Feed Advanced Search

Fri, May 17

werner triaged T4520: gpg --verify foo.asc --output foo yields a warning when everything is good as Normal priority.

At the time the verification is done some output has already been written to the file 'signed'. When checking whether the deprecated abbreviated format

Fri, May 17, 1:03 PM · OpenPGP, gnupg

Thu, May 9

werner triaged T4489: gpg --quick-add-key should be able to add an existing key as a subkey, not just generating a new one as Normal priority.
Thu, May 9, 8:09 AM · gnupg, OpenPGP, Feature Request

Mon, May 6

werner added a comment to T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage.

The digest algorithm used is computed based on the preferences in the key if encryption is also used. Thus this should always work and any decent key has sha256 in its preferences. In case sha1 has a higher precedence, as seen on old keys, --personal-digest-preferences can be used to prefer sha256. However, it is way better to fix the key. The easisies way to do that is to change the expiration date - then the new standard preferences will be used.

Mon, May 6, 1:41 PM · OpenPGP, gnupg
werner added a project to T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage: OpenPGP.
Mon, May 6, 1:36 PM · OpenPGP, gnupg

Apr 3 2019

werner triaged T4446: please add --quick-revoke-subkey as Normal priority.
Apr 3 2019, 10:46 PM · OpenPGP, gnupg (gpg23), Feature Request

Mar 28 2019

khanhnd.vn added a comment to T4428: Would like to use our card with Kleopatra tool.

Thanks so much your helps.
With new version 3.1.6, I can generate key on Kleopatra tool and use key stored in smartcard.

Mar 28 2019, 3:39 AM · scd, OpenPGP, Bug Report, gpg4win

Mar 27 2019

aheinecke closed T4264: Gpg4win 3.1.6, a subtask of T4428: Would like to use our card with Kleopatra tool, as Resolved.
Mar 27 2019, 1:54 PM · scd, OpenPGP, Bug Report, gpg4win

Mar 26 2019

werner closed T4428: Would like to use our card with Kleopatra tool as Resolved.
Mar 26 2019, 6:46 PM · scd, OpenPGP, Bug Report, gpg4win
aheinecke added a subtask for T4428: Would like to use our card with Kleopatra tool: T4264: Gpg4win 3.1.6.
Mar 26 2019, 12:08 PM · scd, OpenPGP, Bug Report, gpg4win
aheinecke changed the status of T4428: Would like to use our card with Kleopatra tool from Open to Testing.

There was indeed a problem. With a test card I could reproduce the issue and fix it.

Mar 26 2019, 12:08 PM · scd, OpenPGP, Bug Report, gpg4win
aheinecke added a commit to T4428: Would like to use our card with Kleopatra tool: rMffdb75217bc0: cpp: Fix GenCardKeyInteractor and extend it.
Mar 26 2019, 12:05 PM · scd, OpenPGP, Bug Report, gpg4win
werner added projects to T4428: Would like to use our card with Kleopatra tool: OpenPGP, scd.
Mar 26 2019, 7:50 AM · scd, OpenPGP, Bug Report, gpg4win

Feb 22 2019

werner triaged T4370: Generate revocation certificates for subkey(s) as Normal priority.
Feb 22 2019, 8:47 AM · OpenPGP, gnupg, Feature Request

Jan 29 2019

werner created T4353: Make gnupg's openpgp_oid_to_str faster.
Jan 29 2019, 5:50 PM · OpenPGP, gnupg

Dec 28 2018

werner renamed T4299: Problem to verify PGP key used by Microsoft from Problem to verify PGP key to Problem to verify PGP key used by Microsoft.
Dec 28 2018, 6:14 PM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I contacted Microsoft Security Response Center (MSRC) in regard to this matter. They confirmed the failed PGP key verification, but have not yet any explanation for that.

Dec 28 2018, 4:12 PM · gpgol, gpg4win

Dec 21 2018

BenM added a comment to T4299: Problem to verify PGP key used by Microsoft.

What are MS doing when they get it right, though? I'd look at the differences between those two to identify what they've messed up here.

Dec 21 2018, 8:18 PM · gpgol, gpg4win
werner updated subscribers of T4299: Problem to verify PGP key used by Microsoft.

