Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Wed, Apr 29

gniibe closed T7677: Duplicate --with-gnu-ld Entries in libgpg-error 1.55 configure Help Output as Resolved.
Wed, Apr 29, 6:29 AM · gpgrt, Bug Report
gniibe closed T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` as Resolved.
Wed, Apr 29, 6:26 AM · gnupg26, Security, TPM, Bug Report
gniibe closed T7968: Fixes needed for newer GCC/Mingw as Resolved.
Wed, Apr 29, 6:22 AM
gniibe closed T7957: dotlock clean up for error/warning message as Resolved.
Wed, Apr 29, 3:55 AM · gnupg, Bug Report
gniibe closed T8202: Intermittent ssh publickey login failure after upgrade to gnupg 2.5.x as Resolved.
Wed, Apr 29, 3:48 AM · gpgagent, ssh, Bug Report
gniibe moved T6693: agent: Have a thread monitoring parent PID and homedir from QA to Done on the gnupg26 board.
Wed, Apr 29, 3:46 AM · keyboxd, gpgagent, gnupg26
gniibe moved T6692: agent: Clean up check_own_socket to monitor socket takeover from QA to Done on the gnupg26 board.
Wed, Apr 29, 3:46 AM · keyboxd, gnupg26, gpgagent
gniibe moved T6682: agent: agent_kick_the_loop function to unblock the select(2) from QA to Done on the gnupg26 board.
Wed, Apr 29, 3:46 AM · keyboxd, gpgagent, gnupg26
gniibe moved T6681: agent: Clean up main loop and better cache handling of expiration (was: Adding agent_timer API for monitoring something and passphrase cache) from QA to Done on the gnupg26 board.
Wed, Apr 29, 3:46 AM · keyboxd, gpgagent, gnupg26
gniibe moved T7339: Kleopatra: Cannot decrypt packets with hybrid cipher without using symmetric passphrase from Backlog to WIP on the gpd5x board.
Wed, Apr 29, 3:44 AM · gnupg26, gpd5x, kleopatra, Bug Report
gniibe moved T8162: pinentry/gpg/gpgme/Kleo: Cancel semantics: decryption from Backlog to WIP on the gpd5x board.
Wed, Apr 29, 3:43 AM · pinentry, Feature Request, gnupg26, gpd5x, kleopatra
gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gpd5x board.
Wed, Apr 29, 3:43 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe moved T7339: Kleopatra: Cannot decrypt packets with hybrid cipher without using symmetric passphrase from Backlog to WIP on the gnupg26 board.
Wed, Apr 29, 3:40 AM · gnupg26, gpd5x, kleopatra, Bug Report
gniibe moved T8162: pinentry/gpg/gpgme/Kleo: Cancel semantics: decryption from Backlog to WIP on the gnupg26 board.
Wed, Apr 29, 3:40 AM · pinentry, Feature Request, gnupg26, gpd5x, kleopatra
gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gnupg26 board.
Wed, Apr 29, 3:39 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe moved T8159: gpgtar write outside --directory via symlink traversal from Backlog to WIP on the gnupg26 board.
Wed, Apr 29, 3:39 AM · gnupg26, gpgtar, Security, Bug Report

Tue, Apr 28

gniibe committed rG35780c3118ea: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Tue, Apr 28, 8:29 AM
gniibe committed rEcb44dbacdb8c: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Tue, Apr 28, 8:26 AM

Mon, Apr 27

gniibe committed rGaa0f8990beb8: keyboxd: Support ephemeral mode to search/store accordingly. (authored by gniibe).
keyboxd: Support ephemeral mode to search/store accordingly.
Mon, Apr 27, 6:48 AM
gniibe committed rG7428463a9db3: gpgsm:keydb: Use SETEPHEMERAL and PUTKEYFLAG command. (authored by gniibe).
gpgsm:keydb: Use SETEPHEMERAL and PUTKEYFLAG command.
Mon, Apr 27, 6:48 AM
gniibe committed rG91436ab15ad7: kbx: Fix the offset for KEYBOX_FLAG_CREATED_AT. (authored by gniibe).
kbx: Fix the offset for KEYBOX_FLAG_CREATED_AT.
Mon, Apr 27, 6:48 AM
gniibe committed rGe24a19147097: keyboxd: Add PUTKEYFLAG command (only for SQLite backend). (authored by gniibe).
keyboxd: Add PUTKEYFLAG command (only for SQLite backend).
Mon, Apr 27, 6:48 AM
gniibe changed the status of T8236: gpgsm: keybox problem of KEYBOX_FLAG_CREATED_AT from Open to Testing.

