Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Oct 4 2022

l10n daemon script <scripty@kde.org> committed rLIBKLEO3ca12f40beff: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 4 2022, 4:11 AM

Oct 3 2022

l10n daemon script <scripty@kde.org> committed rLIBKLEO9697f54a92e8: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 3 2022, 4:57 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA0f22dd2be8d1: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 3 2022, 4:53 AM

Oct 2 2022

jukivili committed rC567bc62e1c30: tests: Avoid memory leak (authored by Jakuje).
tests: Avoid memory leak
Oct 2 2022, 4:02 PM
jukivili committed rC0909186b9e66: t-rsa-testparm: fix 'function declaration isn’t a prototype' warning (authored by jukivili).
t-rsa-testparm: fix 'function declaration isn’t a prototype' warning
Oct 2 2022, 4:02 PM
jukivili committed rC6419fbb1d3dd: tests/benchmark: remove VLA usage (authored by jukivili).
tests/benchmark: remove VLA usage
Oct 2 2022, 4:02 PM
jukivili committed rC335b8eb1211b: tests/bench-slope: remove VLA usage (authored by jukivili).
tests/bench-slope: remove VLA usage
Oct 2 2022, 4:02 PM
jukivili committed rCce60a68a1172: cipher-ccm: remove VLA usage (authored by jukivili).
cipher-ccm: remove VLA usage
Oct 2 2022, 4:02 PM
jukivili committed rC9978fc22045c: mpi/ec: remove VLA usage (authored by jukivili).
mpi/ec: remove VLA usage
Oct 2 2022, 4:02 PM
jukivili added a comment to T6217: sha3: wrong results for large inputs.

Patch applied to master, thanks.

Oct 2 2022, 3:55 PM · libgcrypt, FIPS, Bug Report
l10n daemon script <scripty@kde.org> committed rLIBKLEO44002c652e0f: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 2 2022, 5:22 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA839c9123a2a6: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 2 2022, 5:06 AM

Oct 1 2022

mkjmkj added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.
In T6218#163787, @gouttegd wrote:

Does the latest Scute require an instance of gpg-agent and/or scdaemon running to work?

Yes. Scute relies on those to interact with the token.

Oct 1 2022, 2:49 PM · gnupg24, scute, scd, Bug Report

Sep 30 2022

mlaurent committed rKLEOPATRAa2bb1403493a: Fix bug 459861: Compile error from missing #include lines (authored by mlaurent).
Fix bug 459861: Compile error from missing #include lines
Sep 30 2022, 5:06 PM
gouttegd added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

Does the latest Scute require an instance of gpg-agent and/or scdaemon running to work?

Sep 30 2022, 4:58 PM · gnupg24, scute, scd, Bug Report
werner committed rG3390951ffd69: gpg: Show just keyserver and port with --send-keys. (authored by werner).
gpg: Show just keyserver and port with --send-keys.
Sep 30 2022, 4:42 PM
Jakuje added a comment to T6217: sha3: wrong results for large inputs.

One nit that I overlooked initially is the memory leak, which is fixed with the following patch:

libgcrypt-leak.patch732 BDownload

Sep 30 2022, 2:56 PM · libgcrypt, FIPS, Bug Report

Sep 29 2022

werner committed rG11aa5a93a754: dirmngr: Minor fix for baseDN fallback. (authored by werner).
dirmngr: Minor fix for baseDN fallback.
Sep 29 2022, 4:01 PM
werner committed rG2e22184ba5ac: gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant. (authored by werner).
gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant.
Sep 29 2022, 3:17 PM
werner committed rG46f9b0071f54: gpg: Fix assertion failure due to errors in encrypt_filter. (authored by werner).
gpg: Fix assertion failure due to errors in encrypt_filter.
Sep 29 2022, 3:17 PM
werner committed rGa51067a21f68: gpg: Make --require-compliance work for -se (authored by werner).
gpg: Make --require-compliance work for -se
Sep 29 2022, 3:17 PM
werner changed the status of T6221: When encrypting, gpg claims DE_VS compliance with non-compliant gcrypt from Open to Testing.

