Page MenuHome GnuPG
Feed All Stories

Aug 24 2021

werner committed rD5a1e0fd92822: swdb: GnuPG 2.3.2 (authored by werner).
swdb: GnuPG 2.3.2
Aug 24 2021, 7:36 PM
werner changed the alias of U12 Melzer's book on the Assange case from melzerassange to melzerassang.
Aug 24 2021, 7:33 PM
werner committed rG79e252714fd5: po: Auto update translations (authored by werner).
po: Auto update translations
Aug 24 2021, 7:32 PM
werner committed rG5f045c24ff7b: Post release updates (authored by werner).
Post release updates
Aug 24 2021, 7:32 PM
werner committed rG3bf8d7e1b7e0: Release 2.3.2 (authored by werner).
Release 2.3.2
Aug 24 2021, 7:32 PM
werner committed rG55b5928099ba: dirmngr: Change the default keyserver. (authored by werner).
dirmngr: Change the default keyserver.
Aug 24 2021, 7:32 PM
werner committed rG8b1fb9786167: po: In German always use "Passwort" instead of "Passphrase". (authored by werner).
po: In German always use "Passwort" instead of "Passphrase".
Aug 24 2021, 7:32 PM
werner committed rG3b1f4e8a3d61: po: Update German translation (authored by werner).
po: Update German translation
Aug 24 2021, 7:32 PM
werner triaged T5565: Release GnuPG 2.3.3 as Normal priority.
Aug 24 2021, 7:30 PM · gnupg (gpg23), Release Info
werner created U12 Melzer's book on the Assange case.
Aug 24 2021, 6:40 PM
aheinecke triaged T5564: GpgOL: Add key selection dialog if draft encrypt is on and no key has been selected as High priority.
Aug 24 2021, 11:27 AM · gpgol, Restricted Project
gniibe added a comment to T5556: Use of offsetof is better for allocation of flexible array.
t-fam.c: In function 'main':
t-fam.c:34:14: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
   34 |   aad0->next = NULL;
      |              ^
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
   30 |   aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:35:13: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
   35 |   aad0->len = 2;
      |   ~~~~~~~~~~^~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
   30 |   aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:36:15: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
   36 |   aad0->flags = 0;
      |   ~~~~~~~~~~~~^~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
   30 |   aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:37:18: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
   37 |   aad0->print_fd = fd;
      |   ~~~~~~~~~~~~~~~^~~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
   30 |   aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Aug 24 2021, 7:29 AM · gnupg24, gpgme, libgcrypt
gniibe added a comment to T5556: Use of offsetof is better for allocation of flexible array.

For GCC 11, modified version of struct arg_and_data_s has an issue for x86_64.

Aug 24 2021, 4:53 AM · gnupg24, gpgme, libgcrypt
gniibe committed rG3ed5f566fc05: gpg: Report the status of NO_SECKEY for decryption. (authored by gniibe).
gpg: Report the status of NO_SECKEY for decryption.
Aug 24 2021, 4:02 AM

Aug 23 2021

pert added a comment to T5135: Provide more practical thread-safe strerror, perhaps with strerror_l.

Actually, I think there's a way to make gpg_strerror_r more usable on its own. I previously said

I find it quite difficult to use strerror_r and gpg_strerror_r. With having to guess and retry to get an appropriate buffer length, a wrapper which dynamically allocates the string seems to be needed.

Aug 23 2021, 7:47 PM · gpgrt, Feature Request
ikloecker committed rKLEOPATRAd6582a49c422: Do not show "opaque signature" warning if just one file is to be signed (authored by ikloecker).
Do not show "opaque signature" warning if just one file is to be signed
Aug 23 2021, 5:08 PM
ikloecker committed rKLEOPATRAb2e7699ac08c: Update the commit button only if the corresponding wizard page is shown (authored by ikloecker).
Update the commit button only if the corresponding wizard page is shown
Aug 23 2021, 5:08 PM
ikloecker committed rKLEOPATRAe54ed5081272: Modernize code (authored by ikloecker).
Modernize code
Aug 23 2021, 5:08 PM
ikloecker committed rKLEOPATRAc7755bcbdafc: Ensure correct tab order in VS-NfD compliant mode (authored by ikloecker).
Ensure correct tab order in VS-NfD compliant mode
Aug 23 2021, 5:08 PM
ikloecker committed rKLEOPATRA4aacd973a86c: Set VS-NfD compliance hint also as tooltip of the commit button (authored by ikloecker).
Set VS-NfD compliance hint also as tooltip of the commit button
Aug 23 2021, 5:08 PM
werner claimed T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.
Aug 23 2021, 1:19 PM · Bug Report, gnupg (gpg23)
Jakuje added a comment to T5523: jitter entropy RNG update.

