Page MenuHome GnuPG
Feed All Stories

May 5 2021

pnirschl created T5422: gnupg 2.3.1 breaks gpgme_op_createkey().
May 5 2021, 8:33 AM · gpgme, Bug Report
werner closed T5416: [windows] Smartcards are less reliable under 2.3.1 (requires restarting gpg-agent.exe) as Resolved.

Thanks for testing. I hope to get 2.3.2 out in two weeks.

May 5 2021, 8:13 AM · yubikey, scd, gnupg (gpg23), Bug Report

May 4 2021

colemickens added a comment to T5416: [windows] Smartcards are less reliable under 2.3.1 (requires restarting gpg-agent.exe).

After upgrade:

May 4 2021, 8:08 PM · yubikey, scd, gnupg (gpg23), Bug Report
Laurent Montel <montel@kde.org> committed rKLEOPATRAab36849ebdb3: GIT_SILENT Add auto generated files to .gitignore (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT Add auto generated files to .gitignore
May 4 2021, 8:04 PM
Laurent Montel <montel@kde.org> committed rLIBKLEO85c593a89a81: GIT_SILENT Add auto generated files to .gitignore (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT Add auto generated files to .gitignore
May 4 2021, 8:03 PM
ikloecker triaged T5421: gpgme++, qgpgme: Add support for creating trust signatures as High priority.
May 4 2021, 6:25 PM · kleopatra, Restricted Project
ikloecker updated the diff for D530: gpgme: Add support for trust signatures to key list result.

Added documentation for the new fields.

May 4 2021, 3:27 PM · gpgme
ikloecker updated the diff for D530: gpgme: Add support for trust signatures to key list result.
  • Renamed trust_regexp to trust_scope.
  • Use part of _unused for storing trust_depth and trust_value.
May 4 2021, 3:11 PM · gpgme
ikloecker added inline comments to D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 3:10 PM · gpgme
aheinecke awarded T5419: gpgme: Add support for trust signatures to key list result a Like token.
May 4 2021, 12:49 PM · kleopatra, gpgme, Restricted Project
werner added inline comments to D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:29 PM · gpgme
ikloecker added a task to D530: gpgme: Add support for trust signatures to key list result: T5419: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · gpgme
ikloecker added a revision to T5419: gpgme: Add support for trust signatures to key list result: D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · kleopatra, gpgme, Restricted Project
ikloecker requested review of D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · gpgme
ikloecker triaged T5420: gpgme++: Add read-only support for trust signatures as High priority.
May 4 2021, 11:59 AM · kleopatra, Restricted Project
ikloecker triaged T5419: gpgme: Add support for trust signatures to key list result as Normal priority.
May 4 2021, 11:55 AM · kleopatra, gpgme, Restricted Project
werner committed rGb410c95fe953: build: Silence two compiler warnings. (authored by werner).
build: Silence two compiler warnings.
May 4 2021, 11:54 AM
werner committed rGb203325ce112: gpg: Allow ECDH with a smartcard returning just the x-coordinate. (authored by werner).
gpg: Allow ECDH with a smartcard returning just the x-coordinate.
May 4 2021, 11:54 AM
werner committed rG9d83bfb63968: scd: Fix possible PC/SC removed card problem (authored by werner).
scd: Fix possible PC/SC removed card problem
May 4 2021, 11:54 AM
werner committed rG22fe23f46d31: gpg: Fix mailbox based search via AKL keyserver method. (authored by werner).
gpg: Fix mailbox based search via AKL keyserver method.
May 4 2021, 11:54 AM
werner committed rGa475bb725be7: scd: Add string for another PC/SC error code. (authored by werner).
scd: Add string for another PC/SC error code.
May 4 2021, 11:54 AM
werner committed rG569fa67277a4: build: Allow running sign-release target from the dist dir. (authored by werner).
build: Allow running sign-release target from the dist dir.
May 4 2021, 11:54 AM
werner committed rG6c4216094ef4: scd: Fix unblock PIN by a Reset Code with KDF. (authored by kirelagin).
scd: Fix unblock PIN by a Reset Code with KDF.
May 4 2021, 11:54 AM
werner committed rGe7251be84c79: gpg: Auto import keys specified with --trusted-keys. (authored by werner).
gpg: Auto import keys specified with --trusted-keys.
May 4 2021, 11:54 AM
werner committed rGe53f6037283e: gpg: Allow decryption w/o public key but with correct card inserted. (authored by werner).
gpg: Allow decryption w/o public key but with correct card inserted.
May 4 2021, 11:54 AM
werner committed rG79e8ea100df9: speedo: Automatically select Authenticode signing cert. (authored by werner).
speedo: Automatically select Authenticode signing cert.
May 4 2021, 11:54 AM
werner committed rGaa612d752ebb: agent: Silence error messages for READKEY --card (authored by werner).
agent: Silence error messages for READKEY --card
May 4 2021, 11:54 AM