Thanks. The mail is a standard, non-crypto mail with one attachment. That attachment is a TNEF file which has according to ytnef(1) just one file. That file has the name gpgolPGP.dat and contains a clearsigned message.

Dec 21 2018, 1:19 PM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Sure, I zipped the eml which failed and I´ll send it by e-mail to you

Dec 21 2018, 9:38 AM · gpgol, gpg4win
werner added a comment to T4299: Problem to verify PGP key used by Microsoft.

Is it possible that you upload or send me a copy of such a mail (wk gnupg.org)? ZIP or tar the eml file and send it in an encrypted mail to me to make sure it won't be modified on the transport.

Dec 21 2018, 8:37 AM · gpgol, gpg4win

Dec 20 2018

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I checked my mails in detail, and I can confirm that the error occurs only with "Microsoft security update releases". Indeed "Microsoft security advisory notification" and "Microsoft security update summary for..." will be verified correctly.

Dec 20 2018, 9:39 PM · gpgol, gpg4win
jmrexach added a comment to T4299: Problem to verify PGP key used by Microsoft.

I agree. It also happens to me. But only with mails coming from "Microsoft security update releases". Mails coming form "Microsoft security advisory notification" and Microsoft security update summary for..." are ok and are signed by the same key. It could be some trouble in MS automated email treatment.

Dec 20 2018, 7:50 PM · gpgol, gpg4win
werner edited projects for T4299: Problem to verify PGP key used by Microsoft, added: FAQ, OpenPGP; removed Bug Report.
Dec 20 2018, 8:40 AM · gpgol, gpg4win

Nov 8 2018

Valodim added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

Fair enough. Let's wait and see what others think.

Nov 8 2018, 1:24 PM · Not A Bug, OpenPGP, gnupg
werner closed T4235: GnuPG doesn't respect key flags when decrypting as Resolved.

Also consider that it is possible to change the key usage flags. Thus it will never be clear whether one has a fixed or unfixed public key. I'd like to close this bug because it is currently also discussed in the IETF WG.

Nov 8 2018, 1:10 PM · Not A Bug, OpenPGP, gnupg

Nov 5 2018

werner closed T3773: private subkeys are never deleted on non-master instances as Invalid.

No info received.

Nov 5 2018, 10:12 AM · Info Needed, OpenPGP, gnupg (gpg22), Bug Report

Oct 30 2018

stm added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

There is another argument for respecting the usage flags: it trims the admissible key space, if key ID in the PKESK packet is zero ('wild card') and thus all private keys have to be considered for decryption.

Oct 30 2018, 9:48 PM · Not A Bug, OpenPGP, gnupg

Oct 29 2018

aheinecke added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

I disagree, and you don't have to try to convince me, the decision is with werner. I just want to give my opinion:
Bug compatibility is nothing esoteric or bad especially for a general purpose backend tool like gnupg. Being open to accepting broken input is a good thing because it will mean that we can get people out of a "broken tool vendor lock in".

Oct 29 2018, 8:29 PM · Not A Bug, OpenPGP, gnupg
dkg added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

i agree with @Valodim that it would be better to not have a warning at all for an attempt to decrypt from secret key whose public key has never been marked as valid for encryption. A strict failure there (as with a strict failure for lack of mdc) is a better scenario than a warning. If the user controls the secret key and they decide they want to be able to decrypt with it, they should be able to mark it as decryption-capable (if that's really what they want) and retry. But this is an action only for experts.

Oct 29 2018, 8:04 PM · Not A Bug, OpenPGP, gnupg
Valodim added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

The same *cannot* be said for a subkey that is marked specifically for certification or signing, and not for decryption.

Oct 29 2018, 7:57 PM · Not A Bug, OpenPGP, gnupg
dkg added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

I understand the real world requirement for decrypting messages that have been encrypted to a revoked or expired key.

Oct 29 2018, 7:43 PM · Not A Bug, OpenPGP, gnupg
werner triaged T4235: GnuPG doesn't respect key flags when decrypting as Low priority.

I don't see a problem. If you have the private key you can and will use it. I guess your concern is an oracle?

Oct 29 2018, 8:47 AM · Not A Bug, OpenPGP, gnupg

Oct 18 2018

adam added a comment to T4189: GngOL cannot decrypt title nor sender; How to disable certificate selection dialog?.