Applied to master.

Mon, Apr 27, 6:48 AM · gnupg, S/MIME
gniibe changed the status of T8048: Keyboxd: S/MIME certificate is imported on ldap search from Open to Testing.

Applied to master.

Mon, Apr 27, 6:48 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe committed rE15ccba67c50f: build: Add cross compile support for wasm*-*-emscripten target. (authored by gniibe).
build: Add cross compile support for wasm*-*-emscripten target.
Mon, Apr 27, 4:57 AM

Fri, Apr 24

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I created a branch https://dev.gnupg.org/source/gnupg/history/gniibe%252Ft8048 and pushed all changes (including keyboxd-patch-2026-04-23).

Fri, Apr 24, 7:06 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Thu, Apr 23

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Enhance keyboxd to have new command for what keybox_set_flags does.

Thu, Apr 23, 7:01 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe triaged T8236: gpgsm: keybox problem of KEYBOX_FLAG_CREATED_AT as Low priority.
Thu, Apr 23, 4:09 AM · gnupg, S/MIME
gniibe committed rGc7f0a22b1cd3: kbx: Fix keybox format comment. (authored by gniibe).
kbx: Fix keybox format comment.
Thu, Apr 23, 3:17 AM

Mon, Apr 20

gniibe committed rG97c057ff4783: gpg,regexp: Fix REGEXP_PREFIX macro, expanded correctly. (authored by gniibe).
gpg,regexp: Fix REGEXP_PREFIX macro, expanded correctly.
Mon, Apr 20, 2:39 AM

Fri, Apr 17

gniibe updated the task description for T7998: Release GnuPG 2.5.19.
Fri, Apr 17, 9:29 AM · Release Info, gnupg
gniibe added a project to T8159: gpgtar write outside --directory via symlink traversal: gnupg26.
Fri, Apr 17, 9:22 AM · gnupg26, gpgtar, Security, Bug Report
gniibe updated the task description for T8159: gpgtar write outside --directory via symlink traversal.
Fri, Apr 17, 8:59 AM · gnupg26, gpgtar, Security, Bug Report
gniibe triaged T8230: libgcrypt: Use memset_explicit (of C23) to wipe memory as Wishlist priority.

Here is the change:

diff --git a/configure.ac b/configure.ac
index 30be86b5..ac2696e5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3073,7 +3073,8 @@ AC_CHECK_FUNCS(strtoul memmove stricmp atexit raise)
 AC_CHECK_FUNCS(strerror rand mmap getpagesize sysconf waitpid wait4)
 AC_CHECK_FUNCS(gettimeofday getrusage gethrtime clock_gettime syslog)
 AC_CHECK_FUNCS(syscall fcntl ftruncate flockfile getauxval elf_aux_info)
-AC_CHECK_FUNCS(explicit_bzero explicit_memset getentropy sysctlbyname)
+AC_CHECK_FUNCS(memset_explicit explicit_bzero explicit_memset)
+AC_CHECK_FUNCS(getentropy sysctlbyname)
Fri, Apr 17, 8:40 AM · libgcrypt, Bug Report
gniibe created T8230: libgcrypt: Use memset_explicit (of C23) to wipe memory.
Fri, Apr 17, 8:38 AM · libgcrypt, Bug Report
gniibe committed rC787ae6a02ba0: cipher:kdf:ballon: Fix wiping memory after use. (authored by Bert van der Weerd <bert@teamspicy.net>).
cipher:kdf:ballon: Fix wiping memory after use.
Fri, Apr 17, 4:07 AM

Thu, Apr 16

gniibe updated the task description for T8227: libgcrypt: Armv9.4-A Guarded Control Stack (GCS) support.
Thu, Apr 16, 9:18 AM · libgcrypt, Bug Report
gniibe added a comment to T8227: libgcrypt: Armv9.4-A Guarded Control Stack (GCS) support.

