Page MenuHome GnuPG
Feed All Stories

Dec 12 2021

MangoCats created T5730: During make, compile error under Ubuntu 21.10.
Dec 12 2021, 7:12 PM · gpgme, Bug Report
werner edited projects for T5729: Crypto tokens for GnuPG maintainers - an offer, added: dev.gnupg.org; removed Feature Request.

Thanks for the offer. However, the core developers are using tokens for more than a decade meanwhile. We even make our own tokens ;-).

Dec 12 2021, 5:10 PM · dev.gnupg.org

Dec 11 2021

Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAac014d57237f: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Dec 11 2021, 3:16 AM

Dec 10 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Hi jukivili,

Dec 10 2021, 3:21 PM · patch, ppc, libgcrypt, Feature Request
mrybczyn created T5729: Crypto tokens for GnuPG maintainers - an offer.
Dec 10 2021, 2:00 PM · dev.gnupg.org
werner closed T5726: Setting "compliance de-vs" in gpg.conf with libgcrypt 1.9.0 and newer causes confusing error messages as Resolved.

The first is a warning and the other error codes are exactly what we want.

Dec 10 2021, 1:53 PM · Not A Bug, libgcrypt, gnupg
ikloecker committed rMf3177d3ee0a1: cpp,tests: Add test runner for doing a WKD lookup without import (authored by ikloecker).
cpp,tests: Add test runner for doing a WKD lookup without import
Dec 10 2021, 12:52 PM
ikloecker moved T5728: qgpgme: Add support for doing a WKD lookup without implicit import from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Dec 10 2021, 12:16 PM · gpgme, Restricted Project
ikloecker triaged T5728: qgpgme: Add support for doing a WKD lookup without implicit import as Normal priority.
Dec 10 2021, 12:16 PM · gpgme, Restricted Project
ikloecker closed T5727: gpgme: Add support for dirmngr (and all other components) to dirinfo() as Resolved.
Dec 10 2021, 12:14 PM · gpgme, Restricted Project
ikloecker closed T5727: gpgme: Add support for dirmngr (and all other components) to dirinfo(), a subtask of T5334: Kleopatra: Add more support for WKS / WKD, as Resolved.
Dec 10 2021, 12:14 PM · kleopatra, Restricted Project
ikloecker committed rM5f1ba4011619: cpp: Add new supported components to API docs of dirInfo() (authored by ikloecker).
cpp: Add new supported components to API docs of dirInfo()
Dec 10 2021, 12:10 PM
ikloecker committed rM0ac3679a7450: core: Support all components with dirinfo() (authored by ikloecker).
core: Support all components with dirinfo()
Dec 10 2021, 12:10 PM
ikloecker triaged T5727: gpgme: Add support for dirmngr (and all other components) to dirinfo() as Normal priority.
Dec 10 2021, 12:00 PM · gpgme, Restricted Project
gniibe committed rG61ac580a2075: gpg: Emit compatible Ed25519 signature. (authored by gniibe).
gpg: Emit compatible Ed25519 signature.
Dec 10 2021, 8:32 AM
gniibe added a project to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata: Restricted Project.
Dec 10 2021, 7:45 AM · gnupg (gpg23), Bug Report
gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

Adding comments, fixing "const" qualifier, I pushed the change.

Dec 10 2021, 7:44 AM · gnupg (gpg23), Bug Report
Laurent Montel <montel@kde.org> committed rLIBKLEOf800b4721eff: GIT_SILENT: prepare 21.12.1 (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: prepare 21.12.1
Dec 10 2021, 7:06 AM
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Thank you, applied.