Dear aheinecke,

Oct 18 2018, 1:04 PM · kleopatra, gnupg, Enigmail, OpenPGP, gpgol
aheinecke closed T4189: GngOL cannot decrypt title nor sender; How to disable certificate selection dialog? as Invalid.

Hi Adam,

Oct 18 2018, 12:26 PM · kleopatra, gnupg, Enigmail, OpenPGP, gpgol

Oct 17 2018

adam created T4189: GngOL cannot decrypt title nor sender; How to disable certificate selection dialog? in the S1 Public space.
Oct 17 2018, 11:49 AM · kleopatra, gnupg, Enigmail, OpenPGP, gpgol

Jun 24 2018

werner triaged T4042: RFC 4880 compliance as Normal priority.
Jun 24 2018, 9:50 PM · OpenPGP, gnupg

Feb 22 2018

werner triaged T3773: private subkeys are never deleted on non-master instances as Low priority.
Feb 22 2018, 10:33 AM · Info Needed, OpenPGP, gnupg (gpg22), Bug Report

Feb 6 2018

werner added projects to T3773: private subkeys are never deleted on non-master instances: gnupg (gpg22), OpenPGP.
Feb 6 2018, 6:30 PM · Info Needed, OpenPGP, gnupg (gpg22), Bug Report

Nov 20 2017

werner triaged T3513: Change of trust of new uid not immediately reflected in user interface as Normal priority.

To compute the key validity (trust) more information may be needed and we can only do that after the changes have been saved. Further, no-auto-chec-trustdb will anyway delay that computation until "gpg --check-trustdb" is run (e.g. by a cron job).

Nov 20 2017, 8:44 AM · OpenPGP, gnupg (gpg23), Feature Request

Sep 8 2017

attila.lendvai added a comment to T3391: cannot import subkey that was once marked to be on a card.

success, thank you for the help!

Sep 8 2017, 1:06 PM · gnupg, OpenPGP, Bug Report
gniibe claimed T3391: cannot import subkey that was once marked to be on a card.
Sep 8 2017, 12:48 PM · gnupg, OpenPGP, Bug Report
gniibe added a comment to T3391: cannot import subkey that was once marked to be on a card.

In GnuPG 2.1, secret keys are under control of gpg-agent. Currently, it is not deleted by gpg frontend.
Please run:

$ gpg -K --with-keygrip
Sep 8 2017, 12:48 PM · gnupg, OpenPGP, Bug Report
attila.lendvai updated the task description for T3391: cannot import subkey that was once marked to be on a card.
Sep 8 2017, 12:12 PM · gnupg, OpenPGP, Bug Report

Sep 7 2017

attila.lendvai created T3391: cannot import subkey that was once marked to be on a card.
Sep 7 2017, 4:00 PM · gnupg, OpenPGP, Bug Report

Aug 27 2017

werner triaged T3373: Unusual incompatibility with PGP6 PhotoID's as Low priority.

IIRC, rfc2440 did not forbid partial length encoding for key-material so gpg could use that. rfc4880 limits partial length encoding to non-key-material which causes this error message.

Aug 27 2017, 9:04 PM · OpenPGP, gnupg, Bug Report

Aug 26 2017

Kelbom68 added a comment to T3372: Long preference lists resetting each other.

Well, I'd expect gpg not to alter my digest/compression preferences when changing my cipher preferences and vice versa. So if a user's going to have to lose his previously set preferences for a key in this manner because that's the only reasonably viable way of maintaining backwards compatibility, I think it would be appropriate to let him know beforehand and also suggest that he set it all up at once (as I've so described above) so that nothing is lost in the process.

Aug 26 2017, 7:39 PM · OpenPGP, gnupg, Bug Report
werner triaged T3372: Long preference lists resetting each other as Normal priority.

The way the setpref command works is implementation specific and thus the OpenPGP standard is irrelevant here
.
Are you requesting a change in the behaviour of the setpref command? That would not be easy to implement for backward compatibility.

Aug 26 2017, 6:22 PM · OpenPGP, gnupg, Bug Report

Jul 27 2017

werner added a project to T2313: gpg --import of secret keys prompts for passwords in 2.1: S/MIME.