We should update jitterentropy to 3.0.2 or newer, which should be easier to get through certification, if we will go this way. From FIPS perspective, we should be fine with either going through getrandom only or with jitter entropy, but the bottom-line was that we should probably keep both as we do now.

Aug 23 2021, 12:46 PM · FIPS, libgcrypt
pubgmobile updated pubgmobile.
Aug 23 2021, 12:35 PM
Jakuje added a comment to T5244: libgcrypt: Restrict MD5 use.

From Stephan I got the following response to the allocation handler use case

Aug 23 2021, 12:00 PM · Bug Report, FIPS, libgcrypt
werner added a comment to T5523: jitter entropy RNG update.

I think the last user of random-fips was removed with rCed57fed6de1465e02ec5e3bc0affeabdd35e2eb7

Aug 23 2021, 11:38 AM · FIPS, libgcrypt
werner added a comment to T5523: jitter entropy RNG update.

Yes, it makes sense to remove it.

Aug 23 2021, 11:34 AM · FIPS, libgcrypt
gniibe added a watcher for FIPS: gniibe.
Aug 23 2021, 11:29 AM
ikloecker committed rKLEOPATRA2c00747e99e4: Disable sign option and encrypt options if needed keys are not available (authored by ikloecker).
Disable sign option and encrypt options if needed keys are not available
Aug 23 2021, 11:24 AM
gniibe added a project to T5244: libgcrypt: Restrict MD5 use: FIPS.
Aug 23 2021, 11:21 AM · Bug Report, FIPS, libgcrypt
werner added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.

Oh yes, I was blind.

Aug 23 2021, 9:56 AM · Bug Report, gnupg (gpg23)
gniibe added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.

Here is the place:
https://dev.gnupg.org/source/gnupg/browse/master/g10/pubkey-enc.c$151

Aug 23 2021, 9:10 AM · Bug Report, gnupg (gpg23)
werner added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.

A cursory look doesn't show me where list->result is set to something else than -1. Can you give me a hint?

Aug 23 2021, 9:07 AM · Bug Report, gnupg (gpg23)
gniibe added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.

In GnuPG 2.3, the procedure of decryption has been changed;
It now collects all ENC_TO packet, keeping it to ->PKENC_LIST field, and then process ENCRYPTED packet with the list.

Aug 23 2021, 8:43 AM · Bug Report, gnupg (gpg23)
luweitest added a comment to T5560: gpg.exe interrupt batch execution in WindowsXp.

So it is related to code page. Screenshots may be more informative:

Aug 23 2021, 8:23 AM · Windows, gnupg (gpg22), Bug Report
Saturneric added a comment to T5552: Key information loading is sometimes very slow. Suspected that the problem originated from gnupg..

After several days of observation, after modifying the configuration file options , the problem has indeed been greatly alleviated.

Aug 23 2021, 7:25 AM · FAQ, Keyserver, gnupg
gniibe added a comment to T5556: Use of offsetof is better for allocation of flexible array.

For the use case of struct arg_and_data_s in gpgme, which may allocate zero-sized ARG[], it seems that GCC 11 interprets it as an invalid use.

Aug 23 2021, 6:25 AM · gnupg24, gpgme, libgcrypt
gniibe committed rC581e04386d87: cipher: Use offsetof for allocation of gcry_md_context. (authored by gniibe).
cipher: Use offsetof for allocation of gcry_md_context.
Aug 23 2021, 4:52 AM
gniibe added projects to T5556: Use of offsetof is better for allocation of flexible array: libgcrypt, gpgme, gnupg (gpg23).
Aug 23 2021, 4:47 AM · gnupg24, gpgme, libgcrypt

