Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Dec 9 2020

ikloecker changed the status of T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, a subtask of T5123: Kleopatra: Generate OpenPGP pubkey S/MIME CSR from existing card, from Open to Testing.
Dec 9 2020, 11:11 AM · kleopatra
ikloecker committed rKLEOPATRA3c1a40d9c1ed: Enable creation of OpenPGP keys iff NetKey card has required keys (authored by ikloecker).
Enable creation of OpenPGP keys iff NetKey card has required keys
Dec 9 2020, 10:55 AM
ikloecker committed rKLEOPATRA5095a85778b3: Allow translation of supported smartcards and add requirement for PIV (authored by ikloecker).
Allow translation of supported smartcards and add requirement for PIV
Dec 9 2020, 10:55 AM
ikloecker committed rKLEOPATRAced1ac37a4bf: Offer creation of OpenPGP keys from card keys only if supported by gpg (authored by ikloecker).
Offer creation of OpenPGP keys from card keys only if supported by gpg
Dec 9 2020, 10:55 AM
ikloecker closed T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key as Resolved.

Fixed.

Dec 9 2020, 9:36 AM
ikloecker closed T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key, a subtask of T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, as Resolved.
Dec 9 2020, 9:36 AM · kleopatra
ikloecker closed T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key, a subtask of T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d, as Resolved.
Dec 9 2020, 9:36 AM · Restricted Project, gnupg (gpg23)
ikloecker added a subtask for T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d: T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
Dec 9 2020, 9:34 AM · Restricted Project, gnupg (gpg23)
ikloecker added a parent task for T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key: T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d.
Dec 9 2020, 9:34 AM
ikloecker removed a parent task for T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d: T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
Dec 9 2020, 9:33 AM · Restricted Project, gnupg (gpg23)
ikloecker removed a subtask for T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key: T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d.
Dec 9 2020, 9:33 AM
ikloecker committed rKLEOPATRA5f6c5636f4da: Allow creating an OpenPGP key for the keys on a NetKey card (authored by ikloecker).
Allow creating an OpenPGP key for the keys on a NetKey card
Dec 9 2020, 9:23 AM
ikloecker committed rKLEOPATRA9dbf347d3ece: Parse key pair info for NetKey cards using the base class (authored by ikloecker).
Parse key pair info for NetKey cards using the base class
Dec 9 2020, 9:23 AM
ikloecker committed rKLEOPATRA02b63bb5aed2: Replace card-specific logic with info about signing/encryption key (authored by ikloecker).
Replace card-specific logic with info about signing/encryption key
Dec 9 2020, 9:23 AM
ikloecker committed rKLEOPATRA7519910b52f3: Remove PIVCard-specific keyGrip() (authored by ikloecker).
Remove PIVCard-specific keyGrip()
Dec 9 2020, 9:23 AM
ikloecker committed rKLEOPATRAd2bf514e4963: Fetch and store IDs of signing key and encryption key for card (authored by ikloecker).
Fetch and store IDs of signing key and encryption key for card
Dec 9 2020, 9:23 AM
ikloecker committed rKLEOPATRA3ca64c7519fe: Parse and store the key pair info in the Card base class (authored by ikloecker).
Parse and store the key pair info in the Card base class
Dec 9 2020, 9:23 AM
gniibe committed rCdb2c0895eacc: Apply libgcrypt-1.8.5-fips-module.patch (authored by gniibe).
Apply libgcrypt-1.8.5-fips-module.patch
Dec 9 2020, 9:17 AM
gniibe committed rC264024b0a59f: Apply libgcrypt-1.8.5-kdf-selftest.patch (authored by gniibe).
Apply libgcrypt-1.8.5-kdf-selftest.patch
Dec 9 2020, 9:17 AM
gniibe committed rCcc8d98c5ec48: Apply libgcrypt-1.8.4-tests-fipsmode.patch (authored by gniibe).
Apply libgcrypt-1.8.4-tests-fipsmode.patch
Dec 9 2020, 9:17 AM
gniibe committed rC6a37c312da7c: Apply libgcrypt-1.8.4-fips-keygen.patch (authored by gniibe).
Apply libgcrypt-1.8.4-fips-keygen.patch
Dec 9 2020, 9:17 AM
gniibe committed rCd508f7358d9e: Apply libgcrypt-1.8.3-md-fips-enforce.patch (authored by gniibe).
Apply libgcrypt-1.8.3-md-fips-enforce.patch
Dec 9 2020, 9:17 AM
gniibe committed rC6c1ccb85b763: Apply libgcrypt-1.8.3-fips-ctor.patch (authored by gniibe).
Apply libgcrypt-1.8.3-fips-ctor.patch
Dec 9 2020, 9:17 AM
gniibe committed rCb660f1c8fb39: Apply libgcrypt-1.8.3-fips-enttest.patch (authored by gniibe).
Apply libgcrypt-1.8.3-fips-enttest.patch
Dec 9 2020, 9:17 AM
gniibe committed rC2f6cc83f0c74: Apply libgcrypt-1.8.3-cmac-selftest.patch (authored by gniibe).
Apply libgcrypt-1.8.3-cmac-selftest.patch
Dec 9 2020, 9:17 AM
gniibe committed rC3c9c4647d147: Apply libgcrypt-1.7.3-fips-reqs.patch (authored by gniibe).
Apply libgcrypt-1.7.3-fips-reqs.patch
Dec 9 2020, 9:17 AM
gniibe committed rGa9aa30ed2c2c: scd:ccid:spr532: Extend abort_cmd for initialization time. (authored by gniibe).
scd:ccid:spr532: Extend abort_cmd for initialization time.
Dec 9 2020, 4:59 AM
gniibe committed rGf50373027222: scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup. (authored by gniibe).
scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup.
Dec 9 2020, 4:59 AM
gniibe committed rGffabc29d5ead: scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR. (authored by gniibe).
scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR.
Dec 9 2020, 4:43 AM
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