Well, iff we implement that for gpg we also need to implement it for gpgsm.

Jul 27 2017, 9:41 AM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP
werner edited projects for T2313: gpg --import of secret keys prompts for passwords in 2.1, added: Feature Request; removed Bug Report.
Jul 27 2017, 9:40 AM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP

Jul 24 2017

marcus added a project to T2313: gpg --import of secret keys prompts for passwords in 2.1: Stalled.

A decision must be made what the desired behaviour should be.

Jul 24 2017, 5:25 PM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP

Jun 22 2017

thomas added a comment to T1291: signatures to OpenPGP keys no longer expire by default if the signed key expires.
  • marcus (Marcus Brinkmann) <noreply@dev.gnupg.org> [20170622 16:41]:
So, the default change 7y ago and the world didn't end. Closing this.
Jun 22 2017, 4:52 PM · gnupg, OpenPGP, Feature Request
marcus closed T1291: signatures to OpenPGP keys no longer expire by default if the signed key expires as Wontfix.

So, the default change 7y ago and the world didn't end. Closing this.

Jun 22 2017, 4:41 PM · gnupg, OpenPGP, Feature Request

May 17 2017

srgblnchtrn added a watcher for OpenPGP: srgblnchtrn.
May 17 2017, 9:20 AM

Apr 7 2017

gp_ast added a watcher for OpenPGP: gp_ast.
Apr 7 2017, 2:35 PM

Mar 30 2017

admin created OpenPGP.
Mar 30 2017, 6:42 PM

Feb 14 2017

aheinecke closed T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase as Resolved.
Feb 14 2017, 1:43 PM · gnupg, OpenPGP, Bug Report
aheinecke added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

Tested this again with 2.1.18 and it works now as expected. Export secret key
just exports a key if it has no passphrase. So I think this issue can be marked
as resolved.

Feb 14 2017, 1:43 PM · gnupg, OpenPGP, Bug Report

Sep 7 2016

werner added a comment to T2241: Encrypt to all encryption subkeys.

It is a hack in OpenKeychain to allow the use of several devices. Frankly, I am
not sure whether this is really a good idea: The security is limited by the key
for the least secure device.

Sep 7 2016, 11:20 AM · gnupg, OpenPGP, Feature Request

Sep 6 2016

dkg added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

So i've tested this locally with:

    export GNUPGHOME=$(mktemp -d)
    gpg --quick-gen-key 'test user <test@example.org>'
    gpg --armor --export-secret-key 'test user <test@example.org>'

(choosing no passphrase during the prompts that come up during the quick-gen-key
step). The final export step works fine.

Can you show what steps you're taking that fail for you, Andre?

Sep 6 2016, 5:08 AM · gnupg, OpenPGP, Bug Report

Sep 5 2016

aheinecke changed Version from 2.1.11 to 2.1.15 on T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.
Sep 5 2016, 2:40 PM · gnupg, OpenPGP, Bug Report
aheinecke added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

I'm using latest master and I still can't export a secret key without passphrase.

And Justus also has not closed this bug or wrote that he commited something
more. So I think the 2.1.13 announcement was mistaken and this problem still
exists. (Or am I missing some option / need a different pinentry mode?)

Sep 5 2016, 2:40 PM · gnupg, OpenPGP, Bug Report

Jul 14 2016

werner removed a project from T2402: New option to encrypt with a key taken from a file: Unreleased.
Jul 14 2016, 7:13 PM · gnupg, OpenPGP, Feature Request

Jul 6 2016

werner added a project to T2402: New option to encrypt with a key taken from a file: Unreleased.
Jul 6 2016, 4:10 PM · gnupg, OpenPGP, Feature Request
werner added a comment to T2402: New option to encrypt with a key taken from a file.

We got it for 2.1: -f or --recipient-file

Jul 6 2016, 4:10 PM · gnupg, OpenPGP, Feature Request
werner closed T2402: New option to encrypt with a key taken from a file as Resolved.
Jul 6 2016, 4:10 PM · gnupg, OpenPGP, Feature Request

Jun 29 2016

werner added projects to T2402: New option to encrypt with a key taken from a file: Feature Request, OpenPGP, gnupg.
Jun 29 2016, 12:40 PM · gnupg, OpenPGP, Feature Request

Jun 27 2016

bernhard added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

Hi,
the 2.1.13 announcement has
"""

  • gpg: Allow export of non-passphrase protected secret keys.