May 3 2021

werner committed rGc2ba6bea4ce8: common: Fix gnupg_wait_processes, by skipping invalid PID. (authored by gniibe).
common: Fix gnupg_wait_processes, by skipping invalid PID.
May 3 2021, 9:01 PM
werner committed rG2af217ecd7e4: gpg: Allow fingerprint based lookup with --locate-external-key. (authored by werner).
gpg: Allow fingerprint based lookup with --locate-external-key.
May 3 2021, 9:01 PM
werner committed rGb59af0e2a05a: gpg: Lookup a missing public key of the current card via LDAP. (authored by werner).
gpg: Lookup a missing public key of the current card via LDAP.
May 3 2021, 9:01 PM
werner committed rGb8df8321e1ef: scd: Add option --info to emit KEYPAIRINFO by readkey command. (authored by werner).
scd: Add option --info to emit KEYPAIRINFO by readkey command.
May 3 2021, 9:01 PM
werner committed rG79f5ffb1add9: gpg: Minor restructuring of a function. (authored by werner).
gpg: Minor restructuring of a function.
May 3 2021, 9:01 PM
werner committed rGa456303ae306: gpgconf: Do not i18n an empty string to the PO files meta data. (authored by werner).
gpgconf: Do not i18n an empty string to the PO files meta data.
May 3 2021, 9:01 PM
werner committed rGbbf4bd3bfcb5: agent: Skip unknown unknown ssh curves seen on cards. (authored by werner).
agent: Skip unknown unknown ssh curves seen on cards.
May 3 2021, 9:01 PM
werner committed rGf9198189e35e: doc: Fix option name. (authored by werner).
doc: Fix option name.
May 3 2021, 9:01 PM
werner committed rG26a024057dc6: gpg: No warning in quiet mode for S2K mode 0. (authored by werner).
gpg: No warning in quiet mode for S2K mode 0.
May 3 2021, 9:01 PM
werner committed rG5eec40f3d827: scd: New option --pcsc-shared. (authored by werner).
scd: New option --pcsc-shared.
May 3 2021, 9:01 PM
werner committed rG8bc808a98f3a: w32: Silence a compiler warning in dirmngr.c (authored by werner).
w32: Silence a compiler warning in dirmngr.c
May 3 2021, 9:01 PM
werner closed T1333: GPGSM rejects OCSP responder cert without keyUsage as Resolved.
May 3 2021, 3:52 PM · Bug Report, gnupg
Jakuje added a comment to T1333: GPGSM rejects OCSP responder cert without keyUsage.

Thank you for taking time to look into that. There are couple of issues in the CAcert bug tracker talking about the same issue but if, (I see right), the certs still miss the usage flags:

May 3 2021, 3:07 PM · Bug Report, gnupg
werner added a comment to T1333: GPGSM rejects OCSP responder cert without keyUsage.

RFC-5280 states in 4.2.1.3 for Key Usage:

May 3 2021, 2:30 PM · Bug Report, gnupg
werner added a comment to T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows.

The error code is: No Readers Available. With the latest version you should have seen that string.

May 3 2021, 2:04 PM · Restricted Project, scd, Restricted Project, kleopatra
werner added projects to T5416: [windows] Smartcards are less reliable under 2.3.1 (requires restarting gpg-agent.exe): gnupg (gpg23), scd, yubikey.

Meanwhile we did some more tests on Windows and so you many want to try our betas at

May 3 2021, 2:00 PM · yubikey, scd, gnupg (gpg23), Bug Report
hansoli added a comment to T4149: Kleopatra OpenPGP and GpgSM self test fail after installation on Windows 7.

I had a similar issue in Windows 10 too. In my case, the issue occurs only when my home path has non-ASCII characters. After I changed home path it works well.

