- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Sep 6 2021
looks good to me. Tested now with master 47e425e07995454573e28c13c08229d2f8a75642 and all tests pass for me in and out of FIPS mode as well as in the "soft" one.
I created an experimental branch:
https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Fnew-pk-api/
I think this issue is solved. For systemd, I need to run this as --supervised option not the --daemon option. The --daemon option has bug.
Sep 5 2021
Nevermind, I found the appropriate link above, thanks again.
Thanks for noticing me but I can't access your git repository at https://dev.gnupg.org/source/gnupg.git and the github mirror at https://github.com/gpg/gpgme is not up to date. Do you have an other mirror?
You could use --disable-keyboxd which should fix this. However, there will eventually be no more way to build w/o Sqlite and thus I would suggest not to allow disabling of sqlite.
Thanks. This has already been fixed in July with rM4b64774b6d13ffa4f59dddf947a97d61bcfa2f2e
Sep 4 2021
This works for me:
Sep 3 2021
I think the behavior makes perfect sense for Unix but the default delimiter for .txt in Windows is \r\n.
The OP wants to do symmetric encryption. This isn't about the passphrase that protects a key.
Yes, we read up to the first LF. This has been the traditional way of PGP2 and is still used by mail programs like Mutt.
Sep 2 2021
I'm guessing gpg in Unix has stripped the \n if present? I don't have access to a real Unix system at the moment.
I see that problem but gpg has traditionally not interpreted the passphrase in any way. Right, for Windows we could strip the CR but I fear that this might break other users scripts/passphrases. However there should be a warning in the manual.
The actual problem is not that --list-packets produces weird output, but that --decrypt fails with
gpg: [don't know]: invalid packet (ctb=4f) [GNUPG:] NODATA 3
causing confusing errors in Kleopatra.
Sep 1 2021
Based on GCC bugzilla, affected released GCC versions are 11.1 and 11.2.
(ab | ba) >= 0 is used to make optimization analysis for compiler more difficult. I see that with (ab | ba) == 0, it would be much easier for compiler to conclude than loop could exit early as soon as first a[i] != b[i] is seen.
I filed a bug report to GCC, with modified test case.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102151
Aug 31 2021
gpg verifies the content of the file and not its meta data (file name). Thus an empty file is identical to a non-existing file. The OpenPGP protocol does not allow to distinguish between a detached signature and an embedded signature if you sign an empty file.
Aug 30 2021
I think this behaviour has something to do with "attached signature"?!
Aihhh, my fault. seems that a new version it not too far away.
The problem was created during a migration of the host operating system and acme client tools.
See description above.
Aug 29 2021
Nah, I think I laid out all my arguments by now. I don't have more to add, so I'll just let it be.
Thanks for helping out @werner.
We will look into it but nevertheless I have to remark that this this portable thing is dangerous to use and you should avoid it.
Not at all. But 2.1 was such a large change that users really should have read the announcement and think about their use case. We have exensivly communicated the changes and can expect that users test their new installation. IF you have further comments, please use the mailing list.
You can write your own pinentry script instead of the loopback thing. The use the envvar PINENTRY-USER_DATA to communicate with the pinentry.
The same problem. Portable mode is completely broken in v2.3.2 and v2.2.30 on Windows.
I'm still sad that you don't acknowledge the problem I am describing. It seems that you are writing your software for the kind of user who reads all your documentation first. That kind of user does not exist.
Aug 28 2021
Hello Mr. Koch,
The option has been removed form the repo more than 11 years ago and the gnupg with this changes (2.1.0) was released 7 years ago including an extensive writeup on all the major changes including notices that the secret keys will be converted and moved.
I wonder about the spelling errors. For particular