"""
(from https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000390.html)
so this defect may be fixed with 2.1.13 I guess, cool!
Probably only need a test to confirm?

Jun 27 2016, 5:37 PM · gnupg, OpenPGP, Bug Report

Jun 6 2016

aheinecke added a comment to T2380: Auto-refresh key if it is close to its expiration date..

Replacing revoked keys made me wonder if we actually need an auto-refresh key.
If we try to return one valid key with --locate-keys wouldn't it make more sense
semantically if we use the auto-key-locate mechanisms with locate-keys when a
key is expired in the local store?

This would also work better for revoked keys where a Parcimonie style auto
refresh would pick up the revocation and locate-keys would then look for a new key.

Jun 6 2016, 3:56 PM · gnupg, OpenPGP, Feature Request
werner added projects to T2380: Auto-refresh key if it is close to its expiration date.: Feature Request, OpenPGP, gnupg.
Jun 6 2016, 11:40 AM · gnupg, OpenPGP, Feature Request

Jun 1 2016

bernhard added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

I can confirm one defect with 2.1.11:
The ability to export a secret key without passphrase available in gnupg2.0
is gone. My use case is to write a testcase that automatically imports the key.

Jun 1 2016, 3:27 PM · gnupg, OpenPGP, Bug Report

May 27 2016

justus added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

I did not work on this other than what I merged. What I did is to enhance our
fake pinentry program to allow it to supply different passphrases, make it write
a log so that we can quantify the pinentry interaction in test cases, and to add
an export test documenting the status quo.

May 27 2016, 6:02 PM · gnupg, OpenPGP, Bug Report
werner added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

The question at hand is whether dkg's patch or Justus work is the way to go. I
have not yet reviewed dkg's patch, though.

May 27 2016, 11:42 AM · gnupg, OpenPGP, Bug Report
werner added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

dgk: You are right that Pinentry may be used even with --batch. In fact gpgme
uses --batch and a Pinentry is used nevertheless.

Right, there are no technical means right now to inhibit the export of private
keys. However, it would be easy to add this by not allowing gpg-agent to tell
the client the key used to encrypt the import/export command of keys.

A user migyt have used no passphrase for a key in the believe that an
unprotected key can't be exported.

May 27 2016, 11:41 AM · gnupg, OpenPGP, Bug Report

May 23 2016

dkg added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

I'm not convinced that this policy is effectively implemented in gpg-agent.

The patch series that starts here:

https://lists.gnupg.org/pipermail/gnupg-devel/2016-May/031121.html

resolves the export of secret key material stored as cleartext, and it does so
without modifying gpg-agent at all.

fwiw, I do not agree with T2324 (justus on Apr 18 2016, 05:22 PM / Roundup) that gpg --batch should not use pinentry at
all -- i think it's quite useful to be able to combine --batch with pinentry,
where the key is stored protected, or is otherwise marked by gpg-agent for
limited use.

May 23 2016, 6:21 PM · gnupg, OpenPGP, Bug Report

May 10 2016

werner added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

re: T2324 (justus on Apr 18 2016, 05:22 PM / Roundup)

  1. gpg --export-secret-key should export unprotected keys that are stored w/o a passphrase"

That would violate the policy we implement in gpg-agent. The
gpg-agent is responsible for private keys and a client may not use a
private key without the agent's consent. If we would allow that by
default there won't be any protection at all and keys can be easily
exported and used. A required confirmation via the Pinentry would
solve the practical problem. However, there is the question what to
do on unattended systems - the only way it can be done right now is
configuring gpg-agent to use a custom pinentry, or by extending the
loopback mode.

May 10 2016, 10:13 AM · gnupg, OpenPGP, Bug Report

Apr 20 2016

justus added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

Werner: Yes please.

Apr 20 2016, 10:53 AM · gnupg, OpenPGP, Bug Report

Apr 19 2016

werner added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

I have some stashed work to fix this but it is not ready - let me know if you
want to work on it.