May 3 2021, 12:45 PM · kleopatra, Bug Report, gpg4win
Jakuje updated subscribers of T1333: GPGSM rejects OCSP responder cert without keyUsage.

Any chance looking into this @werner?

May 3 2021, 10:29 AM · Bug Report, gnupg
ikloecker added a comment to T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows.

Can you please clarify this point: If you run on Unix with --disable-ccid-driver, do you get the same behavior as on Windows?

May 3 2021, 9:36 AM · Restricted Project, scd, Restricted Project, kleopatra
werner added a comment to T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows.

Can you please clarify this point: If you run on Unix with --disable-ccid-driver, do you get the same behavior as on Windows?

May 3 2021, 8:37 AM · Restricted Project, scd, Restricted Project, kleopatra
Laurent Montel <montel@kde.org> committed rLIBKLEO35776a01dafc: GIT_SILENT: Port away from ECMSetupVersion's deprecated *_VERSION_STRING CMake… (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: Port away from ECMSetupVersion's deprecated *_VERSION_STRING CMake…
May 3 2021, 7:20 AM
colemickens added a comment to T5409: scdaemon: 'Operation not supported by device' error under macOS after upgrading to 2.3.1.

I'm referring to this: https://www.gnupg.org/howtos/card-howto/en/ch02s03.html

May 3 2021, 6:56 AM · MacOS, Support, scd
gniibe added a project to T5413: Unblock PIN by Reset Code: Restricted Project.
May 3 2021, 6:33 AM · Restricted Project, gnupg, scd
gniibe added a comment to T5409: scdaemon: 'Operation not supported by device' error under macOS after upgrading to 2.3.1.

@colemickens We don't maintain any ccid udev rules in GnuPG. What do you refer?

May 3 2021, 6:29 AM · MacOS, Support, scd

May 2 2021

Laurent Montel <montel@kde.org> committed rKLEOPATRAb84aba26685c: Modernize code (authored by Laurent Montel <montel@kde.org>).
Modernize code
May 2 2021, 8:53 AM

May 1 2021

l10n daemon script <scripty@kde.org> committed rLIBKLEO0e3414b661a7: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
May 1 2021, 3:21 AM

Apr 30 2021

colemickens added a comment to T5416: [windows] Smartcards are less reliable under 2.3.1 (requires restarting gpg-agent.exe).

To note, this is in contrast to my experience with gpg-2.2 (provided by gpg4win). With gpg-2.2, I was reliably using my Yubikey for a variety of things, and it handled hotplugging perfectly, as one would expect.

Apr 30 2021, 10:46 PM · yubikey, scd, gnupg (gpg23), Bug Report
colemickens created T5416: [windows] Smartcards are less reliable under 2.3.1 (requires restarting gpg-agent.exe).
Apr 30 2021, 10:44 PM · yubikey, scd, gnupg (gpg23), Bug Report
ikloecker moved T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 30 2021, 11:49 AM · Restricted Project, scd, Restricted Project, kleopatra
ikloecker reopened T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows as "Testing".
Apr 30 2021, 11:49 AM · Restricted Project, scd, Restricted Project, kleopatra
ikloecker closed T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows as Resolved.

I have disabled this on Windows. Once "SCD DEVINFO --watch" works reliably on Windows, we can reenable the DeviceInfoWatcher on Windows.

Apr 30 2021, 11:49 AM · Restricted Project, scd, Restricted Project, kleopatra
ikloecker committed rKLEOPATRAf87b256d66e3: Disable DeviceInfoWatcher on Windows (authored by ikloecker).
Disable DeviceInfoWatcher on Windows
Apr 30 2021, 11:41 AM
aheinecke committed rKLEOPATRAfb90ce069227: PKCS#15: Update readerstatus after import (authored by aheinecke).
PKCS#15: Update readerstatus after import
Apr 30 2021, 11:25 AM
KasparEtter added a comment to T5415: YubiKey no longer recognized in GnuPG 2.3.1 on macOS 10.15.7.

Also let me know if there are any daemons I have to kill/restart when switching between GnuPG versions by changing the $PATH. Whenever I have problems with my YubiKey, I run gpgconf --kill gpg-agent, which I also executed when I switched from version 2.2.27 back to 2.3.1 but I have no idea whether this is required or sufficient.

