent: Allow using --gogconf-list even if HOME does not exist..
Aug 25 2020, 11:24 AM · gpgagent, gnupg, Bug Report
werner added a commit to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail: rGadea5ba7e752: agent: Allow using --gogconf-list even if HOME does not exist..
Aug 25 2020, 11:24 AM · gpgagent, gnupg, Bug Report

Jul 20 2020

bvieira added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Any news on this?

Jul 20 2020, 12:48 AM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Jun 9 2020

aheinecke created T4971: Pass setrepeat to pinentry for symmetric encryption, too.
Jun 9 2020, 9:51 AM · gnupg (gpg22)

Jun 2 2020

gniibe added a comment to T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.

Change of gpg-agent for ECC-SOS

Jun 2 2020, 8:05 AM · libgcrypt, gpgagent, gnupg

May 27 2020

gniibe updated the task description for T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.
May 27 2020, 3:09 AM · libgcrypt, gpgagent, gnupg
gniibe edited projects for T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned, added: gpgagent, libgcrypt; removed OpenPGP.
May 27 2020, 3:08 AM · libgcrypt, gpgagent, gnupg

Mar 5 2020

werner added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

I t could print a warning for a non-existant homedir

Mar 5 2020, 8:24 PM · gpgagent, gnupg, Bug Report
dkg added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

Sure, I personally know that GnuPG requires a homedir to operate.

Mar 5 2020, 3:20 PM · gpgagent, gnupg, Bug Report
werner added a comment to T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.

As you surely known GnuPG requires its home directory; in particular when using the gpgconf to manage the config options. Thus I can't see what to do other than error out. gpgconf needs to know the location of the config file; if it is containign diretcory is not existant it will fail anyway.

Mar 5 2020, 10:14 AM · gpgagent, gnupg, Bug Report

Mar 4 2020

dkg created T4866: `gpg-agent --gpgconf-list` returns a non-zero error code 2 if $HOME is non-existent, causing `gpgconf` to fail.
Mar 4 2020, 4:46 PM · gpgagent, gnupg, Bug Report

Jan 13 2020

aheinecke created T4808: gnupg, scd: Status notifications to Applications.
Jan 13 2020, 11:22 AM · kleopatra, scd, gpgagent

Dec 17 2019

werner added a comment to T4777: Pinentry sometimes mixes languages.

The description comes from gpg/gpgsm while the prompts are from gpg-agent. Thus if the agent has been started with the German local but gpgsm without a local this would explain the behaviour.

Dec 17 2019, 11:39 AM · S/MIME, gpgagent
aheinecke created T4777: Pinentry sometimes mixes languages.
Dec 17 2019, 10:19 AM · S/MIME, gpgagent

Dec 12 2019

werner added a project to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent: gnupg (gpg23).
Dec 12 2019, 1:08 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request
werner claimed T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.
Dec 12 2019, 1:07 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request
werner added a comment to T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent.

Although I don't use the ssh client on Windows I had to integrate the Windows ssh server into our release process (GlobalSign sent us a Windows-only token, for the new cert and so we can't anymore use osslsigncode). The ssh server is really stable and so it makes a lot of sense to better integrate our ssh-agent into Windows.

Dec 12 2019, 1:07 PM · gnupg (gpg23), Windows, ssh, gpgagent, Feature Request

Dec 5 2019

gniibe added a project to T4270: pinentry-curses should ring the terminal bell: gpgagent.
Dec 5 2019, 7:09 AM · gpgagent, Feature Request, pinentry
gniibe added a parent task for T4587: pinentry-gnome3 grabs input (is system modal) despite`--no-global-grab` or `OPTION no-grab`: T4770: pinentry option no-global-grab.
Dec 5 2019, 6:42 AM · gpgagent, pinentry
gniibe added a comment to T4256: gpg-agent: Spurious pinentries for an already unlocked key when decryption OpenPGP in 10 threads.

My analysis is that it's not a race condition but... it's about secure memory.
It is true that we have a race condition between putting an entry to cache after pinentry interaction _and_ next examining cache to invoke pinentry. But for this test case, the gpg process of unlock the key (and cache the passphrase) is finished before running the run-threaded command.

Dec 5 2019, 6:33 AM · gnupg, gpgagent
gniibe closed T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry as Resolved.
Dec 5 2019, 1:57 AM · Bug Report, gpgagent

Dec 4 2019

werner triaged T4769: gnupg:passphrase for new key asked three times as Normal priority.

That is actually a GnuPG thing. We originally did it this way to help people remember their passphrase before they start using the key. I agree it is annoying and I would like to remove it too. At the same time we should really think about making no-passphrase the default and require it only with certain compliance settings.

Dec 4 2019, 7:54 PM · gpgagent, gnupg (gpg23), Bug Report, gpg4win

Sep 27 2019

gniibe renamed T4563: gpg-agent fails to sign request of PKISSH from gpg-agent fails to sign request to gpg-agent fails to sign request of PKISSH.
Sep 27 2019, 1:45 PM · Feature Request, gpgagent
gniibe edited projects for T4563: gpg-agent fails to sign request of PKISSH, added: Feature Request; removed Info Needed, Bug Report.
Sep 27 2019, 10:17 AM · Feature Request, gpgagent
gniibe added a comment to T4563: gpg-agent fails to sign request of PKISSH.