Dec 10 2021, 6:55 AM · FIPS, libgcrypt, Feature Request
gniibe committed rC02583e1216bc: tests: Include the new input files for tests (authored by Jakuje).
tests: Include the new input files for tests
Dec 10 2021, 6:55 AM

Dec 9 2021

Albert Astals Cid <aacid@kde.org> committed rKLEOPATRA46f871e4ac41: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Dec 9 2021, 5:33 PM
Jakuje created T5726: Setting "compliance de-vs" in gpg.conf with libgcrypt 1.9.0 and newer causes confusing error messages.
Dec 9 2021, 5:33 PM · Not A Bug, libgcrypt, gnupg
werner committed rW1ddf9b9a3841: build: Fix encryption of installers (authored by werner).
build: Fix encryption of installers
Dec 9 2021, 5:15 PM
Jakuje added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

It turned out that the new *.inp files are not part of the release tarball, which makes the tests from generated tarball fail. The attached patch should fix this issue.

Dec 9 2021, 5:06 PM · FIPS, libgcrypt, Feature Request
Yuri Chornoivan <yurchor@ukr.net> committed rKLEOPATRA9f75889b3e36: Fix minor typo (authored by Yuri Chornoivan <yurchor@ukr.net>).
Fix minor typo
Dec 9 2021, 9:24 AM
gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

A patch created:

Dec 9 2021, 7:30 AM · gnupg (gpg23), Bug Report
gniibe committed rC7d8403b59a10: tests,fips: Align the use of variable in_fips_mode. (authored by gniibe).
tests,fips: Align the use of variable in_fips_mode.
Dec 9 2021, 1:53 AM
gniibe committed rC5b82f4b4dbf3: Adjust tests for proper disablement of non-approve PK operations (authored by Jakuje).
Adjust tests for proper disablement of non-approve PK operations
Dec 9 2021, 1:53 AM
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

Thank you, applied.

Dec 9 2021, 1:53 AM · FIPS, libgcrypt

Dec 8 2021

Laurent Montel <montel@kde.org> committed rLIBKLEO11cb53668995: GIT_SILENT: fix some reuse lint warning (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: fix some reuse lint warning
Dec 8 2021, 7:33 PM
ikloecker created T5725: Kleopatra: Certificate lookup shows only one result even if there are 100s matches.
Dec 8 2021, 5:00 PM · Restricted Project, kleopatra, Bug Report
Jakuje added a comment to T5710: FIPS: disable DSA for FIPS.

Sorry for the noise. There were couple of other places which I missed initially and which are covered in the v2 patch which follows:

Dec 8 2021, 1:25 PM · FIPS, libgcrypt
Jakuje added a comment to T5710: FIPS: disable DSA for FIPS.

It turns out together with rCe96980022e5e some tests are failing in FIPS mode. The attached patch should handle the failures.

Dec 8 2021, 12:39 PM · FIPS, libgcrypt
gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

GnuPG 2.2 does:

  • In g10/sign.c:do_sign, it keeps leading zeros for Ed25519 signature, as opaque MPI
  • In g10/build-packet.c:do_signature which calls gpg_mpi_write to output the (opaque) MPI, leading zeros are removed.
Dec 8 2021, 12:20 PM · gnupg (gpg23), Bug Report
gniibe added a comment to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

Let me explain concretely.

Dec 8 2021, 12:18 PM · gpgrt, Bug Report
aheinecke added a comment to T5690: Kleopatra: Custom placeholder text in newcertificatewizard.

While testing I noticed that another requirement was to hide the advanced button. I have added this myself.

Dec 8 2021, 10:44 AM · kleopatra, Restricted Project
aheinecke committed rKLEOPATRA2dd2f9820f55: Add setting to hide advanced options for new keys (authored by aheinecke).
Add setting to hide advanced options for new keys
Dec 8 2021, 10:44 AM
outer added a comment to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

Excuse me NIBE san. What if any action do you expect me to take on this matter?
__outer

Dec 8 2021, 10:22 AM · gpgrt, Bug Report
gniibe closed T4951: Support point compression in Libgcrypt as Resolved.

Reading compressed point format has been done.
If writing support is needed, please open another task.

