Page MenuHome GnuPG
Feed All Stories

Mar 18 2020

werner added a comment to T4825: gpg --weak-digest SHA1 incurs a serious performance cost for `--check-trustdb`.

I tried to replicate that with my ~3000 keys on master and I don't see any difference. Did you tried it several times? It might be due to the signature verification cache.

Mar 18 2020, 1:33 PM · gnupg (gpg22), Bug Report
werner closed T4670: Key expiration time ignored for zero creation date keys as Resolved.
Mar 18 2020, 12:45 PM · patch, gnupg (gpg22), Bug Report
werner committed rGe77f332b01f1: gpg: Fix key expiration and usage for keys created at the Epoch. (authored by werner).
gpg: Fix key expiration and usage for keys created at the Epoch.
Mar 18 2020, 12:44 PM
werner committed rG161a098be6f9: gpg: Fix key expiration and usage for keys created at the Epoch. (authored by werner).
gpg: Fix key expiration and usage for keys created at the Epoch.
Mar 18 2020, 12:34 PM
werner added a comment to T4670: Key expiration time ignored for zero creation date keys.

I checked the code and your patch looks right. I am going to apply it.

Mar 18 2020, 12:18 PM · patch, gnupg (gpg22), Bug Report
werner closed T4811: --locate-key should try to fetch a key if the local copy is expired. as Invalid.

I am not able to replicate my own bug. At least since the introduction of --locate-external-keys the code paths are identical. I am nut sure why I filed this bug.

Mar 18 2020, 11:41 AM · Bug Report, gnupg (gpg22)
gniibe committed rC3a16c19d4d63: DSA,ECDSA: Fix use of mpi_invm. (authored by gniibe).
DSA,ECDSA: Fix use of mpi_invm.
Mar 18 2020, 7:28 AM
gniibe committed rCada758e3019c: DSA,ECDSA: Fix use of mpi_invm. (authored by gniibe).
DSA,ECDSA: Fix use of mpi_invm.
Mar 18 2020, 7:28 AM
gniibe committed rC90b7339b0654: mpi: Constant time mpi_inv with some conditions. (authored by gniibe).
mpi: Constant time mpi_inv with some conditions.
Mar 18 2020, 7:28 AM
gniibe committed rC20082ca965ea: mpi: Constant time mpi_inv with some conditions. (authored by gniibe).
mpi: Constant time mpi_inv with some conditions.
Mar 18 2020, 7:28 AM

Mar 17 2020

werner committed rM3afa534645e3: core: New context flags "include-key-block" and "auto-key-import". (authored by werner).
core: New context flags "include-key-block" and "auto-key-import".
Mar 17 2020, 5:57 PM
gniibe added a comment to T4869: constant-time mpi_invm.

Related the changes, before we did the changes, we received two independent reports.

Mar 17 2020, 6:32 AM · libgcrypt
gniibe closed T4880: npth: Add functions to wake up condition variable, a subtask of T4864: New scdaemon command to watch device removal, as Invalid.
Mar 17 2020, 2:59 AM · Restricted Project, Feature Request, scd, Bug Report
gniibe closed T4880: npth: Add functions to wake up condition variable as Invalid.

It is my confusion. The API is available. I only looked for symbols in the library.
It is #define-d macro to pthread_cond_*.

Mar 17 2020, 2:59 AM · Feature Request, npth
gniibe added a comment to T4880: npth: Add functions to wake up condition variable.

For Windows, it is available. I don't know the reason why it has not been available for POSIX.

Mar 17 2020, 1:51 AM · Feature Request, npth

Mar 16 2020

werner lowered the priority of T4879: GnuPG treats reordered OpenPGP certificates differently from High to Low.