Indeed, the status line should not be emitted in this case. Thanks.

Sep 29 2022, 2:17 PM · gnupg (gpg22), Bug Report
werner committed rG07c6743148d4: gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant. (authored by werner).
gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant.
Sep 29 2022, 2:17 PM
justus added a comment to T6221: When encrypting, gpg claims DE_VS compliance with non-compliant gcrypt.
% gpgconf --list-options gpg  | grep compliance
compliance:16:2::1:1::"gnupg::
compliance_de_vs:144:3::2:2::0::
% dpkg --list libgcrypt20 | cat
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name              Version      Architecture Description
+++-=================-============-============-=====================================
ii  libgcrypt20:amd64 1.10.1-2     amd64        LGPL Crypto library - runtime library
% gpg --version
gpg (GnuPG) 2.2.39
libgcrypt 1.10.1
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Sep 29 2022, 11:03 AM · gnupg (gpg22), Bug Report
werner added a project to T6223: GPGME incorrectly parses the signature class in SIG_CREATED status lines: Feature Request.

Let's don't forget that we need to have a sig_class replacement.

Sep 29 2022, 10:42 AM · Feature Request, gpgme, Bug Report
werner committed rMb1e5f3b18310: core: Fix SIG_CREATED status parsing for 0x1F sigs (authored by werner).
core: Fix SIG_CREATED status parsing for 0x1F sigs
Sep 29 2022, 10:10 AM
aheinecke triaged T6221: When encrypting, gpg claims DE_VS compliance with non-compliant gcrypt as Low priority.

With a gcrypt not claiming compliance you should not get the status compliant or not but GnuPG should error out with forbidden.

Sep 29 2022, 9:34 AM · gnupg (gpg22), Bug Report
werner added a comment to T6223: GPGME incorrectly parses the signature class in SIG_CREATED status lines.

This is not easy to fix because it would break the GPGME API. Here
are the values we can expect:

Sep 29 2022, 9:32 AM · Feature Request, gpgme, Bug Report
aheinecke created P15 (An Untitled Masterwork).
Sep 29 2022, 9:21 AM
werner triaged T6223: GPGME incorrectly parses the signature class in SIG_CREATED status lines as Normal priority.

I assume this is gpgme master. Please write proper bug reports.

Sep 29 2022, 8:30 AM · Feature Request, gpgme, Bug Report
werner added a project to T6221: When encrypting, gpg claims DE_VS compliance with non-compliant gcrypt: gnupg (gpg22).

Justus, you should know how to write a proper bug report. Please do that and don't just paste some more or less random output here with just hint that Libgcrypt is not compliant. tia.

Sep 29 2022, 8:28 AM · gnupg (gpg22), Bug Report
werner closed T6222: gpg --faked-system-time "$(date +%s)!" doesn't work as Wontfix.

This is a debug option; I see no use case for this.

Sep 29 2022, 8:22 AM · gnupg, Bug Report
werner triaged T6224: Mirror internal LDAP to a WKD as Normal priority.
Sep 29 2022, 8:21 AM · Restricted Project, Feature Request, gnupg (gpg23)
gniibe added a comment to T6002: scute w/ gpg23: Support multiple cards/tokens, major update with KEYGRIP.

Merged the changes in t6002 branch into master.

Sep 29 2022, 3:16 AM · Feature Request, scute
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..