Dec 8 2021, 9:12 AM · Feature Request, libgcrypt
gniibe added a project to T5215: gnugp1: Fix build errors with gcc-10: Restricted Project.
Dec 8 2021, 9:10 AM · gnupg (gpg14), patch, Bug Report
gniibe added a project to T5393: gnupg coverity static analysis reports: Restricted Project.
Dec 8 2021, 9:09 AM · gnupg (gpg23), Bug Report
gniibe added a project to T5572: gnupg1: Missing extern-inline.m4 for gl_EXTERN_INLINE: Restricted Project.
Dec 8 2021, 9:07 AM · gnupg (gpg14)
gniibe added a project to T5579: libksba parallel build error (windows): Restricted Project.
Dec 8 2021, 9:07 AM · libksba, Bug Report
gniibe added a project to T5617: fips: Check library integrity before running selftests: Restricted Project.
Dec 8 2021, 9:06 AM · FIPS, libgcrypt, Bug Report
gniibe closed T5623: gpg2 hangs on many tasks on OpenIndiana (Illumos) as Resolved.
Dec 8 2021, 9:06 AM · Solaris, gnupg (gpg23)
gniibe renamed T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS from libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl to libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.
Dec 8 2021, 9:05 AM · gpgrt, Bug Report
gniibe added a project to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS: Restricted Project.
Dec 8 2021, 9:04 AM · gpgrt, Bug Report
gniibe added a project to T5714: tests: Do not run tests for algorithms that are not built-in: Restricted Project.
Dec 8 2021, 9:03 AM · libgcrypt, Bug Report
gniibe added a project to T5723: libgcrypt: Remove random-fips.c: Restricted Project.
Dec 8 2021, 9:03 AM · FIPS, libgcrypt
gniibe added a project to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: Restricted Project.
Dec 8 2021, 9:00 AM · FIPS, libgcrypt, Feature Request
gniibe added a project to T5244: libgcrypt: Restrict MD5 use: Restricted Project.
Dec 8 2021, 8:59 AM · Bug Report, FIPS, libgcrypt
gniibe triaged T5636: Run integrity checks + selftests from library constructor in FIPS as Normal priority.
Dec 8 2021, 8:57 AM · FIPS, libgcrypt, Bug Report
Laurent Montel <montel@kde.org> committed rKLEOPATRA8458194b302f: GIT_SILENT: fix some reuse lint warnings (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: fix some reuse lint warnings
Dec 8 2021, 8:54 AM
gniibe lowered the priority of T5576: New set of API for public key cryptography from High to Wishlist.
Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe added a comment to T5576: New set of API for public key cryptography.

This new API is not for FIPS directly (any more), as we introduced pk_hash_sign/verify for FIPS.

Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe removed a subtask for T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: T5576: New set of API for public key cryptography.
Dec 8 2021, 2:49 AM · FIPS, libgcrypt, Feature Request
gniibe removed a parent task for T5576: New set of API for public key cryptography: T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.
Dec 8 2021, 2:49 AM · libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Pushed the backport.

Dec 8 2021, 2:48 AM · FIPS, libgcrypt, Feature Request
gniibe committed rCa0a2b6796f58: tests: Add tests for gcry_pk_hash_sign/verify API. (authored by gniibe).
tests: Add tests for gcry_pk_hash_sign/verify API.
Dec 8 2021, 2:48 AM
gniibe changed the status of T5710: FIPS: disable DSA for FIPS from Open to Testing.
Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

I have been convinced disabling DSA makes more sense.

Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe committed rCea362090fc11: fips: Disable DSA in FIPS mode. (authored by Jakuje).
fips: Disable DSA in FIPS mode.
Dec 8 2021, 1:52 AM
gniibe changed the status of T5723: libgcrypt: Remove random-fips.c from Open to Testing.

Done.
(Actually, it's not in the tarball.)