I checked the development log for the addition of:

libusb_clear_halt (handle->idev, handle->ep_intr);
Dec 9 2020, 4:35 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
In T5167#139966, @gbschenkel wrote:

I have another yubikey neo but its clean. Can it help it?

Dec 9 2020, 1:30 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

I have another yubikey neo but its clean. Can it help it?

Dec 9 2020, 12:57 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
In T5167#139964, @gbschenkel wrote:

Changing modes will I lose/change my OTP and FIDO codes?

Dec 9 2020, 12:38 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 8 2020

gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Changing modes will I lose/change my OTP and FIDO codes?

Dec 8 2020, 11:44 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
Angel added a comment to T5162: Import problem due to disabled brainpool curves.

I would add "Provide a verbose message of why the key cannot be imported".

Dec 8 2020, 11:06 PM · Bug Report, libgcrypt, gnupg (gpg22)
Denisov23 created T5171: Wish: in GPA add other types of keys such as Kleopatra in the S1 Public space.
Dec 8 2020, 9:12 PM · Feature Request, gpa
Laurent Montel <montel@kde.org> committed rKLEOPATRAea773eb9e02d: operator+/- is disabled for QFlags in qt6 (authored by Laurent Montel <montel@kde.org>).
operator+/- is disabled for QFlags in qt6
Dec 8 2020, 2:08 PM
gniibe renamed T5167: GnuPG 2.25 still have problems related to Yubikey NEO. from GnuPG 2.25 still have problems related to Yubikey. to GnuPG 2.25 still have problems related to Yubikey NEO..
Dec 8 2020, 12:01 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe triaged T5167: GnuPG 2.25 still have problems related to Yubikey NEO. as High priority.
Dec 8 2020, 12:00 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Following device (a bit older than yours, I guess) works well:

DBG: ccid-driver: idVendor: 1050  idProduct: 0112  bcdDevice: 0334

When I configure it to OTP+FIDO+CCID, it also works for me, it is:

