Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Sep 25 2024

werner moved T6579: gnupg-2.4.3 build failure from Backlog to gnupg-2.4.4 on the gnupg24 board.
Sep 25 2024, 4:29 PM · gnupg24 (gnupg-2.4.4), Gentoo, Bug Report

Aug 7 2024

werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

FWIW, I received that mail but I hope that this bug is at least fixed with today's fix for T7213. Thus not re-opening.

Aug 7 2024, 11:47 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Jun 6 2024

werner archived gnupg24 (gnupg-2.4.4).
Jun 6 2024, 12:06 PM
werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key, a subtask of T6752: New minip12 does not import from Firefox anymore, as Resolved.
Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key as Resolved.

Can't find a mail - closing the ticket. Feel free to reopen or send me a mail to werner dot koch at gnupg.org but replace the org by com.

Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

May 21 2024

werner triaged T7129: Fix static reports by static analyser in gnugp as Normal priority.

Thanks for running the analyzer. We need to have a closer look at the suggested fixes. For example initializing a variable needs a reason and should not be done as a general precaution because that may hide other errors.

May 21 2024, 11:19 AM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report

May 20 2024

Jakuje renamed T7129: Fix static reports by static analyser in gnugp from Fix static reports by static analyser to Fix static reports by static analyser in gnugp.
May 20 2024, 7:13 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
Jakuje created T7129: Fix static reports by static analyser in gnugp.
May 20 2024, 7:08 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report

Mar 6 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

I've sent you an email about it. It might have html elements due to markdown-here.

Mar 6 2024, 5:02 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Sorry, for not following up earlier. Can you please do me a favor and run the last tests again, this time adding -v and --debug 1 to the invocation? Feel free to forward the output to my private address is that is easier (wk at gnupg.org).

Mar 6 2024, 12:19 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Mar 4 2024

werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.

See also: https://gnupg.org/blog/20240125-smartcard-backup-key.html

Mar 4 2024, 3:38 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report

Feb 7 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

The additional debug info are:

gpgsm: DBG: p12_parse:1998: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2021: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2054: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2061: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2069: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2081: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 4
gpgsm:              unchanged: 4
Feb 7 2024, 6:32 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

0001-Test-patch.patch3 KBDownload

Feb 7 2024, 9:09 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 6 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Could you write a quick patch file for that? (I don't have a working source build, I am using the Fedora spec file + patches)

Feb 6 2024, 5:18 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

The old debug output is in genral okay but what I would do is to add a couple of log_debug calls like

Feb 6 2024, 5:16 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

@werner I managed to recover the old .p12 that has the error. And this is still replicable. Is there a debug flag that would be useful or can we setup some private live-debugging for this?

Feb 6 2024, 12:18 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 5 2024

werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

I would have expected an error message right after

Feb 5 2024, 8:09 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 4 2024

Angel added a comment to T6972: Explicitly deprecate --use-embedded-filename -- it is hazardous.

I agree. Any automatic use of the embedded filename will be potentially problematic security-wise. The only safe use is probably as a value in an interactive dialog, and even then, only if the user doesn't accept a dangerous value.

Feb 4 2024, 11:51 PM · Documentation, gnupg, patch
Angel merged T2759: Misleading error message when trying to sign with an expired key into T4704: Wrong error message when key is expired.
Feb 4 2024, 3:55 AM · gnupg24 (gnupg-2.4.4), UI, Bug Report

Feb 2 2024

dkg added a comment to T6972: Explicitly deprecate --use-embedded-filename -- it is hazardous.

The patch supplied here should apply to STABLE-BRANCH-2-4, but it should also be easy enough to backport to STABLE-BRANCH-2-2 and STABLE-BRANCH-1-4. For GnuPG master, i recommend actually removing the option.

Feb 2 2024, 9:14 PM · Documentation, gnupg, patch
dkg created T6972: Explicitly deprecate --use-embedded-filename -- it is hazardous.
Feb 2 2024, 9:12 PM · Documentation, gnupg, patch
lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Unfortunately I have deleted the .p12 with the CA chain, and I don't know how I've generated it. It also contained my production certificates so, kinda sensitive to upload here.

Feb 2 2024, 5:49 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Okay, I push the change for the extended salt size. Regarding the import of CA certificates, I have not seen any problems. In fact it is pretty common. Did you test with with 2.4.4. A test file would be helpful.

