Page MenuHome GnuPG
Feed All Stories

May 28 2020

bernhard created T4958: Document different use of pubring.gpg in newer versions.
May 28 2020, 12:45 PM · gnupg (gpg22), Documentation
gniibe added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

Hand parsing the data object content:

fa 82 01 e2
   c1 06
      010800001100
   c1 06
      010c00001100
   c1 06
      011000001100
   c1 09
      132a8648ce3d030107
   c1 06
      132b81040022
   c1 06
      132b81040023
   c1 06
      132b8104000a
   c1 0a
      132b2403030208010107
   c1 0a
      132b240303020801010b
   c1 0a
      132b240303020801010d
   c1 0a
      162b06010401da470f01
   c1 0b
      162b060104019755010501
   c2 06
      010800001100
   c2 06
      010c00001100
   c2 06
      011000001100
   c2 09
      122a8648ce3d030107
   c2 06
      122b81040022
   c2 06
      122b81040023
   c2 06
      122b8104000a
   c2 0a
      122b2403030208010107
   c2 0a
      122b240303020801010b
   c2 0a
      122b240303020801010d
   c2 0a
      162b06010401da470f01
   c2 0b
      162b060104019755010501
   c3 06
      010800001100
   c3 06
      010c00001100
   c3 06
      011000001100
   c3 09
      132a8648ce3d030107
   c3 06
      132b81040022
   c3 06
      132b81040023
   c3 06
      132b8104000a
   c3 0a
      132b2403030208010107
   c3 0a
      132b240303020801010b
   c3 0a
      132b240303020801010d
   c3 0a
      162b06010401da470f01
   c3 0b
      162b060104019755010501
   da 06
      010800001100
   da 06
      010c00001100
   da 06
      011000001100
   da 09
      132a8648ce3d030107
   da 06
      132b81040022
   da 06
      132b81040023
   da 06
      132b8104000a
   da 0a
      132b2403030208010107
   da 0a
      132b240303020801010b
   da 0a
      132b240303020801010d
   da 0a
      162b06010401da470f01
   da 0b
      162b060104019755010501
May 28 2020, 8:34 AM · scd
gniibe added a comment to T4957: OpenPGP card protocol 3.4 with Yubikey.

And here is (raw) dump of the data object FA:

May 28 2020, 8:25 AM · scd
Laurent Montel <montel@kde.org> committed rLIBKLEO08899d53438b: GIT_SILENT: It compiles fine against kf5.71 without deprecated methods (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: It compiles fine against kf5.71 without deprecated methods
May 28 2020, 8:24 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA5b238c127a5c: GIT_SILENT: It compiles fine against kf5.71 without deprecated methods (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: It compiles fine against kf5.71 without deprecated methods
May 28 2020, 8:20 AM
gniibe triaged T4957: OpenPGP card protocol 3.4 with Yubikey as Normal priority.

Here is the dump of "Application Related Data" (6E):

6e 82 01 47
   4f 10
      d2760001240103040006106160490000
   5f 52 08
      00730000e0059000
   7f 74 03
      810120
   73 82 01 20
      c0 0a
         7d000bfe080000ff0000
      c1 0b
         162b06010401da470f0100
      c2 0c
         122b06010401975501050100
      c3 0b
         162b06010401da470f0100
      da 06  <-------------------------------------- This is algorithm attributes for Attestation key (Yubikey specific)
         010800001100
      c4 07
         ff7f7f7f030003
      c5 50
         eeeed1b50b1b1d9c669033fe019e94a27992b44c
         d00b630fdcb5c4397d5ffbd69aa68a3ff9f8ed10
         1b2a3d46f4f0c5afd0115e7eb858d476daf64cdb
         0000000000000000000000000000000000000000  <--- This appears to be fingerprint of Attestation key
      c6 50
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000
         0000000000000000000000000000000000000000  <--- This appears to be fingerprint of some key related to Attestation key???
      cd 10
         5e58b1e65e58b1c55e58b1f900000000
      de 08
         0102020203028102
   7f 66 08
      02020bfe02020bfe
   d6 02
      0020
   d7 02
      0020
   d8 02
      0020
   d9 02
      0020
May 28 2020, 8:15 AM · scd
gniibe created T4957: OpenPGP card protocol 3.4 with Yubikey.
May 28 2020, 8:11 AM · scd