DBG: ccid-driver: idVendor: 1050  idProduct: 0116  bcdDevice: 0334
Dec 8 2020, 11:58 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe committed rG946555ea3ceb: scd:yubikey: Fix support of Yubikey NEO. (authored by gniibe).
scd:yubikey: Fix support of Yubikey NEO.
Dec 8 2020, 9:46 AM
gniibe committed rGeda3c688fc2e: agent: Allow decryption with card but no file. (authored by gniibe).
agent: Allow decryption with card but no file.
Dec 8 2020, 7:27 AM
gniibe committed rG9beab36dfa39: agent: Clean up the API of agent_pkdecrypt. (authored by gniibe).
agent: Clean up the API of agent_pkdecrypt.
Dec 8 2020, 7:27 AM
gniibe changed the status of T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key, a subtask of T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, from Open to Testing.
Dec 8 2020, 7:14 AM · kleopatra
gniibe changed the status of T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key from Open to Testing.

Pushed the change by Ingo.

Dec 8 2020, 7:14 AM
gniibe added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.

I finally recognize this change: rG638526d37fee: agent: Allow signing with card key even without a stub key..
I should have seen this yesterday.

Dec 8 2020, 7:12 AM
gniibe committed rGcbb0e069f55b: agent: Allow pksign operation with card but no file. (authored by gniibe).
agent: Allow pksign operation with card but no file.
Dec 8 2020, 5:25 AM
gniibe created T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d.
Dec 8 2020, 4:10 AM · Restricted Project, gnupg (gpg23)
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Thanks a lot.
Let me explain the situation.

Dec 8 2020, 2:33 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 7 2020

glr added a comment to T5169: gpg: Clarify output.

Although the output of --list-packets should not be parsed and is subject to change with each versions we know that ppl do it anyway and things start to break.

Dec 7 2020, 8:33 PM · Bug Report
werner closed T5169: gpg: Clarify output as Wontfix.

Sorry, no. Although the output of --list-packets should not be parsed and is subject to change with each versions we know that ppl do it anyway and things start to break. Even when we added lines starting with the usual comment sign (#) to indicate the offset of the packet, we received quite some bug reports. Thus such chnages will only be done when they are really needed. For all other the rule is still: Use the source, Luke.

Dec 7 2020, 7:50 PM · Bug Report
aheinecke committed rO9f81ed6561c5: Change encryption to work on OOM (authored by aheinecke).
Change encryption to work on OOM
Dec 7 2020, 5:26 PM
aheinecke committed rO21f4b7f88801: Add helper for utf8 tmp name (authored by aheinecke).
Add helper for utf8 tmp name
Dec 7 2020, 5:26 PM
aheinecke committed rO310824f4e8eb: Add OOM SaveAs helper (authored by aheinecke).
Add OOM SaveAs helper
Dec 7 2020, 5:26 PM
Ericson2314 added a comment to D506: build: Make configure.ac for lock-obj-pub.native.h ideomatic.

Thank you! And for what it's worth, I think your version,

Dec 7 2020, 3:46 PM
ikloecker closed T5141: GnuPG: Make quick-gen-key work for keys on PIV cards as Resolved.
Dec 7 2020, 3:18 PM · gnupg (gpg23)
ikloecker closed T5141: GnuPG: Make quick-gen-key work for keys on PIV cards, a subtask of T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, as Resolved.
Dec 7 2020, 3:18 PM · kleopatra
ikloecker closed T5141: GnuPG: Make quick-gen-key work for keys on PIV cards, a subtask of T5126: Kleopatra: Generate OpenPGP public key for PIV card key, as Resolved.
Dec 7 2020, 3:18 PM · kleopatra
ikloecker committed rG255d33d65126: gpg: Make quick-gen-key with algo "card" work for keys without keytime (authored by ikloecker).
gpg: Make quick-gen-key with algo "card" work for keys without keytime
Dec 7 2020, 3:16 PM
gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Hi, I changed the PIN, killed the gpg-agent and scdaemon, edited the scdaemon.conf to include your instruction, after, I run the following commands:

Dec 7 2020, 3:10 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
glr created T5169: gpg: Clarify output.
Dec 7 2020, 1:34 PM · Bug Report
ikloecker claimed T5141: GnuPG: Make quick-gen-key work for keys on PIV cards.
Dec 7 2020, 1:25 PM · gnupg (gpg23)
werner placed T5141: GnuPG: Make quick-gen-key work for keys on PIV cards up for grabs.
Dec 7 2020, 11:45 AM · gnupg (gpg23)
werner assigned T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key to gniibe.
Dec 7 2020, 11:23 AM
ikloecker added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
In T5166#139903, @ikloecker wrote:

Maybe the line (pksign.c:328)

algo = get_pk_algo_from_key (s_skey);

should be moved to the start of the else-branch (pksign.c:484):

Dec 7 2020, 11:00 AM
ikloecker added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.