Apr 30 2021, 11:03 AM · MacOS, yubikey, Bug Report
KasparEtter added a comment to T5415: YubiKey no longer recognized in GnuPG 2.3.1 on macOS 10.15.7.
$ gpg --version
gpg (GnuPG) 2.3.1
libgcrypt 1.9.3
$ gpg --debug ipc --card-status
gpg: reading options from '/Users/user/.gnupg/gpg.conf'
gpg: reading options from '[cmdline]'
gpg: enabled debug flags: ipc
gpg: DBG: chan_3 <- OK Pleased to meet you, process 15218
gpg: DBG: connection to the gpg-agent established
gpg: DBG: chan_3 -> RESET
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttyname=/dev/ttys007
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttytype=xterm-256color
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-ctype=en_US.UTF-8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-messages=en_US.UTF-8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.3.1
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION allow-pinentry-notify
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION agent-awareness=2.1.0
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> SCD GETINFO version
gpg: DBG: chan_3 <- D 2.3.1
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> SCD SERIALNO
gpg: DBG: chan_3 <- ERR 100696144 Operation not supported by device <SCD>
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
gpg: secmem usage: 0/32768 bytes in 0 blocks
Apr 30 2021, 10:58 AM · MacOS, yubikey, Bug Report
ikloecker moved T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 30 2021, 10:53 AM · Restricted Project, scd, Restricted Project, kleopatra
ikloecker added a project to T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows: Restricted Project.
Apr 30 2021, 10:53 AM · Restricted Project, scd, Restricted Project, kleopatra
werner added a project to T5415: YubiKey no longer recognized in GnuPG 2.3.1 on macOS 10.15.7: MacOS.

Run gpg --debug ipc --card-status to quickly see the communication with the scdaemon.

Apr 30 2021, 10:47 AM · MacOS, yubikey, Bug Report
aheinecke raised the priority of T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows from High to Unbreak Now!.

Hi Ingo,

Apr 30 2021, 10:33 AM · Restricted Project, scd, Restricted Project, kleopatra
KasparEtter created T5415: YubiKey no longer recognized in GnuPG 2.3.1 on macOS 10.15.7.
Apr 30 2021, 9:27 AM · MacOS, yubikey, Bug Report

Apr 29 2021

werner added inline comments to rKLEOPATRA1e77bdf6df5c: Search PKCS#15 keys on ldap servers.
Apr 29 2021, 6:56 PM
aheinecke committed rKLEOPATRA1e77bdf6df5c: Search PKCS#15 keys on ldap servers (authored by aheinecke).
Search PKCS#15 keys on ldap servers
Apr 29 2021, 5:49 PM
aheinecke committed rKLEOPATRAb5398c4e3217: Import keystubs for PKCS#15 cards (authored by aheinecke).
Import keystubs for PKCS#15 cards
Apr 29 2021, 5:49 PM
werner committed rG7637d39fe20e: scd:p15: Update from current GnuPG 2.3 (authored by werner).
scd:p15: Update from current GnuPG 2.3
Apr 29 2021, 4:52 PM
werner committed rG96577e2e46e4: scd: Rewrite READKEY to allow for compressed points. (authored by werner).
scd: Rewrite READKEY to allow for compressed points.
Apr 29 2021, 4:52 PM
werner committed rG5b8593135fa6: common: Extend the openpgp_curve_to_oid function. (authored by werner).
common: Extend the openpgp_curve_to_oid function.
Apr 29 2021, 4:52 PM
werner committed rGf3c98b8cb5ad: common: New module to compute openpgp fingerprints (authored by werner).
common: New module to compute openpgp fingerprints
Apr 29 2021, 4:52 PM
werner committed rGc825117c5fa5: common: New function to uncompress an ECC public key. (authored by werner).
common: New function to uncompress an ECC public key.
Apr 29 2021, 4:52 PM
werner committed rG473e649ea1a6: common: New function cmp_canon_sexp. (authored by werner).
common: New function cmp_canon_sexp.
Apr 29 2021, 4:52 PM
werner committed rG72a7d45a230b: scd: Extend an internal function to also return the algo. (authored by werner).
scd: Extend an internal function to also return the algo.
Apr 29 2021, 4:52 PM
werner committed rG0eed0ced9bcd: scd: New function send_keyinfo to assist in backporting. (authored by werner).
scd: New function send_keyinfo to assist in backporting.
Apr 29 2021, 4:52 PM
werner committed rG91dd74f3d7e3: scd: New function for iso7816 PSO_CSV. (authored by werner).
scd: New function for iso7816 PSO_CSV.
Apr 29 2021, 4:52 PM
werner committed rG3db99b8861a7: scd: Minor changes to assist in backporting from 2.3 (authored by werner).
scd: Minor changes to assist in backporting from 2.3
Apr 29 2021, 4:52 PM
werner committed rG3ce69d838792: scd: Add new status codes. (authored by werner).
scd: Add new status codes.
Apr 29 2021, 4:52 PM
werner committed rG855d14d390e8: scd: Extend iso7816_select_path (authored by werner).
scd: Extend iso7816_select_path
Apr 29 2021, 4:52 PM
werner committed rGec9e8e0d6a1f: scd: Extend ISO binary and record reading functions. (authored by werner).
scd: Extend ISO binary and record reading functions.
Apr 29 2021, 4:52 PM
Bedlas added a comment to T5414: Input/output error (218136625).