It is easy to explain:

Mar 16 2020, 1:04 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
gniibe added a subtask for T4864: New scdaemon command to watch device removal: T4880: npth: Add functions to wake up condition variable.
Mar 16 2020, 6:03 AM · Restricted Project, Feature Request, scd, Bug Report
gniibe added a parent task for T4880: npth: Add functions to wake up condition variable: T4864: New scdaemon command to watch device removal.
Mar 16 2020, 6:03 AM · Feature Request, npth
gniibe created T4880: npth: Add functions to wake up condition variable.
Mar 16 2020, 6:02 AM · Feature Request, npth

Mar 15 2020

Laurent Montel <montel@kde.org> committed rLIBKLEO0afacd623587: GIT_SILENT: Prepare 5.14.0 beta1. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1.
Mar 15 2020, 10:05 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA3087de1ac279: GIT_SILENT: Prepare 5.14.0 beta1. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1.
Mar 15 2020, 10:00 AM

Mar 14 2020

werner added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

I think that this chnage is useful enough to be backported to 2.2. Done that.

Mar 14 2020, 8:14 PM · Feature Request, gpgol, Keyserver, gnupg
werner committed rG95b42278cafe: gpg: New option --auto-key-import (authored by werner).
gpg: New option --auto-key-import
Mar 14 2020, 8:13 PM
werner committed rG2baa00ea1863: gpg: Add property "fpr" for use by --export-filter. (authored by werner).
gpg: Add property "fpr" for use by --export-filter.
Mar 14 2020, 8:13 PM
werner committed rGd79ebee64ea5: gpg: New option --include-key-block. (authored by werner).
gpg: New option --include-key-block.
Mar 14 2020, 8:13 PM
werner committed rGb42d9f540c74: gpg: Make use of the included key block in a signature. (authored by werner).
gpg: Make use of the included key block in a signature.
Mar 14 2020, 8:13 PM
werner committed rG111ba901f5cf: gpg: Add a new OpenPGP card vendor. (authored by werner).
gpg: Add a new OpenPGP card vendor.
Mar 14 2020, 8:13 PM
werner committed rG8c0323a75841: doc: Remove duplicate description of --include-key-block. (authored by werner).
doc: Remove duplicate description of --include-key-block.
Mar 14 2020, 7:34 PM
werner committed rG451cd1b39281: gpgconf: Further simplify the gpgconf option processing. (authored by werner).
gpgconf: Further simplify the gpgconf option processing.
Mar 14 2020, 7:13 PM
werner committed rG6b306f45f4fb: gpg: New option --auto-key-import (authored by werner).
gpg: New option --auto-key-import
Mar 14 2020, 6:07 PM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA80202d30dca5: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
Mar 14 2020, 6:00 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA173a3d4e3006: GIT_SILENT made messages (after extraction) (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT made messages (after extraction)
Mar 14 2020, 3:32 AM

Mar 13 2020

werner claimed T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 13 2020, 5:33 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
werner changed the status of T4856: GPG: Key Exchange Put public OpenPGP key into signature from Open to Testing.
Mar 13 2020, 5:29 PM · Feature Request, gpgol, Keyserver, gnupg
werner added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

You can test it now out using GnuPG master: Just add --include-key-block and you can then verify using an empty keyring. Currently --auto-key-retrieve is not needed but we need to think on how we can enable or disable this during verification.

Mar 13 2020, 5:28 PM · Feature Request, gpgol, Keyserver, gnupg
werner added a comment to T4872: Support opaque MPI with gcry_mpi_print.

I am not sure whether this is related but when using Libgcrypt master and verifying a signature created with an ed25519 key, I get the error below with valgrind. Both with 2.2. current and 2.3. It does not happen with the current Libgcrypt 1.8.

Mar 13 2020, 5:25 PM · Restricted Project, Feature Request, libgcrypt
werner committed rG6a4443c8425f: gpg: Make use of the included key block in a signature. (authored by werner).
gpg: Make use of the included key block in a signature.
Mar 13 2020, 5:18 PM
werner committed rG865d48518024: gpg: New option --include-key-block. (authored by werner).
gpg: New option --include-key-block.
Mar 13 2020, 5:18 PM
werner committed rG32493ce50ad8: gpg: Add property "fpr" for use by --export-filter. (authored by werner).
gpg: Add property "fpr" for use by --export-filter.
Mar 13 2020, 1:20 PM
werner added a project to T4856: GPG: Key Exchange Put public OpenPGP key into signature: Feature Request.
Mar 13 2020, 1:17 PM · Feature Request, gpgol, Keyserver, gnupg

Mar 12 2020

dkg updated the task description for T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:29 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
dkg created T4879: GnuPG treats reordered OpenPGP certificates differently.
Mar 12 2020, 8:01 PM · gnupg24, gnupg (gpg23), OpenPGP, Bug Report
dkg added a comment to T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.