Feb 2 2024, 5:33 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Ok, I have tried again the series of workarounds that I initially posted on the main description, and I managed to fix it by striping the CA certificates. So the current issues here are:

Feb 2 2024, 2:01 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris updated the task description for T6757: gpgsm 2.4 Fails to import P12 certificate/key.
Feb 2 2024, 1:45 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Jan 30 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

We got a bit further, not sure what debug level you want, guru I've found to be too excessive:

Jan 30 2024, 12:20 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Can you please try this patch:

Jan 30 2024, 11:50 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris reopened T6757: gpgsm 2.4 Fails to import P12 certificate/key as "Open".

@werner I have just tested this, and although it fixed it for one certificate, this one in this issue still fails. Here is the new debug given

Jan 30 2024, 9:17 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris reopened T6757: gpgsm 2.4 Fails to import P12 certificate/key, a subtask of T6752: New minip12 does not import from Firefox anymore, as Open.
Jan 30 2024, 9:17 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Jan 29 2024

ebo closed T6806: Fix off by one day in the expiry date calculation, a subtask of T6736: Year 2038 issue for key validity date, as Resolved.
Jan 29 2024, 1:27 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report

Jan 26 2024

werner moved T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t from Backlog to gnupg-2.2.43 on the gnupg22 board.
Jan 26 2024, 1:49 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4)
werner closed T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t as Resolved.

Is in 2.4.4 and will go into 2.2.43

Jan 26 2024, 1:48 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4)

Jan 25 2024

werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2024q1/000481.html on T6578: Release GnuPG 2.4.4.
Jan 25 2024, 6:14 PM · gnupg24 (gnupg-2.4.4), Release Info
werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.

Also fixed in the fortgcoming 2.2.43

Jan 25 2024, 2:05 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report
werner closed T6943: Add tool to detect and clean unsolicited copies of smartcard keys as Resolved.
Jan 25 2024, 11:57 AM · gnupg24 (gnupg-2.4.4), Feature Request
werner moved T6943: Add tool to detect and clean unsolicited copies of smartcard keys from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 25 2024, 11:57 AM · gnupg24 (gnupg-2.4.4), Feature Request
werner shifted T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from the Restricted Space space to the S1 Public space.
Jan 25 2024, 11:56 AM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report
werner closed T6578: Release GnuPG 2.4.4 as Resolved.
Jan 25 2024, 11:38 AM · gnupg24 (gnupg-2.4.4), Release Info
werner moved T6578: Release GnuPG 2.4.4 from WiP to gnupg-2.4.4 on the gnupg24 board.
Jan 25 2024, 11:38 AM · gnupg24 (gnupg-2.4.4), Release Info

Jan 24 2024

ebo moved T6654: gpgsm: p12 passphrase visible in debug output from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 5:08 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), vsd32 (vsd-3.2.0), S/MIME, Restricted Project
werner moved T6379: Kleopatra: Brainpool key can not be moved to smart card from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 4:26 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, kleopatra
werner moved T6052: gnupg2 tpm2d tests do not work from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:46 PM · gnupg24 (gnupg-2.4.4), Tests, TPM, Bug Report
werner moved T6831: May chose a signing key from a not inserted card over an inserted one from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:45 PM · gnupg24 (gnupg-2.4.4), OpenPGP, patch, Bug Report
werner moved T6741: gpg 2.3+ may display garbled characters for date and time in non-English Windows from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:42 PM · gnupg24 (gnupg-2.4.4), i18n, Windows, Bug Report
werner moved T3380: Use exponential backoff when spawning agent and dirmngr from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:40 PM · gnupg24 (gnupg-2.4.4), Feature Request
werner moved T6796: gpg does create socketdir after every operation from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:37 PM · gnupg24 (gnupg-2.4.4), Feature Request
werner moved T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:36 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4)
werner moved T6710: Improve Speedo for Linux to set DT_RUNPATH. from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:34 PM · gnupg24 (gnupg-2.4.4), Feature Request
werner closed T6944: The default card key generation keeps an unprotected backup of the encryption key on disk as Resolved.
Jan 24 2024, 2:31 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report
werner moved T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from WiP to gnupg-2.2.43 on the gnupg22 board.
Jan 24 2024, 2:31 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report
werner moved T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:31 PM · gnupg22 (gnupg-2.2.43), gnupg24 (gnupg-2.4.4), OpenPGP, scd, Bug Report
werner closed T6919: Add support for smartcafe cards as Resolved.
Jan 24 2024, 2:25 PM · gnupg24 (gnupg-2.4.4), Restricted Project, Feature Request, scd
werner moved T6919: Add support for smartcafe cards from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:25 PM · gnupg24 (gnupg-2.4.4), Restricted Project, Feature Request, scd
werner added a comment to T6708: Allow to inhibit the use of a default PGP keyserver.