May 27 2020

aheinecke committed rO3c486a6468fa: Add accessor to hidden "Dirty" property (authored by aheinecke).
Add accessor to hidden "Dirty" property
May 27 2020, 5:22 PM
aheinecke committed rO33f8c7b8b1d5: Add helper to put a byte array into OOM (authored by aheinecke).
Add helper to put a byte array into OOM
May 27 2020, 5:22 PM
aheinecke committed rO12b4298b40a4: Accept input from older keyresolver (authored by aheinecke).
Accept input from older keyresolver
May 27 2020, 5:22 PM
aheinecke committed rO2139d77a3fd8: Minor formatting fix (authored by aheinecke).
Minor formatting fix
May 27 2020, 5:22 PM
aheinecke committed rO90c3e6b7836d: Change message format to HTML when RTF (authored by aheinecke).
Change message format to HTML when RTF
May 27 2020, 5:22 PM
werner committed rG94d31660c6db: card: Update card info after "generate". (authored by werner).
card: Update card info after "generate".
May 27 2020, 1:48 PM
werner committed rG21496761226c: scd:openpgp: New KEY-STATUS attribute. (authored by werner).
scd:openpgp: New KEY-STATUS attribute.
May 27 2020, 1:48 PM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In the SOS branch, rG1c4291c3951d: ecc-sos: Add special leading zero octet removal. should be reverted.
Instead, the S_KEY should be fixed up in read_key_file in findkey.c,
and merge_lists in protect.c.
(Then, no need to be fixed up in extract_private_key.)

May 27 2020, 11:57 AM · OpenPGP, gnupg
werner committed rG08310849a280: card: Add command "bye" (authored by werner).
card: Add command "bye"
May 27 2020, 11:45 AM
werner committed rG46a3de4b5acb: card: Take care of removed and re-inserted cards. (authored by werner).
card: Take care of removed and re-inserted cards.
May 27 2020, 11:45 AM
cryptobit added a comment to T4953: Some email recipients respond with: hey, why did you send me an empty mail...?.

I observe the same problem since I installed gpg4win 3.1.11 (german) in Outlook, Office Professional Plus 2019, Version 2004: Occasionally "zero byte mails" are sent by replying to an s/mine certified and encrypted mail. In my case the option s/mine support is disabled in GpgOL menu.

May 27 2020, 10:56 AM · gpgol, Bug Report, gpg4win
werner added a comment to T4098: GpgSM: Add ECC support.

GnuTLS seems to have some CMS support; see https://gitlab.com/gnutls/gnutls/-/issues/227 .

May 27 2020, 10:35 AM · gnupg (gpg23), Feature Request, S/MIME
gniibe committed rG2fc7fbc46b59: ecc-sos: SOS as Strange Octet String. (authored by gniibe).
ecc-sos: SOS as Strange Octet String.
May 27 2020, 9:16 AM
gniibe committed rG1c4291c3951d: ecc-sos: Add special leading zero octet removal. (authored by gniibe).
ecc-sos: Add special leading zero octet removal.
May 27 2020, 5:34 AM
gniibe committed rC33c972b6a6fe: sexp: Fix coding of line break. (authored by gniibe).
sexp: Fix coding of line break.
May 27 2020, 4:29 AM
gniibe updated the task description for T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.
May 27 2020, 3:09 AM · gpgagent, gnupg
gniibe edited projects for T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned, added: gpgagent, libgcrypt; removed OpenPGP.
May 27 2020, 3:08 AM · gpgagent, gnupg
gniibe added a comment to T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.

Exactly same problem is there in libgcrypt.
In the definitions of curves, it uses negative constant internally in some specific places, but for other parts, we have same problems.

May 27 2020, 3:08 AM · gpgagent, gnupg
gniibe updated the task description for T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.
May 27 2020, 3:03 AM · gpgagent, gnupg
gniibe created T4956: agent: Discrepancy of handling MPI for the interpretation of signed and unsigned.
May 27 2020, 3:03 AM · gpgagent, gnupg

May 26 2020

werner committed rGc2a47475ba0f: card: Implement UID command and print capabilities. (authored by werner).
card: Implement UID command and print capabilities.
May 26 2020, 4:24 PM
werner committed rG20090886706e: scd: Fix Yubikey app switching problem (authored by werner).
scd: Fix Yubikey app switching problem
May 26 2020, 4:24 PM
werner committed rG11f0700282c1: scd:openpgp: Add attribute "UIF" for convenience. (authored by werner).
scd:openpgp: Add attribute "UIF" for convenience.
May 26 2020, 4:24 PM
aheinecke committed rO23158ad86a2f: Also learn about smartcards for OpenPGP (authored by aheinecke).
Also learn about smartcards for OpenPGP
May 26 2020, 3:10 PM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

I should concentrate the case of ECC, in particular, ECC with modern curves.
Removing leading zero from RSA/ECC/ELGamal assuming unsigned integer would result more work.