For reference, here's an error message from openssl smime when it is trying to verify an e-mail message with no embedded certificate at all (despite it knowing about the relevant certificate):

Mar 12 2020, 2:01 PM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
werner committed rG90fb4a69d2f6: doc: Add a comment to explain the signature postscript. (authored by werner).
doc: Add a comment to explain the signature postscript.
Mar 12 2020, 11:06 AM
Laurent Montel <montel@kde.org> committed rLIBKLEO04efafdcfb6c: GIT_SILENT: Reduce deprecated version in release (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Reduce deprecated version in release
Mar 12 2020, 10:46 AM
Laurent Montel <montel@kde.org> committed rKLEOPATRA1b2b354071ba: GIT_SILENT: Reduce deprecated version in release (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Reduce deprecated version in release
Mar 12 2020, 10:44 AM
werner changed the status of T4788: System wide configuration of the GnuPG system from Open to Testing.

There are likely some bugs in the new code and I also want to do some improvements; see rGb4f1159a5bd7. But things should basically work as before and thus I set this again to testing

Mar 12 2020, 10:36 AM · gnupg (gpg23), Feature Request, gpg4win, g10code
werner committed rGb4f1159a5bd7: gpgconf: Rewrite the gpgconf-comp module. (authored by werner).
gpgconf: Rewrite the gpgconf-comp module.
Mar 12 2020, 10:23 AM
werner triaged T4873: Enable AES GCM in FIPS mode as Low priority.
Mar 12 2020, 9:59 AM · FIPS, libgcrypt, Feature Request
werner triaged T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed as Low priority.
Mar 12 2020, 9:59 AM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
dkg created T4878: gpgsm's default for include-certs should include the signing cert if it is self-signed.
Mar 12 2020, 7:51 AM · gnupg24, gnupg (gpg23), S/MIME, Feature Request
Laurent Montel <montel@kde.org> committed rKLEOPATRA9549881b2445: GIT_SILENT: it's autogenerated now (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: it's autogenerated now
Mar 12 2020, 6:57 AM
gniibe claimed T4869: constant-time mpi_invm.
Mar 12 2020, 6:50 AM · libgcrypt
gniibe added a project to T4624: libassuan-config and libassuan.pc both put -lws2_32 before -lgpg-error, which fails during static linking: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, libassuan, Bug Report
gniibe added a project to T4623: pkg-config for mingw needs to emit -lws2_32: Restricted Project.
Mar 12 2020, 6:46 AM · Restricted Project, Windows, gpgrt, Bug Report
gniibe added a project to T4301: Handling multiple subkeys on two SmartCards: Restricted Project.
Mar 12 2020, 6:45 AM · Restricted Project, gnupg, scd, Bug Report
gniibe changed the status of T4810: A key with only "C" capability cannot be selected as default key. from Open to Testing.
Mar 12 2020, 6:43 AM · Restricted Project, gnupg (gpg22)
gniibe changed the status of T4244: Better enum_secret_keys by asking gpg-agent KEYINFO --list from Open to Testing.
Mar 12 2020, 6:40 AM · Restricted Project, gnupg
gniibe added a project to T4491: Compile error in nPth's t-fork.c on Solaris 11.3 i86pc: Restricted Project.
Mar 12 2020, 6:39 AM · npth, Bug Report
gniibe added projects to T4583: pinentry-tty should accept backspace, delete, and ctrl-U: Restricted Project, pinentry.
Mar 12 2020, 6:39 AM · pinentry, Restricted Project, Bug Report
gniibe added a project to T4585: pinentry-tty mishandles ctrl-C: Restricted Project.
Mar 12 2020, 6:38 AM · Restricted Project, Bug Report
gniibe changed the status of T3300: scd: Support multiple readers by PC/SC driver from Open to Testing.
Mar 12 2020, 6:36 AM · Restricted Project, gnupg (gpg23), scd
gniibe added a project to T3207: FASTWIPE_T undefined: Restricted Project.
Mar 12 2020, 6:34 AM · Restricted Project, ntbtls, Bug Report
gniibe changed the status of T4597: Support GCM modes for ntbtls. from Open to Testing.
Mar 12 2020, 6:33 AM · Restricted Project, Feature Request, ntbtls
gniibe changed the status of T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools from Open to Testing.
Mar 12 2020, 6:32 AM · Restricted Project, libassuan, Feature Request
gniibe changed the status of T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified from Open to Testing.
Mar 12 2020, 6:31 AM · gnupg (gpg23), Restricted Project, scd, Feature Request
gniibe added a project to T4678: libassuan.pc missing include dir directive in cflags: Restricted Project.
Mar 12 2020, 6:30 AM · Restricted Project, libassuan
gniibe committed rC4c89767677b3: constant-time-invm: Calculate k^-1 before dsa_modify_k. (authored by gniibe).
constant-time-invm: Calculate k^-1 before dsa_modify_k.
Mar 12 2020, 6:29 AM