Maybe the line (pksign.c:328)

algo = get_pk_algo_from_key (s_skey);

should be moved to the start of the else-branch (pksign.c:484):

else
  {
    /* No smartcard, but a private key (in S_SKEY). */
Dec 7 2020, 10:50 AM
ikloecker added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.

The problem is that in agent_pksign_do() the algo is read from s_skey (pksign.c:328), but s_skey is NULL because agent_key_from_file() fails to find a local KEYGRIP.key file in private-keys-v1.d. The code then reads the public key from the card (or a stub file), but it fails to set algo from s_pkey. The following patch fixes this:

Dec 7 2020, 10:43 AM
aheinecke committed rO5e513aa0c108: Switch some data debugging statements to log_debug (authored by aheinecke).
Switch some data debugging statements to log_debug
Dec 7 2020, 10:31 AM
ikloecker added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
In T5166#139883, @gniibe wrote:

I think that the semantics of gpg --quick-gen-key <KEY> card (currently) assumes keys are available on card.
IIUC, it is for some specific (very special) use case to specify same key creation time to the key on card.
I don't know well about this use case.

Anyway, because of this, (currently) the first run results undefined behavior.

It would be good if it just means "creating key(s) on card".

Dec 7 2020, 8:32 AM
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Thank you for the information.
In the log, the driver detects removal of card wrongly.
That's the cause of this problem.

Dec 7 2020, 5:38 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
In T5167#139880, @gniibe wrote:

Please show us the output of gpg --card-status, and your configuration if you have something special. Are you using Yubikey also for gpg's signing, or is it only for SSH?

Dec 7 2020, 5:12 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe committed rE9ee011259f81: build: Use AC_CHECK_TOOL to detect objdump for cross build. (authored by gniibe).
build: Use AC_CHECK_TOOL to detect objdump for cross build.
Dec 7 2020, 4:59 AM
gniibe accepted D503: fix undefined-shift in block_filter.
Dec 7 2020, 4:07 AM
gniibe added a comment to D506: build: Make configure.ac for lock-obj-pub.native.h ideomatic.

Pushed in rE9ee011259f81: build: Use AC_CHECK_TOOL to detect objdump for cross build..

Dec 7 2020, 4:04 AM
gniibe accepted D506: build: Make configure.ac for lock-obj-pub.native.h ideomatic.

Thank you. I'm going to apply it, modifying a bit.

Dec 7 2020, 4:00 AM
gniibe added a comment to T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.

I think that the semantics of gpg --quick-gen-key <KEY> card (currently) assumes keys are available on card.
IIUC, it is for some specific (very special) use case to specify same key creation time to the key on card.
I don't know well about this use case.

Dec 7 2020, 2:53 AM
gniibe claimed T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Please show us the output of gpg --card-status, and your configuration if you have something special. Are you using Yubikey also for gpg's signing, or is it only for SSH?

Dec 7 2020, 2:44 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe changed the status of T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card from Open to Testing.

Backported.

Dec 7 2020, 2:16 AM · Restricted Project, gnupg, scd, Bug Report
gniibe committed rG5a03bf61304d: scd:openpgp: Fix writing ECC key to card. (authored by gniibe).
scd:openpgp: Fix writing ECC key to card.
Dec 7 2020, 2:15 AM
gniibe committed rG1cd615afe301: gpg,card: Allow no version information of Yubikey. (authored by gniibe).
gpg,card: Allow no version information of Yubikey.
Dec 7 2020, 2:10 AM
gniibe added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

We need another patch, because there are two places for gpg --card-edit and gpg-card to check OpenPGPcard's version number if it's >= 2 or not.