May 26 2020, 8:23 AM · OpenPGP, gnupg
gniibe committed rG6d226ec8bd02: ecc-sos: Fix SOS handling and revert change of cvt protocol. (authored by gniibe).
ecc-sos: Fix SOS handling and revert change of cvt protocol.
May 26 2020, 8:21 AM
Laurent Montel <montel@kde.org> committed rLIBKLEOb442a0ff307e: GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13
May 26 2020, 7:37 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRAb3dd7a187457: GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Time to increase Qt5 version. Now we depend against qt5.13
May 26 2020, 7:34 AM
gniibe committed rG85acf0699e4d: ecc-sos: Unsigned integer for SSH, more. (authored by gniibe).
ecc-sos: Unsigned integer for SSH, more.
May 26 2020, 7:21 AM
gniibe committed rGdf3628f9587e: ecc-sos: Use unsigned integer format for SSH. (authored by gniibe).
ecc-sos: Use unsigned integer format for SSH.
May 26 2020, 7:20 AM
gniibe committed rG324dbe3eb551: ecc-sos: When reading private key, it's unsigned. (authored by gniibe).
ecc-sos: When reading private key, it's unsigned.
May 26 2020, 7:20 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In libgcrypt, we have another problem of GCRYSEXP_FMT_ADVANCED formatting, which is used by gpg-agent of GnuPG 2.3 with name-value list.

May 26 2020, 7:07 AM · OpenPGP, gnupg
gniibe committed rGf3d07c634e7b: agent: SSH clean up. (authored by gniibe).
agent: SSH clean up.
May 26 2020, 4:56 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Confusingly, in the SSH specification, it is signed MPI.
See RFC4251, for the definition of "mpint": https://tools.ietf.org/html/rfc4251#page-8

May 26 2020, 3:59 AM · OpenPGP, gnupg

May 25 2020

aheinecke committed rOd0b6cf49695c: Fix invalid memdbg error (authored by aheinecke).
Fix invalid memdbg error
May 25 2020, 10:09 AM
aheinecke committed rO43c5916f17c7: Fix two memleaks in mapihelp (authored by aheinecke).
Fix two memleaks in mapihelp
May 25 2020, 10:09 AM
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

There are more places for clean up in GnuPG.
While "MPI" in OpenPGP specification is based on unsigned integer, the default "MPI" handling of GnuPG/Libgcrypt is signed. This difference matters internally.
Formatting by "%m" with libgcrypt, it may result prefixed by 0x00 (so that it represents unsigned value, even if scanned as signed).
And because of this, existing private keys in private-keys-v1.d may have this leading zero-byte.
But the counting bits don't count this byte.

May 25 2020, 7:27 AM · OpenPGP, gnupg
gniibe committed rGcbf30c1da932: ecc-sos: Backport master change for ECDH. (authored by gniibe).
ecc-sos: Backport master change for ECDH.
May 25 2020, 7:23 AM
gniibe added a reverting change for rG43c0c19fcae5: ecc-sos: Fix SOS handling in do_unprotect.: rGbdf0fb315868: Revert "ecc-sos: Fix SOS handling in do_unprotect.".
May 25 2020, 7:23 AM
gniibe committed rGbdf0fb315868: Revert "ecc-sos: Fix SOS handling in do_unprotect." (authored by gniibe).
Revert "ecc-sos: Fix SOS handling in do_unprotect."
May 25 2020, 7:23 AM

May 22 2020

andrey_l added a comment to D500: Add Ukrainian localization to installer.

@aheinecke what is the process of new translation adding?

May 22 2020, 2:52 PM
andrey_l abandoned D499: Add .arcconfig.
May 22 2020, 2:51 PM
gniibe committed rG64d93271bfce: gpg: Clean up ECDH code path (4). (authored by gniibe).
gpg: Clean up ECDH code path (4).
May 22 2020, 5:07 AM
gniibe committed rG510bda7d3754: gpg: Clean up ECDH code path (5). (authored by gniibe).
gpg: Clean up ECDH code path (5).
May 22 2020, 5:07 AM
gniibe committed rG960d37644cbb: gpg: Clean up ECDH code path (1). (authored by gniibe).
gpg: Clean up ECDH code path (1).
May 22 2020, 5:07 AM
gniibe committed rGa973d9113840: gpg: Clean up ECDH code path (2). (authored by gniibe).
gpg: Clean up ECDH code path (2).
May 22 2020, 5:07 AM
gniibe committed rG80c02d13d999: gpg: Clean up ECDH code path (3). (authored by gniibe).
gpg: Clean up ECDH code path (3).
May 22 2020, 5:07 AM
gniibe claimed T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.
May 22 2020, 2:05 AM · gpgrt, Feature Request

