Page MenuHome GnuPG
Feed All Stories

Mar 8 2022

ikloecker committed rKLEOPATRAc588a624db26: Set key/group summary if we have a key/group on editing finished (authored by ikloecker).
Set key/group summary if we have a key/group on editing finished
Mar 8 2022, 6:18 PM
ikloecker committed rKLEOPATRA4d3c5b420f8d: Make the model used for auto completion a single-column model (authored by ikloecker).
Make the model used for auto completion a single-column model
Mar 8 2022, 6:18 PM
ikloecker committed rKLEOPATRA8994f1ce7dff: Ensure update of line action on text changed after editing finished (authored by ikloecker).
Ensure update of line action on text changed after editing finished
Mar 8 2022, 6:18 PM
jukivili committed rCd857e85cb4d4: ghash|polyval: add x86_64 VPCLMUL/AVX2 accelerated implementation (authored by jukivili).
ghash|polyval: add x86_64 VPCLMUL/AVX2 accelerated implementation
Mar 8 2022, 6:16 PM
jukivili committed rCe6f360019369: ghash|polyval: add x86_64 VPCLMUL/AVX512 accelerated implementation (authored by jukivili).
ghash|polyval: add x86_64 VPCLMUL/AVX512 accelerated implementation
Mar 8 2022, 6:16 PM
jukivili committed rC8cf06145263e: Add detection for HW feature "intel-avx512" (authored by jukivili).
Add detection for HW feature "intel-avx512"
Mar 8 2022, 6:16 PM
Jakuje added a comment to T5870: libgcrypt: AEAD API for FIPS 140 (in future).

You are combining two concepts here -- the KDF and the AEAD cipher itself (at least from the FIPS terminology). I would like to avoid mixing these two together in the new API. If you would like to implement the SSH/TLS KDF, I would suggest to use the kdf API you already have. Then we are here left only with a new geniv API to implement. In the T4873 I mentioned example how it is now used in libssh using libgcrypt, which implements the iv increment outside of the libgcrypt:

Mar 8 2022, 3:51 PM · Feature Request, FIPS, libgcrypt
werner closed T5691: Release libgcrypt 1.10.0 as Resolved.
Mar 8 2022, 11:02 AM · FIPS, Release Info, libgcrypt
gniibe added a comment to T5856: Forcing aead when creating sign & encrypted files creates inconsistent results.

Thank you for the report.

Mar 8 2022, 10:40 AM · gnupg (gpg23), Bug Report
ikloecker committed rKLEOPATRA398cc4dbd783: Force visual focus of button with input focus when window is shown (authored by ikloecker).
Force visual focus of button with input focus when window is shown
Mar 8 2022, 10:01 AM
werner committed rG70b738f93f1a: gpgtar,w32: Support file names longer than MAX_PATH. (authored by werner).
gpgtar,w32: Support file names longer than MAX_PATH.
Mar 8 2022, 8:11 AM
werner committed rG6afedbcd47d9: common,w32: Support file names longer than MAX_PATH in iobuf. (authored by werner).
common,w32: Support file names longer than MAX_PATH in iobuf.
Mar 8 2022, 8:11 AM
Laurent Montel <montel@kde.org> committed rLIBKLEOb216e24c5918: Fix compile without depercated method (authored by Laurent Montel <montel@kde.org>).
Fix compile without depercated method
Mar 8 2022, 7:04 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA30495ab90867: Fix compile without depercated method (authored by Laurent Montel <montel@kde.org>).
Fix compile without depercated method
Mar 8 2022, 6:54 AM
gniibe added a comment to T5793: gpgsm: Wrong length when parsing octetstring in constructed encoding + definite length.

I located the cause; Current implementation cannot parse the data like:

2611:d=5  hl=4 l=1632 cons:      cont [ 0 ]        
2615:d=6  hl=4 l= 500 prim:       OCTET STRING
3119:d=6  hl=4 l=1124 prim:       OCTET STRING
Mar 8 2022, 5:25 AM · Restricted Project, S/MIME, gnupg (gpg22)
l10n daemon script <scripty@kde.org> committed rKLEOPATRA12fb062b9763: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT made messages (after extraction)
Mar 8 2022, 2:08 AM
gniibe updated the task description for T5793: gpgsm: Wrong length when parsing octetstring in constructed encoding + definite length.
Mar 8 2022, 1:52 AM · Restricted Project, S/MIME, gnupg (gpg22)

Mar 7 2022

jukivili added a comment to T5870: libgcrypt: AEAD API for FIPS 140 (in future).

Is large change to cipher API really needed (new open/encrypt with less flexibility)? How that would affect performance? Would following new interfaces to gcry_cipher API work instead?

