Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

May 27 2019

werner committed rG32210e855c46: sm: Avoid confusing diagnostic for the default key. (authored by werner).
sm: Avoid confusing diagnostic for the default key.
May 27 2019, 3:49 PM
werner committed rG521e7d4644ed: sm: Avoid confusing diagnostic for the default key. (authored by werner).
sm: Avoid confusing diagnostic for the default key.
May 27 2019, 3:48 PM
werner triaged T4535: gpgsm --sign prints misleading error message when using default key as Low priority.
May 27 2019, 3:29 PM · gnupg (gpg22), S/MIME, Bug Report
matheusmoreira added a comment to T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

@werner Thank you for resolving this issue.

May 27 2019, 1:04 PM · patch, Bug Report, gnupg
werner closed T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested) as Resolved.

See the man page on how to delete subkeys or just the primary secret key with --delete-key.

May 27 2019, 12:57 PM · patch, Bug Report, gnupg
werner closed T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested), a subtask of T4509: Release GnuPG 2.2.16, as Resolved.
May 27 2019, 12:57 PM · Release Info, gnupg (gpg22)
werner committed rGb6289af9738d: gpg: Fixed i18n markup of some strings. (authored by werner).
gpg: Fixed i18n markup of some strings.
May 27 2019, 12:56 PM
werner committed rG190eeb7cce03: po: Update the German translation (authored by werner).
po: Update the German translation
May 27 2019, 12:55 PM
werner committed rGab5d7142a79e: gpg: Fixed i18n markup of some strings. (authored by werner).
gpg: Fixed i18n markup of some strings.
May 27 2019, 12:54 PM
werner committed rGd9b31d3a20b8: gpg: Allow deletion of subkeys with --delete-[secret-]key. (authored by werner).
gpg: Allow deletion of subkeys with --delete-[secret-]key.
May 27 2019, 12:54 PM
werner committed rGcc6069ac6ecd: gpg: Allow deletion of subkeys with --delete-[secret-]key. (authored by werner).
gpg: Allow deletion of subkeys with --delete-[secret-]key.
May 27 2019, 11:18 AM
gniibe closed T3343: show-unusable-subkeys claims "expired: never" when primary key is expired as Resolved.
May 27 2019, 10:11 AM · gnupg, Bug Report
aheinecke added a comment to T4526: GpgOL: Forwarding a mail with attachment as crypto mail removes attachment.

I was able to reproduce this when I forwarded the mail after opening it in a new window. Somehow that appears to influence it.

May 27 2019, 10:00 AM · Bug Report, gpgol, gpg4win
werner committed rG9ccdd59e4e1e: agent: Stop scdaemon after reload when disable_scdaemon. (authored by gniibe).
agent: Stop scdaemon after reload when disable_scdaemon.
May 27 2019, 9:24 AM
gniibe closed T4397: GPG Error - version >= 1.25... no as Invalid.

I think that when using GNU autoconf's configure, you should have the ${prefix}/bin in your PATH.

May 27 2019, 4:44 AM · gpgrt, Bug Report

May 25 2019

werner closed T4540: compress tarballs with xz as Wontfix.

No sorry, we won't do that for the regular source. However, the full source for the binary installer is xz compressed. That is because we are legally required to publish the source but in reality the source ist not used and weel, to build you have lots of other requirements with xz being the simplest one.

May 25 2019, 8:44 PM · gnupg, libgcrypt
vtorri created T4540: compress tarballs with xz in the S1 Public space.
May 25 2019, 7:51 PM · gnupg, libgcrypt

May 24 2019

slandden updated the diff for D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..
May 24 2019, 9:05 PM
slandden requested review of D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..
May 24 2019, 9:04 PM
slandden updated the diff for D491: Support for PowerPC's AES acceleration..

proper benchmarks

May 24 2019, 9:04 PM
slandden updated the diff for D492: Add PowerPC crypto acceleration support for SHA2..

Fix alignment needs of vcrypto instructions.

May 24 2019, 9:03 PM
werner triaged T4539: libgpg-error on Windows: strerror_s can be used instead of strerror_r as Normal priority.

I guess we can do that. Thanks for the hint.

May 24 2019, 3:19 PM · gpgrt, Feature Request
vtorri created T4539: libgpg-error on Windows: strerror_s can be used instead of strerror_r.
May 24 2019, 1:19 PM · gpgrt, Feature Request
werner added a comment to T4538: Support PSS signed CRLs.