May 21 2020

Laurent Montel <montel@kde.org> committed rLIBKLEO2ba03df9b257: GIT_SILENT: add .gitlab-ci.yml (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add .gitlab-ci.yml
May 21 2020, 9:55 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA4be6eb7aa9c8: GIT_SILENT: add .gitlab-ci.yml (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: add .gitlab-ci.yml
May 21 2020, 9:53 AM
gniibe changed the status of T4934: Returning automatic variable buffer from a function from Open to Testing.

Fixed in master and applied to 2.2 branch too.

May 21 2020, 7:39 AM · dirmngr, Restricted Project, Bug Report
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Important interoperability issue:
OpenPGP implementations should implement:

  • Recovery of leading zero octets for Ed25519 key handling (secret part) and Ed25519 signature
May 21 2020, 7:01 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Better to paste directly:

# SOS representation
#
# Initially, it was intended as "Simply, Octet String", but 
# it is actually "Strange" Octet String.
#
May 21 2020, 6:52 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

I wrote this:

May 21 2020, 6:51 AM · OpenPGP, gnupg
gniibe created T4954: SOS representation and improvements in GnuPG.
May 21 2020, 6:50 AM · OpenPGP, gnupg
gniibe added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

libgpg-error used to be blamed because of this kind of architectural support in earlier stage of building operating system.
T4774 is my try to fix the problem.

May 21 2020, 6:46 AM · gpgrt, Feature Request
gniibe added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

Thank you for your work. Please go ahead.

May 21 2020, 6:43 AM · gpgrt, Feature Request

May 20 2020

dkg added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

If there's no objection to this in a few days, i'll go ahead and merge it to master.

May 20 2020, 10:00 PM · gpgrt, Feature Request
Laurent Montel <montel@kde.org> committed rLIBKLEOac73e1d9d534: GIT_SILENT: Prepare 5.14.2 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.2
May 20 2020, 9:19 PM
Laurent Montel <montel@kde.org> committed rKLEOPATRA3c53e45a4c1b: GIT_SILENT: Prepare 5.14.2 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.2
May 20 2020, 9:03 PM
Lingh created T4953: Some email recipients respond with: hey, why did you send me an empty mail...?.
May 20 2020, 7:40 PM · gpgol, Bug Report, gpg4win
Laurent Montel <montel@kde.org> committed rKLEOPATRA2e7a2b369eb5: Fix clazy warning (authored by Laurent Montel <montel@kde.org>).
Fix clazy warning
May 20 2020, 1:23 PM
gniibe committed rG30eef28bc0f5: dirmngr: dns: Fix allocation of string buffer in stack. (authored by gniibe).
dirmngr: dns: Fix allocation of string buffer in stack.
May 20 2020, 12:46 PM
gniibe added a comment to T4934: Returning automatic variable buffer from a function .

Sorry, I was reading the next commit (libdns: Avoid using compound literals (3)).

May 20 2020, 11:51 AM · dirmngr, Restricted Project, Bug Report
gniibe committed rG43c0c19fcae5: ecc-sos: Fix SOS handling in do_unprotect. (authored by gniibe).
ecc-sos: Fix SOS handling in do_unprotect.
May 20 2020, 11:35 AM
t8m added a comment to T4934: Returning automatic variable buffer from a function .

I have to disagree. Unless I am completely confused the modified functions use automatic buffer variable and then basically return it.

May 20 2020, 9:56 AM · dirmngr, Restricted Project, Bug Report
ilf added a comment to T4893: "Note: signatures using the MD5 algorithm are rejected" is emitted despite --quiet.

Robin H. Johnson created a patch for this:

May 20 2020, 9:43 AM · gnupg (gpg22), Bug Report
gniibe committed rGbc3d003e00be: ecc-sos: Avoid using gcry_mpi_print and gcry_mpi_scan. (authored by gniibe).
ecc-sos: Avoid using gcry_mpi_print and gcry_mpi_scan.
May 20 2020, 8:16 AM
gniibe committed rGcea6925fa43c: ecc-sos: Fix ECDH. (authored by gniibe).
ecc-sos: Fix ECDH.
May 20 2020, 5:52 AM
anarcat added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

I had assumed that GnuPG prioritized the safety of its users over strict adherence to a particular view of a cryptographic protocol

May 20 2020, 4:12 AM · gnupg (gpg23), Feature Request
gniibe added a comment to T4934: Returning automatic variable buffer from a function .