Dec 7 2020, 2:01 AM · Restricted Project, gnupg, scd, yubikey, kleopatra

Dec 6 2020

rkolvick added a comment to T5168: New computer, can't decrypt.

Thank you very much

Dec 6 2020, 11:49 PM · Support, gpg4win
werner added projects to T5167: GnuPG 2.25 still have problems related to Yubikey NEO.: scd, ssh, yubikey, gnupg (gpg22).

There is no caching for smardcard PINs. Once a key (or group of keys) on a hard has been used (i.e. PIN entered). that key can be used as long as the card has not been reset or powered-down. No rule without exception: Some cards may require that a PIN entry is required for each crypto operation. For example the OpenPGP card (which is implemented on a Yubikey) does this for the signing key but not for the authentication (ssh) key. To disable this for the signing key you use the "forcesig" command of gpg --card-edit.

Dec 6 2020, 5:00 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
werner closed T5168: New computer, can't decrypt as Resolved.

Select your key in the certificate view, click right, select "Backup Secret keys ...", store to a file. Then copy that file in a secure why (USB stick etc) to the new box, import it there.

Dec 6 2020, 4:50 PM · Support, gpg4win
rkolvick created T5168: New computer, can't decrypt.
Dec 6 2020, 9:17 AM · Support, gpg4win
gbschenkel updated the task description for T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
Dec 6 2020, 3:50 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gbschenkel created T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
Dec 6 2020, 3:34 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 4 2020

ikloecker committed rLIBKLEO97526165da68: Merge branch 'work/static-analysis' into 'master' (authored by ikloecker).
Merge branch 'work/static-analysis' into 'master'
Dec 4 2020, 10:51 PM
ikloecker committed rLIBKLEO553098647741: Run linux build job also on manually triggered pipeline (authored by ikloecker).
Run linux build job also on manually triggered pipeline
Dec 4 2020, 10:49 PM
patrick added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.

OK, then we'll have to live with --disable-asm until the next major version is released, or switch to gcc.

Dec 4 2020, 9:20 PM · toolchain, MacOS, libgcrypt, Bug Report
aheinecke committed rW7976719b3618: msi: Allo dashes in custom names (authored by aheinecke).
msi: Allo dashes in custom names
Dec 4 2020, 2:57 PM
Valodim added a comment to T4163: hkps://hkps.pool.sks-keyservers.net has to many bad servers to be a good default.

Perhaps of interest for this issue: the HKPS pool has consisted of only a single server for a couple of months now.

Dec 4 2020, 1:07 PM · gnupg, Keyserver
ikloecker added a parent task for T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key: T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key.
Dec 4 2020, 12:39 PM
ikloecker added a subtask for T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key: T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
Dec 4 2020, 12:39 PM · kleopatra
ikloecker created T5166: gpg --quick-gen-key userid card fails on first run resp. for unknown key.
Dec 4 2020, 12:39 PM
werner added a comment to T4788: System wide configuration of the GnuPG system.

And I also did a backport to 2.2 :-) See rGa028f24136a062f55408a5fec84c6d31201b2143

Dec 4 2020, 12:21 PM · gnupg (gpg23), Feature Request, gpg4win, g10code
werner committed rGa028f24136a0: Backport of the new option parser from 2.3 (authored by werner).
Backport of the new option parser from 2.3
Dec 4 2020, 12:18 PM
werner added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.

We should not do this.

Dec 4 2020, 12:17 PM · toolchain, MacOS, libgcrypt, Bug Report
ikloecker closed T5130: Kleopatra: Generating OpenPGP keys on Yubikey (with PIV enabled) fails with "General error" as Resolved.
In T5130#139220, @ikloecker wrote:

Re-opening. Now trying to generate new keys fails with a "Wrong card" error.

Dec 4 2020, 10:40 AM · kleopatra, Bug Report
ikloecker committed rLIBKLEOdc837292248b: Merge branch 'work/static-analysis' into 'master' (authored by ikloecker).
Merge branch 'work/static-analysis' into 'master'
Dec 4 2020, 10:25 AM
First
Prev
Next