Interesting tinge: The main CRL of the dgn.de CA uses a nextUpdate in the year 2034 (15 years in the future) which would force dirmngr to cache the CRL until then. However, the CRL of the intermediate certificate has a nextUpdate only one month in the future. There is currently no entry in that second level CRL, so their idea might be that an updated second level CRL will also trigger a reload of the main CRL. I have not checked how we implement that in Dirmngr but I doubt that such a thing will work for us and that it is in any way standard compliant.

May 24 2019, 11:59 AM · dirmngr, S/MIME, libksba
werner added a subtask for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba
werner added a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.
May 24 2019, 9:10 AM · Release Info
werner removed a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:10 AM · dirmngr, S/MIME, libksba
werner removed a subtask for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.
May 24 2019, 9:10 AM · Release Info
werner added a parent task for T4538: Support PSS signed CRLs: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:08 AM · dirmngr, S/MIME, libksba
werner added a subtask for T4523: Gpg4win: Multiple problems reported 05-2019: T4538: Support PSS signed CRLs.
May 24 2019, 9:08 AM · Release Info
werner removed a parent task for T4523: Gpg4win: Multiple problems reported 05-2019: T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling.
May 24 2019, 9:06 AM · Release Info
werner removed a subtask for T4118: GpgOL: Mitigate S/MIME Denial of Service due to CRL stalling: T4523: Gpg4win: Multiple problems reported 05-2019.
May 24 2019, 9:06 AM · gpg4win, gpgol
werner created T4538: Support PSS signed CRLs.
May 24 2019, 8:58 AM · dirmngr, S/MIME, libksba
jukivili added a comment to D491: Support for PowerPC's AES acceleration..

Consider using tests/bench-slope to get cycles/byte results so they can be compared with https://github.com/dot-asm/cryptogams/blob/master/ppc/aesp8-ppc.pl#L34

May 24 2019, 8:44 AM
slandden planned changes to D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..
May 24 2019, 6:39 AM
slandden planned changes to D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:39 AM
slandden planned changes to D492: Add PowerPC crypto acceleration support for SHA2..

Didn't do sufficient testing.

May 24 2019, 6:31 AM
slandden updated the diff for D491: Support for PowerPC's AES acceleration..

Actually include modified perlasm file.

May 24 2019, 6:16 AM
slandden updated the summary of D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:15 AM
slandden updated the summary of D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:07 AM
slandden updated the summary of D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:07 AM
slandden updated the summary of D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:06 AM
slandden added a task to D492: Add PowerPC crypto acceleration support for SHA2.: T4530: libgcrypt: POWER SHA-2 Vector Acceleration.
May 24 2019, 6:06 AM
slandden added a revision to T4530: libgcrypt: POWER SHA-2 Vector Acceleration: D492: Add PowerPC crypto acceleration support for SHA2..
May 24 2019, 6:06 AM · libgcrypt, Feature Request
slandden created D492: Add PowerPC crypto acceleration support for SHA2..
May 24 2019, 6:06 AM
slandden updated the summary of D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:04 AM
slandden created D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:03 AM
slandden added a revision to T4529: libgcrypt: POWER AES Vector Acceleration: D491: Support for PowerPC's AES acceleration..
May 24 2019, 6:03 AM · libgcrypt, Feature Request
slandden created D490: PowerPC optimized routines for AES and SHA2 using PowerISA 2.07 instructions..
May 24 2019, 6:01 AM

May 23 2019

misterzed88 created T4537: gpgsm support for timestamp signatures.
May 23 2019, 4:25 PM · gnupg24, S/MIME, Feature Request
wheelerlaw reopened T3065: dirmngr: proxy issues with dnslookup causing failure as "Open".

Are you not reading what I am saying to you?? Once again, your explanation is INVALID because that would mean that gnupg would be BROKEN, because it would be a NON-COMPLIANT http client according to the RFC I quoted.

May 23 2019, 1:58 PM · gnupg (gpg22), dns, dirmngr
misterzed88 created T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID.
May 23 2019, 11:18 AM · S/MIME, gnupg (gpg22), Bug Report
misterzed88 created T4535: gpgsm --sign prints misleading error message when using default key.
May 23 2019, 9:53 AM · gnupg (gpg22), S/MIME, Bug Report
werner edited projects for T3287: Improve http proxy support by honoring SRV RRs., added: gnupg (gpg23); removed gnupg (gpg22).
May 23 2019, 9:43 AM · gnupg, dirmngr
werner closed T3065: dirmngr: proxy issues with dnslookup causing failure as Wontfix.

I explained why the keyserver access requires access to the DNS. If that is not possible the keyserver code will not work. If you don't allow DNS to work you either have to use Tor (which we use to also tunnel DNS requests) or get your keys from elsewhere. Also note that the keyserver network is current several broken and under DoS and thus it is unlikely that it can be operated in the future.

