No autoreconf etc. Use only our method to cross build. That is $src/libgcrypt/autogen.sh --build-w32.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Nov 17 2021
Here are the two test certificates mentioned in the commit log:
Nov 16 2021
We could use a new mode #define GCRY_GET_CONFIG_FIPS 1 with gcry_get_config:
What is your Pinentry version, which OS is that, and which terminal type?
Nov 15 2021
Can you given a example on how this would look like. In particulr are placeholders some kind of forced template or just a grey background text?
No, our admin left us and took all scripts and docs with him. We need to set it up again. You better use this system anyway, patches etc on GitHib are not used.
GnuPG requires a Unix system to build. We do not support building natively on Windows. Sorry.
Nov 14 2021
Nov 13 2021
Nov 12 2021
Okay, I revisited the code:
Do not user Reiner SCT those readers are all buggy and work only on Windows - if at all. Stay away from them and get a real reader and not the incompatible broken stuff from that company. I spent way too much time trying to get those readers working. That time is better invested in support for hardware which is standard compatible or are helpful to get stuff running.
The internal hashing of ed25519 is not used by OpenPGP but instead we pass the hash of the message to the ed25519 function and thus to the card. Pushing a message through a card is a no-go - way too slow for any normal sized message.
That does not seem to be right. You don't need 255 bytes for an ECC key. It would be best to get scdaemon logs simialr to the gpg-agent logs. Set "debug ipc,cardio" into scdaemon.conf.
What is the rational for this change?
Nov 11 2021
Nov 9 2021
Yes, keep the internal SHA-3.
Blowfish is not part of OpenPGP and according to its creator not the best cipher. Sorry to say no. You may nevertheless be interested in the recent discussion threads on PQC on the cryptography ML.
Nov 6 2021
Closing. In case the audit will request more, we can re-open this task.
I think we can close this. In January we will have an external audit (BITV) which hopefully will confirm our tests. They auditor will also provide a list of things to improve (if any).
Nov 4 2021
Please no new levels. And also consider the problems with global config files, conditionals and values taking from the registry. We can't simply do everything in the GUI - it would get too complex and we end up supporting the supportive config dialogs. Maybe a syntax checking editor would eventually be better.
OpenPGP folks now the algo number by heart ;-)
Fixed and tested on Linux. Thanks.
Sorry, I obviously forgot to add this vendor.
Having it invisible is okay for me. But we should not support the keyserver option in gpg.conf via Kleopatra anymore. This option needs to be faded out. Actually there are more problems in 2.2 here: In particular the global options are not manageable by a gpgconf. Thus there is no guarantee that the keyserver option actually shows the correct value if global options are used.
FWIW, GPA has a setting where you can select at which level options are shown (but not invisible). IIRC we had the same in Kleopatra but it has been removed.