Sep 29 2022, 3:10 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe committed rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified. (authored by joeyberkovitz).
dirmngr: Interrogate LDAP server when base DN specified.
Sep 29 2022, 2:54 AM
gniibe committed rG4b2066afb498: dirmngr: Change interrogate_ldap_dn for better memory semantics. (authored by gniibe).
dirmngr: Change interrogate_ldap_dn for better memory semantics.
Sep 29 2022, 2:54 AM
gniibe committed rG03f392333729: Register DCO for Joey Berkovitz. (authored by gniibe).
Register DCO for Joey Berkovitz.
Sep 29 2022, 2:54 AM
gniibe committed rG530d709607e5: dirnmgr: Fix the function prototype. (authored by gniibe).
dirnmgr: Fix the function prototype.
Sep 29 2022, 2:54 AM

Sep 28 2022

werner committed rG536b5cd66305: dirmngr: Fix lost flags during LDAP upload (authored by werner).
dirmngr: Fix lost flags during LDAP upload
Sep 28 2022, 3:44 PM
werner committed rG1b0c17dfab50: gpg: Silence some diagnostics. (authored by werner).
gpg: Silence some diagnostics.
Sep 28 2022, 3:44 PM
werner committed rGd7a0df4478ec: doc: Typo fix in a comment. (authored by werner).
doc: Typo fix in a comment.
Sep 28 2022, 3:42 PM
werner committed rG32ce7ac0c674: dirmngr: Fix lost flags during LDAP upload (authored by werner).
dirmngr: Fix lost flags during LDAP upload
Sep 28 2022, 3:42 PM
justus created T6223: GPGME incorrectly parses the signature class in SIG_CREATED status lines.
Sep 28 2022, 2:00 PM · Feature Request, gpgme, Bug Report
justus created T6222: gpg --faked-system-time "$(date +%s)!" doesn't work.
Sep 28 2022, 1:37 PM · gnupg, Bug Report
justus created T6221: When encrypting, gpg claims DE_VS compliance with non-compliant gcrypt.
Sep 28 2022, 1:33 PM · gnupg (gpg22), Bug Report
mkjmkj added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

That sounds quite cool.

Sep 28 2022, 10:27 AM · gnupg24, scute, scd, Bug Report
werner added a comment to T6220: gpg --full-generate-key does not use max RSA keysize when --enable-large-rsa is set.

Add --expert and use a decent version of GnuPG. 2.2 is our long term support branch and is not the current stable production version (which is 2.3.7)

Sep 28 2022, 10:23 AM · g10code (gnupg-2.2), gnupg, Bug Report
werner added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

Actually we developed PIV support to allow the use of PIV X.509 certificates and OpenPGP keys with Yubikeys. In fact, GnuPG is able to switch between the Yubikey PIV and OpenPGP applications on-the-fly while keeping their PIN verification states.

Sep 28 2022, 10:22 AM · gnupg24, scute, scd, Bug Report
mkjmkj added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

I was indeed using version 1.5.0 for testing, but I wish to clarify the purpose of Scute in my setup before proceeding.

Sep 28 2022, 10:04 AM · gnupg24, scute, scd, Bug Report
werner committed rGd65a0335e5cb: dirmngr: New server flag "areconly" (A-record-only) (authored by werner).
dirmngr: New server flag "areconly" (A-record-only)
Sep 28 2022, 9:56 AM
werner committed rG6300035ba17b: dirmngr: New server flag "areconly" (A-record-only) (authored by werner).
dirmngr: New server flag "areconly" (A-record-only)
Sep 28 2022, 9:46 AM
2l47 added a comment to T6220: gpg --full-generate-key does not use max RSA keysize when --enable-large-rsa is set.

Perhaps --full-generate-key should provide more algorithm choices, then, e.g. ed25519?

Sep 28 2022, 9:26 AM · g10code (gnupg-2.2), gnupg, Bug Report
werner closed T6220: gpg --full-generate-key does not use max RSA keysize when --enable-large-rsa is set as Wontfix.

Sorry, this as been discussed ad nausea. We try our best to help people not to use useless and harmful (e.g. performance of the WoT) algorithm choices.