May 23 2019, 9:42 AM · gnupg (gpg22), dns, dirmngr
werner edited projects for T4422: `repair-keys` does not reorder signatures on non-merge imports, added: gnupg (gpg23); removed gnupg (gpg22).
May 23 2019, 9:31 AM · gnupg24, Bug Report
gniibe closed T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon. as Resolved.

Simply sending "KILLSCD" is implemented.

May 23 2019, 3:19 AM · Bug Report, scd, gpgagent
gniibe committed rG7158a5696dc8: agent: Stop scdaemon after reload when disable_scdaemon. (authored by gniibe).
agent: Stop scdaemon after reload when disable_scdaemon.
May 23 2019, 3:18 AM
gniibe committed rG265e6d670682: g10: Copy expiredate from primary key when marked expired. (authored by gniibe).
g10: Copy expiredate from primary key when marked expired.
May 23 2019, 2:42 AM
gniibe changed the status of T3343: show-unusable-subkeys claims "expired: never" when primary key is expired from Open to Testing.

There is also a confusing case: a subkey expiration date is set, but the associated primary key is expired.
Pushing a fix in master.

May 23 2019, 2:41 AM · gnupg, Bug Report
gniibe closed T3283: Set 'mym4_revision' to 0 if not a git repo as Resolved.
May 23 2019, 1:59 AM · libgcrypt, Bug Report

May 22 2019

werner closed T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC) as Resolved.

You need to update the public key and convey it to the sender. This will solve the problems. You should also ask the sender to update their software so that an MDC is always used regardless of the flag.

May 22 2019, 7:24 PM · Not A Bug, gpg4win
werner added a comment to T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

Actually I have a different approach to fix this bug(let). Please give me a few days.

May 22 2019, 7:21 PM · patch, Bug Report, gnupg
cdeibert added a comment to T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC).

Yes, very exactly indeed: It's GPgOL within gpg4win-3.1.1... ;) But you're right, the key itself is a legacy key, created back in 2001 with a commercial PGP Solution and later on the key was "spiced up" cipher-wise...Goal ist to get everybody (also the sender) to gpg4win-3.1.7, but how can I achive not having lots of eMails which one will never be able to decrypt?

May 22 2019, 7:13 AM · Not A Bug, gpg4win
matheusmoreira updated the diff for D489: po: add portuguese translation for the new command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:28 AM
matheusmoreira updated the diff for D488: gpg: add the --delete-secret-key-stubs command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:27 AM
matheusmoreira updated the summary of D486: po: add portuguese description for new command.
May 22 2019, 2:26 AM
matheusmoreira updated the diff for D486: po: add portuguese description for new command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:26 AM
matheusmoreira updated the diff for D485: gpg: add the --delete-secret-subkeys command.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:20 AM
matheusmoreira updated the diff for D483: po: add portuguese primary key deletion message.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:18 AM
matheusmoreira updated the diff for D482: gpg: confirm again before deleting primary key.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:17 AM
matheusmoreira updated the diff for D481: gpg: confirm deletion of each key individually.

Rebased on top of master: 4c7d63cd5b02
Add the if (okay) conditional back to the code

May 22 2019, 2:15 AM
matheusmoreira updated the diff for D480: gpg: factor out secret key deletion function.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:13 AM
matheusmoreira updated the diff for D479: gpg: avoid deletion of keys not specified by user.

Rebased on top of master: 4c7d63cd5b02

May 22 2019, 2:12 AM
matheusmoreira added a comment to T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).

@werner Thanks for merging the --dry-run patch in 110a4550179f !

May 22 2019, 2:10 AM · patch, Bug Report, gnupg

May 21 2019

matheusmoreira abandoned D487: gpg: don't delete any keys if --dry-run is passed.

Committed to master: 110a4550179f

May 21 2019, 11:09 PM
werner added a comment to T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC).

Do you know which software the sender uses for encryption? That software may simply ignore the preferences or the sender also encrypts to a legacy key using a software which does not force the use of an MDC. Sometimes keys are generated with gpg but used with other software - without updating the preferences of the keys.

May 21 2019, 6:31 PM · Not A Bug, gpg4win
werner added a comment to T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression.

I don't see why the documentation needs to be fixed. gcry_sexp_canon_len returns 0 for certain and s-expressions, meaning tha the s-expression is not valid. After all the s-expression code in libgcrypt does not claim to be a general purpose parser for s-expression but is targeted towards Libgcrypt needs.

May 21 2019, 6:26 PM · libgcrypt, Bug Report
dkg added a comment to T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression.

By marking this as "wontfix", you appear to be saying that you won't even fix the documentation to describe the constraints that gcrypt intends to enforce. This is surprising to me.