Dec 8 2021, 1:50 AM · FIPS, libgcrypt
gniibe committed rC5521cac32d75: random: Remove random-fips.c from repo. (authored by gniibe).
random: Remove random-fips.c from repo.
Dec 8 2021, 1:50 AM

Dec 7 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Hi jukivili,
I ran some basic tests and it did show the errors. I am in the process investigating what went wrong. In the meantime, i also included test result that I have used in my testing from bench-slope. In this test, I captured the message with 272 bytes buffer from the original libgcrypt repo and my optimized repo. Note that the bulk version of my code do 8x unrolling and the rest will do 16 bytes. So the first 2 128 bytes ran thru gcry_ppc_aes_gcm_encrypt and the rest of the 16 bytes thru gcm_ctr_encrypt (cipher-gcm.c).

Dec 7 2021, 5:36 PM · patch, ppc, libgcrypt, Feature Request
werner added a member for g10code: ebo.
Dec 7 2021, 4:06 PM
Laurent Montel <montel@kde.org> committed rLIBKLEOe3187458cdd9: GIT_SILENT: prepare for the future CMakePreset qt6 build (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: prepare for the future CMakePreset qt6 build
Dec 7 2021, 2:11 PM
Laurent Montel <montel@kde.org> committed rKLEOPATRAf2c49b452b11: GIT_SILENT: prepare for the future CMakePreset qt6 build (authored by Laurent Montel <montel@kde.org>).
GIT_SILENT: prepare for the future CMakePreset qt6 build
Dec 7 2021, 1:52 PM
werner added a project to T5724: gpgconf --show-configs does not show the registry values : Windows.
Dec 7 2021, 12:36 PM · Windows, gnupg (gpg22), Bug Report
werner claimed T5724: gpgconf --show-configs does not show the registry values .
Dec 7 2021, 12:36 PM · Windows, gnupg (gpg22), Bug Report
werner triaged T5724: gpgconf --show-configs does not show the registry values as Normal priority.
Dec 7 2021, 12:36 PM · Windows, gnupg (gpg22), Bug Report
ikloecker closed T5722: GpgME::Context::engineInfo() always returns engine info of first engine as Resolved.
Dec 7 2021, 12:15 PM · Restricted Project, gpgme, Bug Report
Jakuje renamed T5720: The libgpg-error is using old inet_addr() unconditionally from The libgpg-error is using old inet_pton() unconditionally to The libgpg-error is using old inet_addr() unconditionally.
Dec 7 2021, 12:12 PM · gpgrt, Bug Report
ikloecker committed rM1a1e9145877a: cpp: Factor out common code of GpgME::engineInfo() overloads (authored by ikloecker).
cpp: Factor out common code of GpgME::engineInfo() overloads
Dec 7 2021, 12:05 PM
ikloecker committed rM0eddc867c31d: cpp: Return engine info for engine used by the context (authored by ikloecker).
cpp: Return engine info for engine used by the context
Dec 7 2021, 12:05 PM
werner set Due Date to Jan 17 2022, 12:00 AM on T5691: Release libgcrypt 1.10.0.
Dec 7 2021, 11:17 AM · FIPS, Release Info, libgcrypt
gniibe moved T5723: libgcrypt: Remove random-fips.c from Backlog to Next on the FIPS board.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe triaged T5723: libgcrypt: Remove random-fips.c as Normal priority.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe moved T5710: FIPS: disable DSA for FIPS from Backlog to Next on the FIPS board.
Dec 7 2021, 11:13 AM · FIPS, libgcrypt
ikloecker claimed T5722: GpgME::Context::engineInfo() always returns engine info of first engine.
Dec 7 2021, 11:00 AM · Restricted Project, gpgme, Bug Report
ikloecker created T5722: GpgME::Context::engineInfo() always returns engine info of first engine.
Dec 7 2021, 11:00 AM · Restricted Project, gpgme, Bug Report
aheinecke committed rWbabeaddd496e: Bump LTS version to 3.1.21 (authored by aheinecke).
Bump LTS version to 3.1.21
Dec 7 2021, 10:27 AM
aheinecke committed rWef2a45a9dd72: Minor spelling fix in l10n (authored by aheinecke).
Minor spelling fix in l10n
Dec 7 2021, 10:27 AM
ikloecker added a comment to T5718: Provide list of supported/compliant key algorithms.