I found the description in ARM Architecture Reference Manual:
https://developer.arm.com/documentation/ddi0487/mb/-Part-D-The-AArch64-System-Level-Architecture/-Chapter-D11-The-Guarded-Control-Stack/-D11-1-Introduction/-D11-1-3-Overview?lang=en

Thu, Apr 16, 9:16 AM · libgcrypt, Bug Report
gniibe triaged T8227: libgcrypt: Armv9.4-A Guarded Control Stack (GCS) support as Wishlist priority.
Thu, Apr 16, 9:13 AM · libgcrypt, Bug Report
gniibe created T8227: libgcrypt: Armv9.4-A Guarded Control Stack (GCS) support.
Thu, Apr 16, 9:12 AM · libgcrypt, Bug Report

Wed, Apr 15

gniibe changed the status of T8208: Missing bounds check in libgcrypt's Dilithium context handling from Open to Testing.
Wed, Apr 15, 7:32 AM · Security, PQC, Bug Report, libgcrypt

Tue, Apr 14

gniibe updated the task description for T8220: libgcrypt: Brainpool curve specific optimization.
Tue, Apr 14, 8:40 AM · libgcrypt, Bug Report
gniibe triaged T8220: libgcrypt: Brainpool curve specific optimization as Wishlist priority.
Tue, Apr 14, 8:40 AM · libgcrypt, Bug Report
gniibe created T8220: libgcrypt: Brainpool curve specific optimization.
Tue, Apr 14, 8:40 AM · libgcrypt, Bug Report
gniibe committed rG1bdd1f5bb4d1: tools:gpgtar: Fix for a case of non existing dir with -C. (authored by gniibe).
tools:gpgtar: Fix for a case of non existing dir with -C.
Tue, Apr 14, 6:35 AM
gniibe committed rE98660a48161a: build:cross: Remove section name to dump. (authored by gniibe).
build:cross: Remove section name to dump.
Tue, Apr 14, 5:36 AM
gniibe committed rC5a875908cb95: cipher:dilithium: Fix the glue of libgcrypt. (authored by gniibe).
cipher:dilithium: Fix the glue of libgcrypt.
Tue, Apr 14, 5:03 AM
gniibe committed rC905e00f046a7: cipher:dilithium: Check the label length by caller. (authored by gniibe).
cipher:dilithium: Check the label length by caller.
Tue, Apr 14, 5:03 AM

Mon, Apr 13

gniibe added a comment to T8159: gpgtar write outside --directory via symlink traversal.

With -C <DIRNAME> option, where <DIRNAME> is not exist is OK.

Mon, Apr 13, 7:13 AM · gnupg26, gpgtar, Security, Bug Report

Fri, Apr 10

gniibe added a comment to T8208: Missing bounds check in libgcrypt's Dilithium context handling.

The minimum fix avoids changes needed, thus, a bit confusing as a whole.
Here are better changes:

0001-cipher-dilithium-Fix-the-glue-of-libgcrypt.patch1 KBDownload

0002-cipher-dilithium-Check-the-label-length-by-caller.patch10 KBDownload

Fri, Apr 10, 11:07 AM · Security, PQC, Bug Report, libgcrypt
gniibe lowered the priority of T8211: Libgcrypt ECDH buffer overwrite with zeroes from Unbreak Now! to High.

Here is the fix:

0001-cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch1 KBDownload

Fri, Apr 10, 10:04 AM · Bug Report, Security, libgcrypt

Thu, Apr 9

gniibe claimed T8211: Libgcrypt ECDH buffer overwrite with zeroes.
Thu, Apr 9, 9:39 AM · Bug Report, Security, libgcrypt
gniibe claimed T8208: Missing bounds check in libgcrypt's Dilithium context handling.