OK, I identify the problem.

Sep 27 2019, 8:23 AM · Feature Request, gpgagent

Sep 9 2019

aheinecke closed T4389: Gpg4win 3.1.8, a subtask of T4333: Job objects on Windows interfere with automatic start of gpg-agent, as Resolved.
Sep 9 2019, 11:27 AM · patch, Windows, gpgagent, Bug Report
aheinecke closed T4333: Job objects on Windows interfere with automatic start of gpg-agent as Resolved.
Sep 9 2019, 11:23 AM · patch, Windows, gpgagent, Bug Report
ikrabbe added a comment to T4563: gpg-agent fails to sign request of PKISSH.

But this problem remains for several versions for some time. I tried to find out the source of this "new option" in the communication, but I could not find anything about "GPG Agent" in the source code of openssh.

Sep 9 2019, 10:18 AM · Feature Request, gpgagent
ikrabbe added a comment to T4563: gpg-agent fails to sign request of PKISSH.

Sorry for the late answer, but I have been busy. Actually this happened against several ssh versions, for some time now.

Sep 9 2019, 9:45 AM · Feature Request, gpgagent

Aug 20 2019

gniibe added a comment to T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry.

It was fixed in GnuPG master by rGc395f8315362: agent: Terminate pinentry process gracefully, by watching socket. and rG374a0775546b: agent: Close a dialog cleanly when gpg/ssh is killed for CONFIRM..
Those will be in GnuPG 2.3.

Aug 20 2019, 3:32 AM · Bug Report, gpgagent
dkg reopened T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry as "Open".
Aug 20 2019, 2:44 AM · Bug Report, gpgagent
dkg added a comment to T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry.

This appears to be https://bugs.debian.org/850946 and it does not appear to be fixed to me.

Aug 20 2019, 2:43 AM · Bug Report, gpgagent

Aug 2 2019

werner triaged T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong as Low priority.
Aug 2 2019, 9:51 AM · Documentation, gpgagent

Jul 31 2019

dkg reopened T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong as "Open".

Please update the documentation for the function in that case.

Jul 31 2019, 4:49 PM · Documentation, gpgagent
werner closed T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong as Invalid.

No, it was not in mind. I introduced this only for backward compatibility. It will be extended iff we have a need for it.

Jul 31 2019, 8:51 AM · Documentation, gpgagent

Jul 30 2019

gniibe added a comment to T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong.

My understanding is: it was introduced by rG370f841a0135: Enhanced last patch. in 2009 to give information to client (for a specific command at that time), possibly in a hope that server side would support the feature for all commands (and client could benefits).

Jul 30 2019, 8:59 AM · Documentation, gpgagent

Jul 29 2019

dkg created T4661: gpg-agent "getinfo cmd_has_option" is frequently wrong.
Jul 29 2019, 8:54 PM · Documentation, gpgagent

Jul 11 2019

gniibe added projects to T4563: gpg-agent fails to sign request of PKISSH: gpgagent, Info Needed.

Which SSH client are you using?

Jul 11 2019, 8:42 AM · Feature Request, gpgagent
gniibe claimed T4587: pinentry-gnome3 grabs input (is system modal) despite`--no-global-grab` or `OPTION no-grab`.

gpg-agent side is fixed to relax the error handling.

Jul 11 2019, 7:57 AM · gpgagent, pinentry

Jul 9 2019

werner closed T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 as Resolved.
Jul 9 2019, 3:22 PM · gpgagent, gnupg, Bug Report

Jul 1 2019

werner triaged T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path as Normal priority.
Jul 1 2019, 9:34 PM · gnupg (gpg23), gpgagent
werner added a comment to T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path.

As I said we do this with all GnuPG components. Pinentry is a bit of exception because it is an external package.
I have also had bug reports which later turned out that a wrong pinentry was used; I prefer to know eactly which pinentry is used. Regarding your concrete problem I suggested to add a note with the full name of the pinentry or to change the error message to something better understandable.

Jul 1 2019, 9:34 PM · gnupg (gpg23), gpgagent
dkg added a comment to T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path.

So this is a defense against an adversary capable of creating a pinentry-wrapper somewhere in $PATH, but not capable of modifying gpg-agent.conf? It sounds to me like this is a defense against a very unusually-constrained attacker, at the expense of regular, common bug reports and user confusion.

Jul 1 2019, 6:24 PM · gnupg (gpg23), gpgagent
werner removed a project from T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path: Bug Report.

GnuPG invokes its components always with their absolute file name. We want to mitigate attacks where malware creates a pinentry wrapper somewhere in an improper set PATH.