  • gcry_cipher_setup_geniv(hd, int ivlen, int method): for setting up IV generator with parameters such as IV length, method id (RFC5116, TLS 1.3, SSH, etc), (other parameters?)
  • gcry_cipher_geniv(hd, byte *outiv): for generating new iv: generate IV using select method, set IV internally and output generated IV to 'ivout'.
  • gcry_cipher_genkey(hd, byte *outkey, int keylen, int method): for generating keys, generate key internally with parameters (method id, other?), setup key internally and output generated key to 'outkey'. (how keys from key exchange protocol be handled? using existing setkey?)
Mar 7 2022, 9:04 PM · Feature Request, FIPS, libgcrypt
jukivili added a comment to T5860: Reducing memory copy overhead in iobuf and estream to increase OCB speed.

I went through my test files and found that --enarmor on zero length input file did no longer work. I made separate patch to fix that issue, which then also needs another approach for handling compress issue noticed earlier:

Mar 7 2022, 8:09 PM · gnupg
Jakuje added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).

The mails from these days still contain the following header:

List-Post: <mailto:gnupg-devel@lists.gnupg.org>

which is probably causing the mail client directing the mails to this address. Is there a way to change or or make it an alias so it is easier for people to use the mailing list without finding this issue?

Mar 7 2022, 11:41 AM · gpgweb, Bug Report
bernhard committed rW0869cee3f9dc: Improve support-de more canonical email address (authored by bernhard).
Improve support-de more canonical email address
Mar 7 2022, 11:39 AM
ikloecker claimed T5569: pinentry qt4 fails to compile in pinentry 1.2.0.
Mar 7 2022, 11:36 AM · Bug Report, pinentry
gniibe claimed T5793: gpgsm: Wrong length when parsing octetstring in constructed encoding + definite length.
Mar 7 2022, 11:25 AM · Restricted Project, S/MIME, gnupg (gpg22)
gniibe claimed T5856: Forcing aead when creating sign & encrypted files creates inconsistent results.
Mar 7 2022, 11:23 AM · gnupg (gpg23), Bug Report
werner closed T5815: GPG-Agent randomly throwing "IPC connect call failed" as Resolved.
Mar 7 2022, 11:22 AM · Bug Report
gniibe lowered the priority of T5704: Ed448/X448 defined in draft-ietf-openpgp-crypto-refresh-04 from High to Normal.
Mar 7 2022, 11:17 AM · gnupg24, OpenPGP, gnupg (gpg23)
gniibe triaged T5590: OpenPGP: Curve 448, modernize? as Normal priority.
Mar 7 2022, 11:15 AM · rationale, gnupg, OpenPGP
ikloecker closed T5871: GPGME: New Qt util.cpp (1.17.0) FTBFS for i386 only as Resolved.

Should be fixed.

Mar 7 2022, 9:48 AM · Duplicate, gpgme, Bug Report
ikloecker committed rM71d4c9f4527d: doc: Update NEWS (authored by ikloecker).
doc: Update NEWS
Mar 7 2022, 9:45 AM
ikloecker committed rM55861ba9ccc6: qt: Add missing include of config.h (authored by ikloecker).
qt: Add missing include of config.h
Mar 7 2022, 9:45 AM
ikloecker committed rM5a5a748e2359: qt,doc: Remove comments about throwing exceptions (authored by ikloecker).
qt,doc: Remove comments about throwing exceptions
Mar 7 2022, 9:45 AM
gniibe added a comment to T5860: Reducing memory copy overhead in iobuf and estream to increase OCB speed.

Ack from me for new 0005 and 0006.

Mar 7 2022, 9:13 AM · gnupg
gniibe added a comment to T5862: authentication with USB token.

More things to be considered:

  • How to connect scdaemon
  • How to invoke scdaemon
Mar 7 2022, 1:14 AM · gpgagent, Feature Request, scd

Mar 6 2022

savoury1 added a comment to T5871: GPGME: New Qt util.cpp (1.17.0) FTBFS for i386 only.

The patch for T5834 (https://dev.gnupg.org/rMad3aabdd8a64156c7e3a75d695ae1ab2c4bec841) was already applied to the build of GPGME 1.17.0 for Focal, as I did browse the list of latest GPGME bugs first before reporting this bug. Attempting to build with the latest GPGME 1.17.1 (with the included ABI patch) results in exactly the same FTBFS for i386 only, so this does appear to be a distinct issue not related to that of ABI backwards compatibility.