Possibly, it would be dns_p_init which was caught. If so, it's false positive; It returns a pointer given to the function (which is automatic variable of parent function), but it is valid within the scope of parent function.

May 20 2020, 2:22 AM · dirmngr, Restricted Project, Bug Report
gniibe added a comment to T4934: Returning automatic variable buffer from a function .

Could you please show more information, a specific point of the bug?
I can't locate any place where a function returns a pointer to automatic buffer.

May 20 2020, 2:16 AM · dirmngr, Restricted Project, Bug Report

May 19 2020

dkg committed rE0db8c768843d: syscfg: add 64-bit big-endian MIPS architecture (authored by dkg).
syscfg: add 64-bit big-endian MIPS architecture
May 19 2020, 11:35 PM
dkg added a comment to T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.

branch dkg/fix-4952 contains this fix in an easily applicable form as 0db8c768843db3e85935b972f1ed9d1b98159c46

May 19 2020, 8:49 PM · gpgrt, Feature Request
dkg created T4952: libgpg-error/gpgrt lock-obj for big-endian 64-bit MIPS.
May 19 2020, 7:41 PM · gpgrt, Feature Request
werner updated the task description for T4943: Release LibKSBA 1.4.0.
May 19 2020, 4:49 PM · libksba, Release Info
werner closed T4920: Support ECDH in Libksba as Resolved.
May 19 2020, 4:49 PM · libksba, Feature Request, S/MIME
werner closed T4920: Support ECDH in Libksba, a subtask of T4098: GpgSM: Add ECC support, as Resolved.
May 19 2020, 4:49 PM · gnupg (gpg23), Feature Request, S/MIME
werner updated the task description for T4943: Release LibKSBA 1.4.0.
May 19 2020, 4:47 PM · libksba, Release Info
werner committed rDd81e9c937cd6: swdb: Libksba 1.4.0 (authored by werner).
swdb: Libksba 1.4.0
May 19 2020, 4:29 PM
werner closed T4943: Release LibKSBA 1.4.0 as Resolved.
May 19 2020, 4:28 PM · libksba, Release Info
werner committed rKf30f604700d3: Release 1.4.0 (authored by werner).
Release 1.4.0
May 19 2020, 4:26 PM
werner committed rK48ea53e940da: Post release updates (authored by werner).
Post release updates
May 19 2020, 4:26 PM
werner updated the task description for T4943: Release LibKSBA 1.4.0.
May 19 2020, 3:44 PM · libksba, Release Info
werner updated the task description for T4943: Release LibKSBA 1.4.0.
May 19 2020, 3:43 PM · libksba, Release Info
werner updated the task description for T4943: Release LibKSBA 1.4.0.
May 19 2020, 3:42 PM · libksba, Release Info
werner added a comment to T4943: Release LibKSBA 1.4.0.
May 19 2020, 3:41 PM · libksba, Release Info
werner changed the status of T4104: gpgsm/ksba removes leading zeros from signature byte array from Open to Testing.

Seems to be fixed now.

May 19 2020, 3:13 PM · Restricted Project, libksba, S/MIME, Bug Report
werner lowered the priority of T4896: ksba: Ed25519 support from High to Normal.

Parsing and creating of certs does now work. I was not able to find sample CMS objects so this part is not yet finished.

May 19 2020, 3:12 PM · Info Needed, libksba, Feature Request, S/MIME
werner closed T4092: Certificate requests generated from card-based ECDSA keys are incorrectly marked as RSA-signed, a subtask of T4888: GpgSM: Support ECC key generation by gpgsm_genkey, as Resolved.
May 19 2020, 2:43 PM · Restricted Project, Feature Request, S/MIME
werner closed T4092: Certificate requests generated from card-based ECDSA keys are incorrectly marked as RSA-signed as Resolved.
May 19 2020, 2:43 PM · Restricted Project, Feature Request, S/MIME
werner added a comment to T4888: GpgSM: Support ECC key generation by gpgsm_genkey.

Finished if an existing key is used. See rG6dc3846d78192e393be73c16c72750734a9174d1 for examples.

May 19 2020, 2:42 PM · Restricted Project, Feature Request, S/MIME
werner added a comment to T4098: GpgSM: Add ECC support.

See rG6dc3846d78192e393be73c16c72750734a9174d1 for examples on how to create a cert

May 19 2020, 2:41 PM · gnupg (gpg23), Feature Request, S/MIME