Apr 19 2016, 8:09 PM · gnupg, OpenPGP, Bug Report
justus added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

*See also T2070

Apr 19 2016, 1:00 PM · gnupg, OpenPGP, Bug Report
werner added a comment to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase.

See also issue20170

Apr 19 2016, 10:46 AM · gnupg, OpenPGP, Bug Report
werner added projects to T2324: gpg --batch --export-secret-key fails (requires user interaction) if key has no passphrase: OpenPGP, gnupg.
Apr 19 2016, 10:46 AM · gnupg, OpenPGP, Bug Report

Apr 15 2016

dkg added a comment to T2313: gpg --import of secret keys prompts for passwords in 2.1.

I understand the reason for re-encrypting -- i'm quite happy that the agent is
sensible about improving the security of the key when it adopts it.

my concern is that users don't know what to expect, and that different workflows
result in different sets of keys stored in the agent.

So i'd recommend that when importing without --batch, if the password fails for
any reason, gpg should fall back to the fast migration "kludge" rather than just
skipping that keyblock. That way the imported secret key material will still be
available and can be cleaned up/hardened on first successful use.

Apr 15 2016, 2:20 PM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP
werner added projects to T2313: gpg --import of secret keys prompts for passwords in 2.1: OpenPGP, gnupg.
Apr 15 2016, 8:38 AM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP
werner set Version to 2.1 on T2313: gpg --import of secret keys prompts for passwords in 2.1.
Apr 15 2016, 8:38 AM · S/MIME, Feature Request, Stalled, gnupg, OpenPGP

Mar 23 2016

gniibe claimed T2285: decryption fails with "Missing item in object" even though private key is available.
Mar 23 2016, 3:52 AM · Info Needed, Bug Report, gnupg, scd
gniibe added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

Thank you for your report and the log, but it doesn't have useful information so
that I can debug.

The information of card reader is required, if the problem happens for specific
card reader only. Please include full log which includes card reader information.

Mar 23 2016, 3:52 AM · Info Needed, Bug Report, gnupg, scd

Mar 22 2016

werner updated subscribers of T2285: decryption fails with "Missing item in object" even though private key is available.
Mar 22 2016, 6:03 PM · Info Needed, Bug Report, gnupg, scd
werner added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

There seems to be a problem with your reader. We would need to closer analyze
the log (which I copy below):

DBG: send apdu: c=00 i=A4 p1=00 p2=0C lc=2 le=-1 em=0
DBG: ccid-driver: PC_to_RDR_IccPowerOn:
DBG: ccid-driver: dwLength ..........: 0
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 145
DBG: ccid-driver: bPowerSelect ......: 0x01 (5.0 V)
DBG: ccid-driver: [0008] 00 00
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 21
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 145
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] 3B DA 18 FF 81 B1
DBG: ccid-driver: [0016] FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C
DBG: ccid-driver: PC_to_RDR_XfrBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 146
DBG: ccid-driver: bBWI ..............: 0x00
DBG: ccid-driver: wLevelParameter ...: 0x0000
DBG: ccid-driver: [0010] FF 11 18 F6
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 146
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] FF 11 18 F6
DBG: ccid-driver: PC_to_RDR_SetParameters:
DBG: ccid-driver: dwLength ..........: 7
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 147
DBG: ccid-driver: bProtocolNum ......: 0x01
DBG: ccid-driver: [0008] 00 00 18 10 FF 75 00 FE
DBG: ccid-driver: [0016] 10
DBG: ccid-driver: RDR_to_PC_Parameters:
DBG: ccid-driver: dwLength ..........: 7
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 147
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: protocol ..........: T=1
DBG: ccid-driver: bmFindexDindex ....: 18
DBG: ccid-driver: bmTCCKST1 .........: 10
DBG: ccid-driver: bGuardTimeT1 ......: FF
DBG: ccid-driver: bmWaitingIntegersT1: 75
DBG: ccid-driver: bClockStop ........: 00
DBG: ccid-driver: bIFSC .............: 254
DBG: ccid-driver: bNadValue .........: 16
DBG: ccid-driver: PC_to_RDR_XfrBlock:
DBG: ccid-driver: dwLength ..........: 5
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 148
DBG: ccid-driver: bBWI ..............: 0x00
DBG: ccid-driver: wLevelParameter ...: 0x0000
DBG: ccid-driver: [0010] 10 C1 01 FE 2E
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 148
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] 00 82 00 82
DBG: ccid-driver: invalid response for S-block (Change-IFSD)
apdu_send_simple(0) failed: unknown host status error
DBG: send apdu: c=00 i=A4 p1=04 p2=00 lc=6 le=-1 em=0