Aug 22 2021

werner committed rD622f695de394: swdb: Libgcrypt 1.9.4 (authored by werner).
swdb: Libgcrypt 1.9.4
Aug 22 2021, 6:59 PM
werner closed T5328: On the (in)security of Elgamal in OpenPGP as Resolved.
Aug 22 2021, 6:13 PM · side-channel, CVE, libgcrypt
werner closed T5402: Release Libgcrypt 1.9.4 as Resolved.
Aug 22 2021, 6:12 PM · Release Info, libgcrypt
werner updated the task description for T5402: Release Libgcrypt 1.9.4.
Aug 22 2021, 6:12 PM · Release Info, libgcrypt
werner committed rC05422ca24a03: Release 1.9.4 (authored by werner).
Release 1.9.4
Aug 22 2021, 6:08 PM
werner committed rC06567be79d15: Post release updates (authored by werner).
Post release updates
Aug 22 2021, 6:08 PM
werner triaged T5563: Release Libgcrypt 1.9.5 as Low priority.
Aug 22 2021, 6:07 PM · Release Info, libgcrypt
werner updated subscribers of T5561: posix-io.c: In function '_gpgme_io_spawn': posix-io.c:577:23: error: void value not ignored as it ought to be .

Fallout from the fact that the @cbiedl left us and had an internal non-tagged ticket left open (T5456)

Aug 22 2021, 5:43 PM · Bug Report
werner closed T5490: gcry_pk_get_param aborts program with error on "Curve25519" as Resolved.
Aug 22 2021, 4:52 PM · libgcrypt, Bug Report
shoober420 closed T5561: posix-io.c: In function '_gpgme_io_spawn': posix-io.c:577:23: error: void value not ignored as it ought to be as Resolved.
Aug 22 2021, 4:49 PM · Bug Report
shoober420 added a comment to T5561: posix-io.c: In function '_gpgme_io_spawn': posix-io.c:577:23: error: void value not ignored as it ought to be .

I see whats going on. The GitHub gpgme mirror (https://github.com/gpg/gpgme) is no longer updated. The last commit is from June 22, 2021. Changing the source link to the official (https://dev.gnupg.org/source/gpgme) URL gets the latest updates, and now builds successfully.

Aug 22 2021, 4:46 PM · Bug Report
werner committed rC8bf723e91522: doc: Fix a typo. (authored by gniibe).
doc: Fix a typo.
Aug 22 2021, 3:23 PM
werner committed rCf91f02e8bba5: mpi/longlong.h: fix missing macro parameter parentheses (authored by jukivili).
mpi/longlong.h: fix missing macro parameter parentheses
Aug 22 2021, 3:23 PM
werner committed rC8ce522cfaba1: tests/t-mpi-point: add NIST curve multiplication test vectors (authored by jukivili).
tests/t-mpi-point: add NIST curve multiplication test vectors
Aug 22 2021, 3:23 PM
werner committed rC64e4a6a2a436: ecc: Fix bug in gcry_pk_get_param for Curve25519. (authored by werner).
ecc: Fix bug in gcry_pk_get_param for Curve25519.
Aug 22 2021, 3:23 PM
werner committed rC84ad6ac02c45: build: Fix broken mlock detection (authored by Johannes Schindelin via Gcrypt-devel <gcrypt-devel@gnupg.org>).
build: Fix broken mlock detection
Aug 22 2021, 3:23 PM
werner committed rCf1ee80baba7a: random: Silence a warning for building rndjent by Clang. (authored by gniibe).
random: Silence a warning for building rndjent by Clang.
Aug 22 2021, 3:23 PM
werner committed rC6e1412d6bdca: Minor tweak to gcry_free. (authored by werner).
Minor tweak to gcry_free.
Aug 22 2021, 3:23 PM
werner committed rCa83fb13a3bff: cipher: Extend convenience OID mapping table for AES. (authored by werner).
cipher: Extend convenience OID mapping table for AES.
Aug 22 2021, 3:23 PM
werner committed rC41dffbdd5180: cipher: Fix memory leaks for EdDSA. (authored by Tianjia Zhang <tianjia.zhang@linux.alibaba.com>).
cipher: Fix memory leaks for EdDSA.
Aug 22 2021, 3:23 PM
werner committed rC5632fa359a8c: ecc: Check the input length for the point. (authored by gniibe).
ecc: Check the input length for the point.
Aug 22 2021, 3:23 PM
werner committed rC7529b8e455e3: hwf-x86: fix use of wrong operand type (authored by jukivili).
hwf-x86: fix use of wrong operand type
Aug 22 2021, 3:23 PM
werner committed rCdd14da42caed: doc: Clarify gcry_md_setkey for keyed BLAKE hashes. (authored by werner).
doc: Clarify gcry_md_setkey for keyed BLAKE hashes.
Aug 22 2021, 3:23 PM

Aug 21 2021

werner added a comment to T5561: posix-io.c: In function '_gpgme_io_spawn': posix-io.c:577:23: error: void value not ignored as it ought to be .