Mar 6 2022, 8:34 PM · Duplicate, gpgme, Bug Report
werner committed rMf61a14f189d3: Post release updates (authored by werner).
Post release updates
Mar 6 2022, 7:38 PM
werner committed rMee50a38823da: Release 1.17.1 (authored by werner).
Release 1.17.1
Mar 6 2022, 7:38 PM
jukivili updated subscribers of T5860: Reducing memory copy overhead in iobuf and estream to increase OCB speed.

Does this look ok to push to master? @werner @gniibe

Mar 6 2022, 6:59 PM · gnupg
werner committed rDd32ad12fb12d: swdb: GPGME 1.17.1 (authored by werner).
swdb: GPGME 1.17.1
Mar 6 2022, 6:39 PM
jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 6 2022, 6:35 PM · libgcrypt
werner added projects to T5871: GPGME: New Qt util.cpp (1.17.0) FTBFS for i386 only: gpgme, Duplicate.

Please see T5834 which is fixed in 1.17.1

Mar 6 2022, 6:19 PM · Duplicate, gpgme, Bug Report
werner closed T5834: C++ ABI breakage in gpgme-1.17.0? as Resolved.

Fixed in 1.17.1

Mar 6 2022, 6:13 PM · Bug Report
werner closed T5872: Release GPGME 1.17.1 as Resolved.
Mar 6 2022, 6:12 PM · Release Info, gpgme
werner added a comment to T5819: Release GPGME 1.17.0.

Note the ABI bug the Qt version of 1.17.0 which is fixed with 1.17.1 (T5872)

Mar 6 2022, 6:10 PM · Release Info, gpgme
werner closed T5819: Release GPGME 1.17.0 as Resolved.
Mar 6 2022, 6:09 PM · Release Info, gpgme
werner triaged T5872: Release GPGME 1.17.1 as High priority.
Mar 6 2022, 5:47 PM · Release Info, gpgme

Mar 5 2022

jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 5 2022, 2:09 PM · libgcrypt
jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 5 2022, 1:23 PM · libgcrypt
jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 5 2022, 1:21 PM · libgcrypt

Mar 4 2022

savoury1 created T5871: GPGME: New Qt util.cpp (1.17.0) FTBFS for i386 only.
Mar 4 2022, 11:23 PM · Duplicate, gpgme, Bug Report
werner committed rG4122896a39b7: common,w32: Support file names longer than MAX_PATH in iobuf. (authored by werner).
common,w32: Support file names longer than MAX_PATH in iobuf.
Mar 4 2022, 3:04 PM
werner committed rG5492079defab: gpgtar,w32: Support file names longer than MAX_PATH. (authored by werner).
gpgtar,w32: Support file names longer than MAX_PATH.
Mar 4 2022, 3:04 PM
werner committed rE32dad4e4135f: w32: Support file names longer than MAX_PATH. (authored by werner).
w32: Support file names longer than MAX_PATH.
Mar 4 2022, 2:43 PM
gniibe added a comment to T5862: authentication with USB token.

BTW, there are various use cases for authentication(s), it is better to focus on the part of device and crypto (USB Token and scdaemon).

Mar 4 2022, 6:05 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Here is an experimental shell script for testing:

Mar 4 2022, 5:46 AM · gpgagent, Feature Request, scd
gniibe committed rG14e13fb7123e: common: Fix confusion of get_pk_algo_from_key. (authored by gniibe).
common: Fix confusion of get_pk_algo_from_key.
Mar 4 2022, 3:09 AM
gniibe committed rG58e6990eaabb: scd: Fix PK_AUTH with --challenge-response option. (authored by gniibe).
scd: Fix PK_AUTH with --challenge-response option.
Mar 4 2022, 2:15 AM

Mar 3 2022

jukivili added a comment to T5860: Reducing memory copy overhead in iobuf and estream to increase OCB speed.

New versions of patches 0005 and 0006 - fixes EOF handling issues noticed with compression/decompression:

Mar 3 2022, 9:17 PM · gnupg
ikloecker committed rLIBKLEO6de644bf4648: Make the model used for the key selection combo a single-column model (authored by ikloecker).
Make the model used for the key selection combo a single-column model
Mar 3 2022, 5:16 PM
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption from Testing to Open.

From the parent task "I think having the [...] keyselection when encrypting improved is the best way to help current users of the software who might already have received help from a collegue to import and have a list of certified certificates available."

Mar 3 2022, 2:46 PM · kleopatra, Restricted Project
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption, a subtask of T5842: Gpg4win LTS 3.1.22, from Testing to Open.
Mar 3 2022, 2:46 PM · gpg4win, Restricted Project, Release Info
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption, a subtask of T5824: Kleopatra: Full accessibility support, from Testing to Open.
Mar 3 2022, 2:46 PM · kleopatra
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption from Open to Testing.