Mar 22 2016, 6:03 PM · Info Needed, Bug Report, gnupg, scd

Mar 21 2016

jlp added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

Without pcscd running, I get a "Not supported" error. The scd.log is attached.
Using pcscd, it works, except for that special case.

Mar 21 2016, 10:13 PM · Info Needed, Bug Report, gnupg, scd
jlp added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

Mar 21 2016, 10:13 PM · Info Needed, Bug Report, gnupg, scd
werner added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

debug 2048
debug 1024

is what I need.

Mar 21 2016, 10:57 AM · Info Needed, Bug Report, gnupg, scd
werner added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

Thanks. We need to know some more detailed information. Please
put

debug 2018
debug 1024
log-file /somewhere/scd.log

into scdaemon.conf, kill scdaemon and try again. It seems you have not yet been
asked for a PIN so the log won't reveal the PIN. Anyway, you may want to send
the log to me by PM (wk@gnupg.org - key 1e42b367).

Mar 21 2016, 10:56 AM · Info Needed, Bug Report, gnupg, scd

Mar 19 2016

jlp added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

Fails with 2.0.29 too, compiled from source. With enabled debug-all verbose in
scdaemon.conf, the log ends with:

2016-03-19 10:12:09 scdaemon[1988] DBG: response: sw=6A88 datalen=0
2016-03-19 10:12:09 scdaemon[1988] operation decipher result: Missing item in object
2016-03-19 10:12:09 scdaemon[1988] app_decipher failed: Missing item in object
scdaemon[1988]: chan_7 -> ERR 100663364 Missing item in object <SCD>
scdaemon[1988]: chan_7 <- RESTART
scdaemon[1988]: chan_7 -> OK

Mar 19 2016, 9:22 AM · Info Needed, Bug Report, gnupg, scd

Mar 17 2016

werner added a comment to T1361: Trust Signatures and Owner (Introducer) Trust.

We should create a test case for trust signatures before we start to fix it.

Mar 17 2016, 4:07 PM · gnupg, Bug Report, OpenPGP
werner added a project to T2285: decryption fails with "Missing item in object" even though private key is available: Info Needed.
Mar 17 2016, 3:39 PM · Info Needed, Bug Report, gnupg, scd
werner added a comment to T2285: decryption fails with "Missing item in object" even though private key is available.

The current version is 2.0.29 - please try again using this version.

Mar 17 2016, 3:39 PM · Info Needed, Bug Report, gnupg, scd

Mar 12 2016

jlp set Version to 2.0.26 on T2285: decryption fails with "Missing item in object" even though private key is available.
Mar 12 2016, 3:29 PM · Info Needed, Bug Report, gnupg, scd
jlp added projects to T2285: decryption fails with "Missing item in object" even though private key is available: scd, OpenPGP, gnupg, Bug Report.
Mar 12 2016, 3:29 PM · Info Needed, Bug Report, gnupg, scd

Mar 1 2016

neal closed T2252: Provide --alternate-keyserver to avoid "No valid OpenPGP data found" response as Resolved.
Mar 1 2016, 11:53 AM · gnupg, OpenPGP, Feature Request
neal added a comment to T2252: Provide --alternate-keyserver to avoid "No valid OpenPGP data found" response.

Marking as resolved since this is available in 2.1 and we are not going to
backport this to 1.4 or 2.0. Thanks.

Mar 1 2016, 11:53 AM · gnupg, OpenPGP, Feature Request

Feb 15 2016

werner added a comment to T2252: Provide --alternate-keyserver to avoid "No valid OpenPGP data found" response.

I guess you are reporting for GnuPG 2.0 or 1.4.
We already implemented your suggestion in 2.1.

Feb 15 2016, 8:44 PM · gnupg, OpenPGP, Feature Request