This has already been fixed with rM4b64774b6d13ffa4f59dddf947a97d61bcfa2f2e

Aug 21 2021, 1:01 PM · Bug Report
werner triaged T5560: gpg.exe interrupt batch execution in WindowsXp as Normal priority.

Frankly, I don fully understand your report. Can you please clarify?
Note that with 2.2.8 we introduced full Unicode support on the command line. If you see scrambled output you may want to "chcp 65001" to get the output correctly rendered.

Aug 21 2021, 12:53 PM · Windows, gnupg (gpg22), Bug Report
werner triaged T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption as High priority.
Aug 21 2021, 12:47 PM · Bug Report, gnupg (gpg23)

Aug 20 2021

vsajip created T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.
Aug 20 2021, 11:05 PM · Bug Report, gnupg (gpg23)
Saturneric added a comment to T5552: Key information loading is sometimes very slow. Suspected that the problem originated from gnupg..

I have recently been busy with the new features and mechanisms of the GpgFrontend project.

Aug 20 2021, 4:44 PM · FAQ, Keyserver, gnupg
werner committed rG2b65f4e95380: wkd: Properly unescape the user-id from a key listing. (authored by werner).
wkd: Properly unescape the user-id from a key listing.
Aug 20 2021, 4:41 PM
werner committed rGdb5dc7a91af3: agent: Ignore passphrase constraints for a generated passphrase. (authored by werner).
agent: Ignore passphrase constraints for a generated passphrase.
Aug 20 2021, 4:41 PM
werner committed rG5ed8e598faaf: agent: Use the sysconfdir for a pattern file. (authored by werner).
agent: Use the sysconfdir for a pattern file.
Aug 20 2021, 4:41 PM
werner committed rG17e2ec488f66: common: New function decode_c_string. (authored by werner).
common: New function decode_c_string.
Aug 20 2021, 4:41 PM
werner committed rG576e429d41a1: wkd: Fix client issue with leading or trailing spaces in user-ids. (authored by werner).
wkd: Fix client issue with leading or trailing spaces in user-ids.
Aug 20 2021, 4:41 PM
werner committed rG6685696adafb: gpg: Return SUCCESS/FAILURE status also for --card-edit/name. (authored by werner).
gpg: Return SUCCESS/FAILURE status also for --card-edit/name.
Aug 20 2021, 4:41 PM
werner committed rG87d238de3d9d: wkd: Properly unescape the user-id from a key listing. (authored by werner).
wkd: Properly unescape the user-id from a key listing.
Aug 20 2021, 4:17 PM
shoober420 created T5561: posix-io.c: In function '_gpgme_io_spawn': posix-io.c:577:23: error: void value not ignored as it ought to be .
Aug 20 2021, 3:52 PM · Bug Report
luweitest created T5560: gpg.exe interrupt batch execution in WindowsXp.
Aug 20 2021, 10:01 AM · Windows, gnupg (gpg22), Bug Report
werner committed rGb4345f7521cb: wkd: Fix client issue with leading or trailing spaces in user-ids. (authored by werner).
wkd: Fix client issue with leading or trailing spaces in user-ids.
Aug 20 2021, 9:51 AM
werner added a comment to T5550: Fix check_binary_integrity.

iirc Uli Drepper added a hack to dladdr which we made use of. Seems to be integrated into dladdr1 now.

Aug 20 2021, 8:26 AM · FIPS, libgcrypt
gniibe committed rG1565baa93ae3: scd: Don't release the context until list_finish for PC/SC. (authored by gniibe).
scd: Don't release the context until list_finish for PC/SC.
Aug 20 2021, 8:25 AM
shtrom added a comment to T5436: gpg-agent 2.3.1: PIN caching not working for decrypt operations.

I added "disable-application piv" to ~/.gnupg/scdaemon.conf and the behavior went back to pin caching working as before. Since I don't use PIV, this is an acceptable workaround for me.

Aug 20 2021, 5:46 AM · gnupg24, yubikey, Bug Report
gniibe added a comment to T5550: Fix check_binary_integrity.