Fixes are already in GnuPG 2.4.4 and can't be easily tested. Thus closing also for gnupg24

Jan 24 2024, 2:22 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
werner moved T6708: Allow to inhibit the use of a default PGP keyserver from WiP to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:20 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
werner closed T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag as Resolved.

Closing because we believe things are fixed and our test suite confirms that. Feel free to -reopen in case your own file does not import with 2.4.4.

Jan 24 2024, 11:42 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
werner moved T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:41 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
werner moved T6752: New minip12 does not import from Firefox anymore from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:40 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner moved T6940: gpgsm: .p12 AES-256-CBC support from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:38 AM · gnupg24 (gnupg-2.4.4), Feature Request
werner moved T6559: GPGSM: "always trust like override" or "force" option from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:37 AM · gnupg24 (gnupg-2.4.4), gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), Feature Request, gpgol, S/MIME, kleopatra, Restricted Project
werner moved T6757: gpgsm 2.4 Fails to import P12 certificate/key from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:36 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner closed T6942: Differing fingerprint length with curve 448 as Resolved.

I did a couple of test on the command line which should be sufficient.

Jan 24 2024, 11:34 AM · gnupg24 (gnupg-2.4.4), Bug Report
werner moved T6942: Differing fingerprint length with curve 448 from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:33 AM · gnupg24 (gnupg-2.4.4), Bug Report

Jan 23 2024

ebo moved T4704: Wrong error message when key is expired from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 23 2024, 1:45 PM · gnupg24 (gnupg-2.4.4), UI, Bug Report

Jan 18 2024

ebo moved T6736: Year 2038 issue for key validity date from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 18 2024, 11:43 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report

Jan 11 2024

werner closed T6838: keyboxd hangs on stale locks after changing hostname as Resolved.

Tested this some time ago.

Jan 11 2024, 3:31 PM · gnupg24 (gnupg-2.4.4), Bug Report
werner moved T6838: keyboxd hangs on stale locks after changing hostname from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 11 2024, 3:30 PM · gnupg24 (gnupg-2.4.4), Bug Report

Nov 26 2023

werner added a comment to T6838: keyboxd hangs on stale locks after changing hostname.

That is a feature. Consider the case that ~/.gnupg is on network file system and thus possible in use on several boxes. Thus before we remove stale lock files we do not only compare the PID but also the hostname. Granted, this is rare but we have had such cases in the past with locks.

Nov 26 2023, 4:10 PM · gnupg24 (gnupg-2.4.4), Bug Report

Nov 24 2023

Jakuje created T6838: keyboxd hangs on stale locks after changing hostname.
Nov 24 2023, 5:11 PM · gnupg24 (gnupg-2.4.4), Bug Report

Nov 15 2023

werner closed T6802: Trying to sign with a brainpool X509 key results in non-compliance error as Resolved.
Nov 15 2023, 9:28 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report
werner moved T6802: Trying to sign with a brainpool X509 key results in non-compliance error from QA to gnupg-2.4.4 on the gnupg24 board.
Nov 15 2023, 9:28 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report

Oct 20 2023

aheinecke added a comment to T6770: Add --ignore-cert-extensions to dirmngr.

That output was also misleading,. that was from before I added the ignore-crl-extension in there. I was confused because I still got the error:

Oct 20 2023, 4:23 PM · S/MIME, Restricted Project
aheinecke closed T6770: Add --ignore-cert-extensions to dirmngr as Invalid.

So dirmngr already has that option.

Oct 20 2023, 4:08 PM · S/MIME, Restricted Project
aheinecke triaged T6770: Add --ignore-cert-extensions to dirmngr as High priority.
Oct 20 2023, 2:57 PM · S/MIME, Restricted Project

Jul 4 2023

werner created gnupg24 (gnupg-2.4.4).
Jul 4 2023, 4:59 PM