Ready for testing

Mar 3 2022, 2:40 PM · kleopatra, Restricted Project
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption, a subtask of T5842: Gpg4win LTS 3.1.22, from Open to Testing.
Mar 3 2022, 2:40 PM · gpg4win, Restricted Project, Release Info
ikloecker changed the status of T5845: Kleopatra: Accessibility for file encryption, a subtask of T5824: Kleopatra: Full accessibility support, from Open to Testing.
Mar 3 2022, 2:40 PM · kleopatra
ikloecker placed T5863: pinentry-qt: Further improve the accessibility up for grabs.
Mar 3 2022, 2:40 PM · pinentry, Restricted Project
ikloecker changed the status of T5863: pinentry-qt: Further improve the accessibility, a subtask of T5845: Kleopatra: Accessibility for file encryption, from Open to Testing.
Mar 3 2022, 2:40 PM · kleopatra, Restricted Project
ikloecker changed the status of T5863: pinentry-qt: Further improve the accessibility from Open to Testing.

Ready for testing

Mar 3 2022, 2:40 PM · pinentry, Restricted Project
Jakuje added a comment to T5870: libgcrypt: AEAD API for FIPS 140 (in future).

I think this is not urgent as we are able to FIPS certify libgcrypt without that, but the modern protocols and algorithm use this and if we want to use libgcrypt to implement these in FIPS compliant way, we certainly need something like that.

Mar 3 2022, 2:08 PM · Feature Request, FIPS, libgcrypt
ikloecker committed rLIBKLEO57412770a4ef: Add two more recipient-only test keys/certificates (authored by ikloecker).
Add two more recipient-only test keys/certificates
Mar 3 2022, 12:14 PM
ikloecker committed rLIBKLEO023f88d55c89: Fix check for resolved signing keys (authored by ikloecker).
Fix check for resolved signing keys
Mar 3 2022, 12:14 PM
ikloecker changed the status of T5869: GpgOL: Sign requested without signing key shows error from Open to Testing.

Fixed.

Mar 3 2022, 12:03 PM · Restricted Project, Bug Report, gpgol
bernhard committed rWc1dac40f6371: Improve about page (authored by bernhard).
Improve about page
Mar 3 2022, 10:19 AM
ikloecker moved T5869: GpgOL: Sign requested without signing key shows error from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mar 3 2022, 10:17 AM · Restricted Project, Bug Report, gpgol
ikloecker added a project to T5869: GpgOL: Sign requested without signing key shows error: Restricted Project.
Mar 3 2022, 10:17 AM · Restricted Project, Bug Report, gpgol
gniibe committed rG44621120a269: scd: Add --challenge-response option to PK_AUTH for OpenPGP card. (authored by gniibe).
scd: Add --challenge-response option to PK_AUTH for OpenPGP card.
Mar 3 2022, 9:51 AM
werner added a project to T5868: Attached files: gpgol.

Please describe your problem in more detail. Also: Which version of GpgOl and Outlook are you using, SMTP/IMAP or Exchange?

Mar 3 2022, 9:42 AM · No Response, gpgol, Bug Report, gpg4win
werner lowered the priority of T5870: libgcrypt: AEAD API for FIPS 140 (in future) from Unbreak Now! to Normal.

I don't think it is justified to tag this as "unbreak now" - which we use for severe bugs inhibiting the use of a deployed version.

Mar 3 2022, 9:40 AM · Feature Request, FIPS, libgcrypt
ikloecker added a comment to T5869: GpgOL: Sign requested without signing key shows error.

I'm not sure. In KeyResolverCore::Private::resolve() line 668 reads

const bool pgpOnly = (!mEncrypt || !hasUnresolvedRecipients(mEncKeys, OpenPGP)) && (!mSign || mSigKeys.contains(OpenPGP));

I'd say this is supposed to check if there is an OpenPGP signing key, but I guess mSigKeys[OpenPGP] is an empty list. This may be a regression introduced by the resultion of key groups because in KeyResolverCore::Private::resolveSigningGroups() the entry mSigKeys[OpenPGP] is always set (unless we are in CMS-only mode).

Mar 3 2022, 9:24 AM · Restricted Project, Bug Report, gpgol
aheinecke added a comment to T5869: GpgOL: Sign requested without signing key shows error.

Yes, unit tests still pass. So its ok with you to commit this?