While I don't know if runtime integrity check is required or not by FIPS 140,
I checked OpenSSL, and it has such a check in openssl/providers/fips. The FIPS module configuration file which has the module checksum by HMAC is generated by openssl fipsinstall command.

Aug 20 2021, 3:23 AM · FIPS, libgcrypt
gniibe added a comment to T5550: Fix check_binary_integrity.

Ah... I realized that HMAC integrity check with dladdr (using address of constant string) might work (at some point) to determine the filename of libgcrypt.so, when/if glibc implementation allows searching with address of constant string. So, my claim "never worked" was wrong.

Aug 20 2021, 2:46 AM · FIPS, libgcrypt

Aug 19 2021

ikloecker committed rKLEOPATRA4479581deb12: Do not crash if there are no keys in the keyring (authored by ikloecker).
Do not crash if there are no keys in the keyring
Aug 19 2021, 5:38 PM
ikloecker moved T5544: Kleopatra: Ensure that file encryption dialogs has shortcuts on all actions from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Aug 19 2021, 4:05 PM · kleopatra, Restricted Project
ikloecker changed the status of T5544: Kleopatra: Ensure that file encryption dialogs has shortcuts on all actions from Open to Testing.
Aug 19 2021, 4:05 PM · kleopatra, Restricted Project
ikloecker changed the status of T5544: Kleopatra: Ensure that file encryption dialogs has shortcuts on all actions, a subtask of T5535: Kleopatra: Check that accessibility is also supported for VS-NfD, from Open to Testing.
Aug 19 2021, 4:05 PM · Restricted Project, kleopatra
ikloecker added a comment to T5544: Kleopatra: Ensure that file encryption dialogs has shortcuts on all actions.

I have added shortcuts to the checkboxes and the (first) visible filename requester. I have not added shortcuts to the two buttons because the first one is anyway the default button, i.e. it reacts on Return, and the Cancel button reacts on Esc.

Aug 19 2021, 4:05 PM · kleopatra, Restricted Project
werner committed rGc1a23c366475: gpg: Return SUCCESS/FAILURE status also for --card-edit/name. (authored by werner).
gpg: Return SUCCESS/FAILURE status also for --card-edit/name.
Aug 19 2021, 2:13 PM
ikloecker committed rKLEOPATRAa89f74471d70: Move output files/folders before "Encrypt/Sign ... separately" option (authored by ikloecker).
Move output files/folders before "Encrypt/Sign ... separately" option
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAf45b63d331b7: Simplify code checking for OpenPGP and/or S/MIME encryption (authored by ikloecker).
Simplify code checking for OpenPGP and/or S/MIME encryption
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA9f0ec8e0b3bc: Add wrapper widget for a FileNameRequester with icon (authored by ikloecker).
Add wrapper widget for a FileNameRequester with icon
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA93d3c3789f1a: Sort the enum values in the desired GUI order (authored by ikloecker).
Sort the enum values in the desired GUI order
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAb9a9ae106b6c: Do not add recipient field unconditionally when editing another started (authored by ikloecker).
Do not add recipient field unconditionally when editing another started
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA1d1c4df33d62: Ensure correct tab order of the recipient widgets (authored by ikloecker).
Ensure correct tab order of the recipient widgets
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA300719d3ec9a: Move focus to next (or previous) recipient field when removing one (authored by ikloecker).
Move focus to next (or previous) recipient field when removing one
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAa8bedd58865c: Add/improve/fix context of a few translated strings (authored by ikloecker).
Add/improve/fix context of a few translated strings
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA06b03e9b0524: Take the scroll area out of the tab order (authored by ikloecker).
Take the scroll area out of the tab order
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAb2817adf528c: Ensure correct setup of UI for default protocol (authored by ikloecker).
Ensure correct setup of UI for default protocol
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAa85ea08abb5f: Simplify layout handling of recipient widgets (authored by ikloecker).
Simplify layout handling of recipient widgets
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRA1ee45a58d278: Minor cleanup (authored by ikloecker).
Minor cleanup
Aug 19 2021, 1:04 PM
ikloecker committed rKLEOPATRAae821301ccf1: Make the filename requesters accessible with a shortcut (authored by ikloecker).
Make the filename requesters accessible with a shortcut
Aug 19 2021, 1:04 PM