May 21 2019, 5:59 PM · libgcrypt, Bug Report
werner committed rG30f44957ccd1: gpg: Do not bail on an invalid packet in the local keyring. (authored by werner).
gpg: Do not bail on an invalid packet in the local keyring.
May 21 2019, 5:40 PM
werner committed rG4c7d63cd5b02: gpg: Do not bail on an invalid packet in the local keyring. (authored by werner).
gpg: Do not bail on an invalid packet in the local keyring.
May 21 2019, 5:28 PM
werner closed T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression as Wontfix.
May 21 2019, 4:30 PM · libgcrypt, Bug Report
werner committed rGd32963eeb33f: gpg: Do not allow creation of user ids larger than our parser allows. (authored by werner).
gpg: Do not allow creation of user ids larger than our parser allows.
May 21 2019, 4:29 PM
werner closed T4532: Creating a key with a long userid succeeds, but corrupts the keyring as Resolved.

Thanks. Fixed in master and 2.2.

May 21 2019, 4:29 PM · gnupg (gpg22), Bug Report
dkg created T4534: gcry_sexp_canon_len() documentation claims that valid S-expressions will never return 0, but it returns 0 if an empty string is found in a valid S-expression.
May 21 2019, 4:28 PM · libgcrypt, Bug Report
werner committed rG156788a43c20: gpg: Do not allow creation of user ids larger than our parser allows. (authored by werner).
gpg: Do not allow creation of user ids larger than our parser allows.
May 21 2019, 4:28 PM
cdeibert created T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC).
May 21 2019, 3:26 PM · Not A Bug, gpg4win
justus created T4532: Creating a key with a long userid succeeds, but corrupts the keyring.
May 21 2019, 2:05 PM · gnupg (gpg22), Bug Report
werner committed rG126caa34bbdb: gpg: Unify the the use of the print_pubkey_info functions. (authored by werner).
gpg: Unify the the use of the print_pubkey_info functions.
May 21 2019, 1:04 PM
gniibe closed T4454: scdaemon is not working in cygwin (64bit) as Resolved.

In master, I pushed a change, closing.

May 21 2019, 9:40 AM · patch, scd, Cygwin, Bug Report
gniibe committed rG1eb93d9229c5: scd: Fix for SCARD_IO_REQUEST structure. (authored by gniibe).
scd: Fix for SCARD_IO_REQUEST structure.
May 21 2019, 9:39 AM
werner closed T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte as Resolved.

Also fixed for 2.2

May 21 2019, 9:16 AM · gpgagent, ssh
werner committed rG6e39541f4f48: agent: For SSH key, don't put NUL-byte at the end. (authored by gniibe).
agent: For SSH key, don't put NUL-byte at the end.
May 21 2019, 9:16 AM
werner closed T4273: agent: Request insertion of smartcard when no card present as Resolved.

The behaviour related to ssh key access is due to the way ssh works: After a connection has been established to a server ssh presents to to the server all identities (public keys) it has access to (meaning it has a corresponding private key). Thus we can't tell ssh all the keys we have because that would be an information leak and may also take too long. Because the user may in some cases not want to use the ssh-agent but resort to ssh command line input of the passphrase, we do not insist on using a key known by gpg-agent.

May 21 2019, 9:13 AM · Feature Request, Documentation, gpgagent
werner closed T4273: agent: Request insertion of smartcard when no card present, a subtask of T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)), as Resolved.
May 21 2019, 9:13 AM · Restricted Project, gnupg, Feature Request
gniibe claimed T4454: scdaemon is not working in cygwin (64bit).

For future, it would make sense applying your patch, but I wonder if it works on macOS.
Let me check.

May 21 2019, 9:11 AM · patch, scd, Cygwin, Bug Report
gniibe committed rG479f7bf31ce4: agent: For SSH key, don't put NUL-byte at the end. (authored by gniibe).
agent: For SSH key, don't put NUL-byte at the end.
May 21 2019, 8:54 AM
gniibe claimed T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte.

I located the bug in agent/command-ssh.c.
Our practice is two calls of gcry_sexp_sprint; One to determine the length including last NUL byte, and another to actually fills the buffer.
The first call return +1 for NUL byte.
The second call fills NUL at the end, but returns +0 length (length sans last NUL).

May 21 2019, 8:48 AM · gpgagent, ssh
werner added a parent task for T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested): T4509: Release GnuPG 2.2.16.
May 21 2019, 7:55 AM · patch, Bug Report, gnupg
werner added a subtask for T4509: Release GnuPG 2.2.16: T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).
May 21 2019, 7:55 AM · Release Info, gnupg (gpg22)
First
Prev
Next