Minimum fix is:

0001-cipher-dilithium-Check-the-label-length-by-caller.patch1 KBDownload

Thu, Apr 9, 8:48 AM · Security, PQC, Bug Report, libgcrypt

Wed, Apr 8

gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 9:07 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 8:43 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 8:22 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 7:59 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 7:37 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 7:15 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 6:53 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 6:31 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 6:09 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 5:47 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 5:25 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 5:04 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 4:40 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 4:18 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 3:56 AM
gniibe committed rC460695d0538b: tests:kem: Don't emit a message each time, but once. (authored by gniibe).
tests:kem: Don't emit a message each time, but once.
Wed, Apr 8, 3:35 AM

Apr 1 2026

gniibe triaged T8204: libgcrypt: Add optimized implementation of Kyber/Dilithium using CPU specific vector extention as Wishlist priority.
Apr 1 2026, 7:30 AM · PQC, libgcrypt, Bug Report
gniibe created T8204: libgcrypt: Add optimized implementation of Kyber/Dilithium using CPU specific vector extention.
Apr 1 2026, 7:30 AM · PQC, libgcrypt, Bug Report
gniibe committed rGc67e0b0a86b4: agent:ssh: Fix RSA padding in signature handling. (authored by gniibe).
agent:ssh: Fix RSA padding in signature handling.
Apr 1 2026, 4:35 AM
gniibe triaged T8202: Intermittent ssh publickey login failure after upgrade to gnupg 2.5.x as Normal priority.

@jpalus You are right.

Apr 1 2026, 4:30 AM · gpgagent, ssh, Bug Report
gniibe added a comment to T8202: Intermittent ssh publickey login failure after upgrade to gnupg 2.5.x.

computed by ssh_signature_encoder_rsa, including additional 0, reach:

Apr 1 2026, 4:16 AM · gpgagent, ssh, Bug Report

Mar 26 2026

gniibe claimed T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I applied the keyboxd part for SETEPHEMERAL command, as it doesn't break anything.

Mar 26 2026, 3:56 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe committed rG92c75575ecd4: keyboxd: Add SETEPHEMERAL command. (authored by gniibe).
keyboxd: Add SETEPHEMERAL command.
Mar 26 2026, 3:52 AM

Mar 25 2026

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Here is an attempt to fix the client side:

kbxd-ephemeral-client.patch4 KBDownload

Mar 25 2026, 5:26 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe committed rG2a2145782cbb: gpgsm: Make sure initializing TMP_CERT. (authored by gniibe).
gpgsm: Make sure initializing TMP_CERT.
Mar 25 2026, 2:12 AM
gniibe committed rG8b6de59ad880: agent: Raise GPG_ERR_BAD_SECKEY when p >= q for RSA key. (authored by gniibe).
agent: Raise GPG_ERR_BAD_SECKEY when p >= q for RSA key.
Mar 25 2026, 1:39 AM
gniibe changed the status of T8171: interoperability of PGP RSA keys from Open to Testing.

Pushed: rG8b6de59ad880: agent: Raise GPG_ERR_BAD_SECKEY when p >= q for RSA key.

Mar 25 2026, 1:39 AM · libgcrypt, gnupg, Bug Report

Mar 24 2026

gniibe changed the status of T7957: dotlock clean up for error/warning message from Open to Testing.

Pushed the change: rG533bcc265e9c: common:dotlock: Clean up for error/info/warning message.

Mar 24 2026, 6:33 AM · gnupg, Bug Report
gniibe committed rG533bcc265e9c: common:dotlock: Clean up for error/info/warning message. (authored by gniibe).
common:dotlock: Clean up for error/info/warning message.
Mar 24 2026, 6:32 AM
gniibe committed rA64c608e68640: w32: Fix ASSUAN_INVALID_FD. (authored by gniibe).
w32: Fix ASSUAN_INVALID_FD.
Mar 24 2026, 6:13 AM
gniibe committed rA44af1376511e: w32: Fix Windows specific warnings. (authored by gniibe).
w32: Fix Windows specific warnings.
Mar 24 2026, 6:13 AM
gniibe committed rG7a2692fe5e58: tool:gpgtar: Check the output directory with --directory. (authored by gniibe).
tool:gpgtar: Check the output directory with --directory.
Mar 24 2026, 3:38 AM
gniibe added a comment to T8171: interoperability of PGP RSA keys.