Mar 3 2022, 8:48 AM · Restricted Project, Bug Report, gpgol
gniibe triaged T5870: libgcrypt: AEAD API for FIPS 140 (in future) as Unbreak Now! priority.
Mar 3 2022, 1:13 AM · Feature Request, FIPS, libgcrypt

Mar 2 2022

jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 2 2022, 8:39 PM · libgcrypt
jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mar 2 2022, 8:37 PM · libgcrypt
jukivili closed T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le as Resolved.
Mar 2 2022, 8:24 PM · patch, ppc, libgcrypt, Feature Request
jukivili committed rC7d2983979866: hwf-arm: add ARMv8.2 optional crypto extension HW features (authored by Tianjia Zhang <tianjia.zhang@linux.alibaba.com>).
hwf-arm: add ARMv8.2 optional crypto extension HW features
Mar 2 2022, 8:23 PM
jukivili committed rC47cafffb09d8: Add SM4 ARMv8/AArch64/CE assembly implementation (authored by Tianjia Zhang <tianjia.zhang@linux.alibaba.com>).
Add SM4 ARMv8/AArch64/CE assembly implementation
Mar 2 2022, 8:23 PM
jukivili closed T5852: Use iobuf_copy where instead of manual iobuf_get/iobuf_put or iobuf_read/iobuf_write loops, a subtask of T5828: Improvements for gnupg data operation performance (enc/dec/sign/verify/enarmor/dearmor/etc), as Resolved.
Mar 2 2022, 8:17 PM · gnupg
jukivili closed T5852: Use iobuf_copy where instead of manual iobuf_get/iobuf_put or iobuf_read/iobuf_write loops as Resolved.
Mar 2 2022, 8:17 PM · gnupg (gpg23)
jukivili committed rG9c313321a849: g10/dearmor: use iobuf_copy (authored by jukivili).
g10/dearmor: use iobuf_copy
Mar 2 2022, 8:15 PM
jukivili committed rG756c0bd5d89b: g10/encrypt: use iobuf_copy instead of manual iobuf_read/iobuf_write (authored by jukivili).
g10/encrypt: use iobuf_copy instead of manual iobuf_read/iobuf_write
Mar 2 2022, 8:15 PM
dpereira added a comment to T4588: gpg-agent should guess pinentry's full path (using $PATH) if `pinentry-program` does not supply a full path.

What about at least accepting env variables OR tilde expansions? That will make it easier to integrate with dotfiles that intentionally use a home-dir based executable without having to pass the full path, so it could work cross platforms.

Mar 2 2022, 8:12 PM · gnupg24, gpgagent
ikloecker added a comment to T5869: GpgOL: Sign requested without signing key shows error.

Sounds familiar, that the signing keys are not considered. I think when I worked on this, I thought that is was a bad idea to mix resolving signing and encryption keys. Do the unit tests still pass with your change?

Mar 2 2022, 6:19 PM · Restricted Project, Bug Report, gpgol
ikloecker committed rP5531e1c68238: build: Do not list the same files thrice in qt/Makefile.am (authored by ikloecker).
build: Do not list the same files thrice in qt/Makefile.am
Mar 2 2022, 6:14 PM
ikloecker committed rP42af54bece51: qt: Make text label in pinentry message box focusable (authored by ikloecker).
qt: Make text label in pinentry message box focusable
Mar 2 2022, 6:14 PM
ikloecker committed rPb6370f87d247: qt: Extract function for selecting the text of a QLabel (authored by ikloecker).
qt: Extract function for selecting the text of a QLabel
Mar 2 2022, 6:14 PM
ikloecker committed rPe7bcc0894e3a: qt: Modernize code (authored by ikloecker).
qt: Modernize code
Mar 2 2022, 6:14 PM
ikloecker committed rP4435e9fa206f: qt: Fix reaction to Escape key and close button of window (authored by ikloecker).
qt: Fix reaction to Escape key and close button of window
Mar 2 2022, 6:14 PM
aheinecke reassigned T5869: GpgOL: Sign requested without signing key shows error from aheinecke to ikloecker.

@ikloecker
If I test the resolver code from libkleo with gpg4win-tools keyresolver binary:

Mar 2 2022, 4:09 PM · Restricted Project, Bug Report, gpgol
aheinecke triaged T5869: GpgOL: Sign requested without signing key shows error as Normal priority.
Mar 2 2022, 3:49 PM · Restricted Project, Bug Report, gpgol
ikloecker closed T5867: pinentry-qt: Image on left side looks broken if pinentry shows an error as Resolved.

pinentry-qt with new icon:

Mar 2 2022, 12:19 PM · Restricted Project, pinentry, Bug Report
ikloecker committed rP774e8a72cd1e: qt: Use better icon for signalling an error (authored by ikloecker).
qt: Use better icon for signalling an error
Mar 2 2022, 12:17 PM