Jul 1 2019, 10:02 AM · gnupg (gpg23), gpgagent
gniibe changed the status of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 from Open to Testing.
Jul 1 2019, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG526714806da4: tools: gpgconf: Killing order is children-first..
Jul 1 2019, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG7c877f942a34: tools: gpgconf: Killing order is children-first..
Jul 1 2019, 6:13 AM · gpgagent, gnupg, Bug Report

Jun 27 2019

dkg created T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path.
Jun 27 2019, 5:35 PM · gnupg (gpg23), gpgagent

Jun 25 2019

werner triaged T4580: Update the password checking algorithm as Low priority.
Jun 25 2019, 10:24 AM · gpgagent, Feature Request
dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

I'm unlikely to put a windows-specific patch into the debian source, as
i have no good way of testing it, and it wouldn't affect any binary that
we ship.

Jun 25 2019, 2:57 AM · gpgagent, gnupg, Bug Report

Jun 24 2019

gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@dkg, for your patch, it can be improved for Windows by using its event mechanism. You can see gnupg/scd/scdaemon.c.

Jun 24 2019, 4:00 AM · gpgagent, gnupg, Bug Report
dkg updated subscribers of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Hm, T4521 suggests that the two different cases should not be treated differently. If you think that they *should* cause distinct behavior, please do mention it over there!

Jun 24 2019, 2:24 AM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

There are two different cases: (1) By SIGTERM and (2) By KILLAGENT. It's true that the agent stops accepting on the listening socket for (1), but it's not the case for (2).
This particular problem is for the case (2).

Jun 24 2019, 1:59 AM · gpgagent, gnupg, Bug Report

Jun 21 2019

dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@gniibe, thanks for the diagnosis! I agree that restarting or shutting down the backends should be done in the reverse order as a simple workaround.

Jun 21 2019, 6:24 PM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Correct solution is to implement KILLAGENT synchronously, but it's somehow harder to implement.
Easier workaround is modifying gpgconf like:

Jun 21 2019, 3:47 AM · gpgagent, gnupg, Bug Report
gniibe edited projects for T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32, added: gnupg, gpgagent; removed gnupg (gpg22).

I found a race condition between KILLAGENT command and accepting another request.
Here is a patch to replicate the race condition :

Jun 21 2019, 2:33 AM · gpgagent, gnupg, Bug Report

Jun 4 2019

gniibe closed T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry as Resolved.
Jun 4 2019, 2:38 AM · Bug Report, gpgagent

May 29 2019

ideaantenna updated the task description for T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.
May 29 2019, 6:55 PM · Not A Bug, gnupg, gpgme, Bug Report
ideaantenna added projects to T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0: gpgme, gnupg.
May 29 2019, 6:52 PM · Not A Bug, gnupg, gpgme, Bug Report
ideaantenna updated the task description for T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.
May 29 2019, 6:39 PM · Not A Bug, gnupg, gpgme, Bug Report
ideaantenna updated the task description for T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.
May 29 2019, 6:35 PM · Not A Bug, gnupg, gpgme, Bug Report
ideaantenna created T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.
May 29 2019, 6:30 PM · Not A Bug, gnupg, gpgme, Bug Report

May 28 2019

maiden_taiwan added a comment to T4542: gpg-agent loses characters when prompting for a GPG passphrase over SSH in Emacs.

I also tried adding this to my gpg-agent.conf file:

May 28 2019, 2:05 PM · Emacs, Documentation, pinentry, Bug Report
maiden_taiwan added a comment to T4542: gpg-agent loses characters when prompting for a GPG passphrase over SSH in Emacs.

Oh, in case it wasn't clear, the idea that another application (GNU emacs) is receiving keystrokes meant for the gpg-agent prompt is probably a security risk....

May 28 2019, 2:01 PM · Emacs, Documentation, pinentry, Bug Report
maiden_taiwan created T4542: gpg-agent loses characters when prompting for a GPG passphrase over SSH in Emacs.
May 28 2019, 2:00 PM · Emacs, Documentation, pinentry, Bug Report

May 27 2019

werner added a commit to T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon.: rG9ccdd59e4e1e: agent: Stop scdaemon after reload when disable_scdaemon..
May 27 2019, 9:24 AM · Bug Report, scd, gpgagent

May 23 2019

gniibe closed T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon. as Resolved.

Simply sending "KILLSCD" is implemented.

May 23 2019, 3:19 AM · Bug Report, scd, gpgagent
gniibe added a commit to T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon.: rG7158a5696dc8: agent: Stop scdaemon after reload when disable_scdaemon..
May 23 2019, 3:18 AM · Bug Report, scd, gpgagent

May 21 2019

werner closed T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte as Resolved.

Also fixed for 2.2

May 21 2019, 9:16 AM · gpgagent, ssh
werner added a commit to T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte: rG6e39541f4f48: agent: For SSH key, don't put NUL-byte at the end..
May 21 2019, 9:16 AM · gpgagent, ssh
werner closed T4273: agent: Request insertion of smartcard when no card present as Resolved.

The behaviour related to ssh key access is due to the way ssh works: After a connection has been established to a server ssh presents to to the server all identities (public keys) it has access to (meaning it has a corresponding private key). Thus we can't tell ssh all the keys we have because that would be an information leak and may also take too long. Because the user may in some cases not want to use the ssh-agent but resort to ssh command line input of the passphrase, we do not insist on using a key known by gpg-agent.

May 21 2019, 9:13 AM · Feature Request, Documentation, gpgagent