While I pushed the change of libgcrypt, I'd like to apply following change to GnuPG.
This is more kind than GPG_ERR_BAD_PASSPHRASE by gcry_pk_testkey failure.

Mar 24 2026, 3:33 AM · libgcrypt, gnupg, Bug Report
gniibe committed rC39aca53012e0: cipher:rsa: Fix the dead-code of stronger_key_check. (authored by gniibe).
cipher:rsa: Fix the dead-code of stronger_key_check.
Mar 24 2026, 3:22 AM

Mar 23 2026

gniibe added a comment to T8171: interoperability of PGP RSA keys.

I retract my patch in T8171#215603

Mar 23 2026, 10:36 AM · libgcrypt, gnupg, Bug Report
gniibe updated subscribers of T8171: interoperability of PGP RSA keys.

@m.eik gave us this link: https://github.com/ProtonMail/go-crypto/issues/184

Mar 23 2026, 10:21 AM · libgcrypt, gnupg, Bug Report
gniibe closed T4163: hkps://hkps.pool.sks-keyservers.net has to many bad servers to be a good default as Resolved.

It had already fixed in: rG55b5928099ba: dirmngr: Change the default keyserver.
And then in: rGa2f2523b99ff: Remove the default keyserver.

Mar 23 2026, 5:50 AM · gnupg, Keyserver
gniibe closed T3958: GPGME: Qt Bindings and MacOS as Resolved.

With same reason for T3852, I close this ticket.

Mar 23 2026, 5:42 AM · MacOS, qt, gpgme
gniibe closed T3852: GPGME, qt: possible version mismatch between moc and qt version as Resolved.

GPGME has been divided into new GpgME, QGpgme, GpgMEpp, and GpgME-python.
And new QGpgme uses CMake now.

Mar 23 2026, 5:25 AM · qt, gpgme
gniibe claimed T8136: w32: fix GNUPG_INVALID_FD and ASSUAN_INVALID_FD.
Mar 23 2026, 3:26 AM · gnupg, libassuan, Windows
gniibe added a project to T6910: pinentry: Possibly add pinentry-gtk with GTK 4, and Drop pinentry-gtk-2: pinentry.
Mar 23 2026, 3:15 AM · pinentry
gniibe committed rG41c4325813c1: scd:openpgp: Fix removal of the diagnostic for Admin PIN. (authored by gniibe).
scd:openpgp: Fix removal of the diagnostic for Admin PIN.
Mar 23 2026, 2:39 AM
gniibe added inline comments to rG2239f687bb14: scd:openpgp: UI improvement for use of PIN-entry..
Mar 23 2026, 2:04 AM

Mar 20 2026

gniibe committed rM8b89678aed6d: Fix passphrase cancel handling. (authored by gniibe).
Fix passphrase cancel handling.
Mar 20 2026, 6:16 AM
gniibe added a comment to T8162: pinentry/gpg/gpgme/Kleo: Cancel semantics: decryption.

Pushed the change of gpgme: rM8b89678aed6d: Fix passphrase cancel handling.

Mar 20 2026, 5:21 AM · pinentry, Feature Request, gnupg26, gpd5x, kleopatra
gniibe committed rG2239f687bb14: scd:openpgp: UI improvement for use of PIN-entry. (authored by gniibe).
scd:openpgp: UI improvement for use of PIN-entry.
Mar 20 2026, 5:03 AM
gniibe changed the status of T6425: improve pinentry behavior and texts in smart card context , a subtask of T6785: Kleopatra: Improvements related to smart cards, from Open to Testing.
Mar 20 2026, 5:01 AM · kleopatra
Next