Can you help me, please?

Apr 29 2021, 12:39 PM · Support, gpg4win
ikloecker moved T5245: Kleopatra: Add support for trust signatures / trusted introducer from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 29 2021, 9:31 AM · kleopatra, Restricted Project
werner committed rG8d81fd7c01e8: scd: Fix PC/SC removed card problem (authored by werner).
scd: Fix PC/SC removed card problem
Apr 29 2021, 9:16 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEO2e3675836957: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
Apr 29 2021, 3:20 AM

Apr 28 2021

colemickens added a comment to T5409: scdaemon: 'Operation not supported by device' error under macOS after upgrading to 2.3.1.

@gniibe can you provide any commentary on why the gnupg ccid udev rule is so much smaller than the one debian maintains? Is the debian one considered authoritative these days?

Apr 28 2021, 11:23 PM · MacOS, Support, scd
jukivili committed rCec87511d9cd2: hwf-x86: fix use of wrong operand type (authored by jukivili).
hwf-x86: fix use of wrong operand type
Apr 28 2021, 8:52 PM
werner committed rG1f846823b397: scd:p15: Fix the name of a card. (authored by werner).
scd:p15: Fix the name of a card.
Apr 28 2021, 7:53 PM
werner committed rG178e4eb6555e: build: Allow running sign-release target from the dist dir. (authored by werner).
build: Allow running sign-release target from the dist dir.
Apr 28 2021, 7:53 PM
werner committed rGbb8e3996e44f: scd: Fix problem with reader list becoming empty. (authored by werner).
scd: Fix problem with reader list becoming empty.
Apr 28 2021, 7:53 PM
Jakuje added a comment to T5244: libgcrypt: Restrict MD5 use.

The patch references the following bug:

Apr 28 2021, 5:45 PM · Bug Report, FIPS, libgcrypt
ikloecker added a comment to T5283: GpgOL: Add mixed mode for S/MIME and OpenPGP to libkleo newkeyresolver.

Should be mostly done. What's missing is selection of groups in the approval dialog. Groups are not (yet) supported by the KeySelectionCombo.

Apr 28 2021, 3:56 PM · kleopatra, Restricted Project, gpgol
ikloecker closed T5397: GpgOL: Add support for groups with S/MIME keys, a subtask of T5283: GpgOL: Add mixed mode for S/MIME and OpenPGP to libkleo newkeyresolver, as Resolved.
Apr 28 2021, 3:54 PM · kleopatra, Restricted Project, gpgol
ikloecker closed T5397: GpgOL: Add support for groups with S/MIME keys as Resolved.
Apr 28 2021, 3:54 PM · kleopatra, Restricted Project, gpgol
ikloecker moved T5397: GpgOL: Add support for groups with S/MIME keys from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 28 2021, 3:54 PM · kleopatra, Restricted Project, gpgol
ikloecker committed rLIBKLEOc2edbc858e12: Remove obsolete function (authored by ikloecker).
Remove obsolete function
Apr 28 2021, 3:49 PM
ikloecker committed rLIBKLEOcad54768c779: Update documentation (authored by ikloecker).
Update documentation
Apr 28 2021, 3:49 PM
ikloecker committed rLIBKLEO011e28191c03: Update copyright information (authored by ikloecker).
Update copyright information
Apr 28 2021, 3:49 PM