Mar 11 2020

jcross added a watcher for gnupg (gpg23): jcross.
Mar 11 2020, 7:15 PM
Thaodan committed rGTO2c2783e43bce: Import CardWidgets from kleopatra (authored by Thaodan).
Import CardWidgets from kleopatra
Mar 11 2020, 6:16 PM
Thaodan committed rGTOca58a83af51d: Add card widgets per card type and update them if changed (authored by Thaodan).
Add card widgets per card type and update them if changed
Mar 11 2020, 6:16 PM
aheinecke created T4877: GpgOL: Look for S/MIME sec keys on inserted smartcards if no key is available.
Mar 11 2020, 3:25 PM · gpgol
aheinecke created T4876: Generic smartcard widget for PKCS# 15 and other apps.
Mar 11 2020, 3:22 PM · Restricted Project, kleopatra
aheinecke created T4875: Kleopatra: Improve support for S/MIME Smartcards and add additional card support.
Mar 11 2020, 2:30 PM · kleopatra
aheinecke committed rDce77159e7933: web: Update my picture (authored by aheinecke).
web: Update my picture
Mar 11 2020, 10:26 AM
aheinecke changed the status of T4874: GpgOL: Make Address book integration more visible from Open to Testing.

This is now implemented

Mar 11 2020, 9:16 AM · gpgol
Laurent Montel <montel@kde.org> committed rLIBKLEOa7066cadb13b: GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5.
Mar 11 2020, 8:45 AM
gniibe changed the status of T4872: Support opaque MPI with gcry_mpi_print from Open to Testing.

Fixed in master.

Mar 11 2020, 8:13 AM · Restricted Project, Feature Request, libgcrypt
gniibe committed rCb4b04ae6c2e5: mpi: Support opaque MPI with gcry_mpi_print. (authored by gniibe).
mpi: Support opaque MPI with gcry_mpi_print.
Mar 11 2020, 8:13 AM
gniibe added a comment to T4872: Support opaque MPI with gcry_mpi_print.

A program like tests/t-mpi-point assumes gcry_mpi_print can do that.
We have a sort of regression with --debug option with t-mpi-point, the point q is not printed out correctly.