Hmm,

$ gpg --with-colons --list-config curve
cfg:curve:cv25519;ed25519;cv448;ed448;nistp256;nistp384;nistp521;brainpoolP256r1;brainpoolP384r1;brainpoolP512r1;secp256k1

How would Kleopatra know that cv* is for encryption, ed* is for signing, and all other curves are for both uses? Or are the cv/ed prefixes a (de facto) standard?

Dec 7 2021, 9:37 AM · gnupg24, gnupg (gpg23), Feature Request
gniibe committed rC05472c1882df: build: cipher/Makefile.am, doc/Makefile.am: add a missing space (authored by Alexander Kanavin <alex.kanavin@gmail.com>).
build: cipher/Makefile.am, doc/Makefile.am: add a missing space
Dec 7 2021, 8:08 AM
gniibe committed rG4cf8bdb04855: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Dec 7 2021, 8:07 AM
gniibe committed rG14de7b1e5904: gpg: Accept Ed25519 private key in SOS which reserves leading zeros. (authored by gniibe).
gpg: Accept Ed25519 private key in SOS which reserves leading zeros.
Dec 7 2021, 8:07 AM
gniibe triaged T5721: gpg22: Update *.m4 to prefer use of gpgrt-config and *.pc to *-config as Wishlist priority.
Dec 7 2021, 8:00 AM · gnupg (gpg22)
gniibe renamed T5034: dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config from dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, ang gpg-error-config to dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config.
Dec 7 2021, 7:54 AM
gniibe added a project to T5120: Incompatible Ed25519 secret key (no-encryption): Restricted Project.
Dec 7 2021, 7:43 AM · gnupg (gpg22), Bug Report
werner added a comment to T5718: Provide list of supported/compliant key algorithms.

You may run

Dec 7 2021, 7:40 AM · gnupg24, gnupg (gpg23), Feature Request
gniibe added a comment to T5120: Incompatible Ed25519 secret key (no-encryption).

For GnuPG 2.2, it's better to be conservative (least change of behavior, if any).

Dec 7 2021, 7:17 AM · gnupg (gpg22), Bug Report
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

We have tests in gniibe/new-pk-api, which can be backported.

  • t-dsa
  • t-ecdsa
  • t-rsa-pss
  • t-rsa-15
Dec 7 2021, 6:02 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied.

Dec 7 2021, 3:37 AM · Feature Request, FIPS, libgcrypt
gniibe committed rC8ca3fe07d03e: md: Fix disabled check. (authored by gniibe).
md: Fix disabled check.
Dec 7 2021, 3:35 AM
gniibe committed rCe96980022e5e: Properly enforce disablement in other pubkey API (authored by Jakuje).
Properly enforce disablement in other pubkey API
Dec 7 2021, 3:32 AM
gniibe committed rCbea8b9672c3c: tests: Add paren for readability. (authored by gniibe).
tests: Add paren for readability.
Dec 7 2021, 3:32 AM
gniibe committed rC3152a565d9a4: md: Fix checking to use ->disabled instead of ->fips directly. (authored by gniibe).
md: Fix checking to use ->disabled instead of ->fips directly.
Dec 7 2021, 3:32 AM
gniibe added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

The patch has been applied.

Dec 7 2021, 2:35 AM · libgcrypt
gniibe committed rE7fac8e02d80d: configure: Add missing check for logging (authored by Jakuje).
configure: Add missing check for logging
Dec 7 2021, 2:18 AM