Mar 11 2020, 8:12 AM · Restricted Project, Feature Request, libgcrypt
gniibe added a project to T4872: Support opaque MPI with gcry_mpi_print: Feature Request.
Mar 11 2020, 8:10 AM · Restricted Project, Feature Request, libgcrypt
Laurent Montel <montel@kde.org> committed rKLEOPATRAa566117ff7ee: GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5. (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Prepare 5.14.0 beta1. Update ecm as 5.67.0 is broken see 417396. 5.
Mar 11 2020, 7:35 AM
gniibe added a project to T4872: Support opaque MPI with gcry_mpi_print: libgcrypt.
Mar 11 2020, 6:12 AM · Restricted Project, Feature Request, libgcrypt

Mar 10 2020

Valodim added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

ftr, here is the thread I had in mind but couldn't recall above. @aheinecke is that your thinking, or a more pgp/mime bound mechanism as @dkg assumed?

Mar 10 2020, 5:50 PM · Feature Request, gpgol, Keyserver, gnupg
Jetersen closed T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows as Invalid.
Mar 10 2020, 4:52 PM · gnupg, gpg4win
dkg added a comment to T4871: gpg lock invalid key size due to not running UTF-8 encoding on Windows.

"log" and "lock" are easy typo/confusions to make, @aheinecke was just trying to understand your report better, since there wasn't much information in it.

Mar 10 2020, 4:23 PM · gnupg, gpg4win
aheinecke committed rO6f5f48c3d60e: Don't allow setting a keys for distrib. lists (authored by aheinecke).
Don't allow setting a keys for distrib. lists
Mar 10 2020, 4:21 PM
aheinecke committed rOdc69b195aba2: Additional get_object_name helper (authored by aheinecke).
Additional get_object_name helper
Mar 10 2020, 4:21 PM
werner added a comment to T4873: Enable AES GCM in FIPS mode.

This requires re-evaluation of Libgcrypt to match the current FIPS specs.

Mar 10 2020, 4:13 PM · FIPS, libgcrypt, Feature Request
aheinecke committed rOe5bc1579b24a: Enable / Disable Address book button dynamically (authored by aheinecke).
Enable / Disable Address book button dynamically
Mar 10 2020, 3:41 PM
aheinecke committed rO1283e384babe: Add UI code to open gpgolkeyadder from explorer (authored by aheinecke).
Add UI code to open gpgolkeyadder from explorer
Mar 10 2020, 3:41 PM
aheinecke committed rO016e3f957ea5: Add helper to get a std::string object name (authored by aheinecke).
Add helper to get a std::string object name
Mar 10 2020, 3:41 PM
aheinecke committed rOf09fe121e126: Make address book callback work with Explorer, too (authored by aheinecke).
Make address book callback work with Explorer, too
Mar 10 2020, 3:41 PM
aheinecke committed rOb222292f3148: Add some shared_disp_t helper functions (authored by aheinecke).
Add some shared_disp_t helper functions
Mar 10 2020, 3:41 PM
aheinecke committed rO64353d40f311: Track opened contacts in Addressbook (authored by aheinecke).
Track opened contacts in Addressbook
Mar 10 2020, 3:41 PM
dkg added a comment to T4856: GPG: Key Exchange Put public OpenPGP key into signature.

@wiktor-k, "just extend the spec" doesn't necessarily work with existing clients, which might be surprised to find unexpected packets in the signature section of an e-mail. It seems more likely to me that they'd be able to handle (meaning: ignore) an unknown subpacket (as long as it's well-formed) than to handle additional packets. But all of these surmises require testing with existing clients, of course. Has anyone done any of that testing?

Mar 10 2020, 3:19 PM · Feature Request, gpgol, Keyserver, gnupg
aheinecke committed rW247976a7b141: doc: Add more missing content to org manual (authored by aheinecke).
doc: Add more missing content to org manual
Mar 10 2020, 2:17 PM
aheinecke committed rW42f769503ac2: Improve german translation (authored by aheinecke).
Improve german translation
Mar 10 2020, 2:17 PM
aheinecke committed rWb8003da5a502: doc: Add missing content to org manual (authored by aheinecke).
doc: Add missing content to org manual
Mar 10 2020, 2:17 PM
aheinecke created T4874: GpgOL: Make Address book integration more visible.
Mar 10 2020, 1:12 PM · gpgol