Sep 28 2022, 9:17 AM · g10code (gnupg-2.2), gnupg, Bug Report
gniibe committed rSfa6369651060: Fix keyinfo listing. (authored by gniibe).
Fix keyinfo listing.
Sep 28 2022, 8:19 AM
gniibe committed rS3bf758969ded: Do not launch gpg-agent if no-autostart is active. (authored by werner).
Do not launch gpg-agent if no-autostart is active.
Sep 28 2022, 8:07 AM
gniibe committed rS1a87b2f26ad9: Add option to return leaf certificate only. (authored by gouttegd).
Add option to return leaf certificate only.
Sep 28 2022, 8:07 AM
gniibe committed rS819009a5a782: Avoid segv in case of a MISSING_KEY error. (authored by werner).
Avoid segv in case of a MISSING_KEY error.
Sep 28 2022, 8:07 AM
gniibe committed rS9a61a3267f7d: Avoid endless loop due to bogus certificate chains. (authored by werner).
Avoid endless loop due to bogus certificate chains.
Sep 28 2022, 8:07 AM
gniibe committed rS3d3222d9f9a0: Add configure option only-marked (authored by werner).
Add configure option only-marked
Sep 28 2022, 8:07 AM
gniibe committed rSb2cacfb9373a: Tweak for GetSlotList for Firefox. (authored by gniibe).
Tweak for GetSlotList for Firefox.
Sep 28 2022, 8:07 AM
gniibe committed rS458eea3371ea: Don't use SCD READCERT, but just use gpgsm. (authored by gniibe).
Don't use SCD READCERT, but just use gpgsm.
Sep 28 2022, 8:07 AM
gniibe committed rSc916e41937df: Fix sign/decrypt operation. (authored by gniibe).
Fix sign/decrypt operation.
Sep 28 2022, 8:07 AM
gniibe committed rS26d21a2e7ca5: Allow SeedRandom. (authored by gniibe).
Allow SeedRandom.
Sep 28 2022, 8:07 AM
gniibe committed rS8170a35bddea: Fix C_GetSlotInfo. (authored by gniibe).
Fix C_GetSlotInfo.
Sep 28 2022, 8:07 AM
gniibe committed rSb4bc848320bb: Fix slot_get_status. (authored by gniibe).
Fix slot_get_status.
Sep 28 2022, 8:07 AM
gniibe committed rS88e3e58fa237: First step for multiple device support, using the keygrip. (authored by gniibe).
First step for multiple device support, using the keygrip.
Sep 28 2022, 8:07 AM
gniibe committed rSf666690b817e: Second step for multiple device support. No monitoring cards. (authored by gniibe).
Second step for multiple device support. No monitoring cards.
Sep 28 2022, 8:07 AM
gniibe committed rS85fce6342624: Remove $DISPSERIALNO support. (authored by gniibe).
Remove $DISPSERIALNO support.
Sep 28 2022, 8:07 AM
gniibe committed rS1cc5c465862e: Fix NR_ATTR_CERT. (authored by gniibe).
Fix NR_ATTR_CERT.
Sep 28 2022, 8:07 AM
gniibe committed rSfd72f517b923: Allow up to four cards (only use the first slot for now). (authored by gniibe).
Allow up to four cards (only use the first slot for now).
Sep 28 2022, 8:07 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEOeec9c7327a6e: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
Sep 28 2022, 4:00 AM

Sep 27 2022

gouttegd added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

Which version of Scute are you using?

Sep 27 2022, 11:42 PM · gnupg24, scute, scd, Bug Report
2l47 added projects to T6220: gpg --full-generate-key does not use max RSA keysize when --enable-large-rsa is set: gnupg, g10code (gnupg-2.2).
Sep 27 2022, 11:40 PM · g10code (gnupg-2.2), gnupg, Bug Report
2l47 created T6220: gpg --full-generate-key does not use max RSA keysize when --enable-large-rsa is set.
Sep 27 2022, 11:39 PM · g10code (gnupg-2.2), gnupg, Bug Report
mlaurent committed rKLEOPATRA579461311cc7: GIT_SILENT: it compiles fine without deprecated methods (authored by mlaurent).
GIT_SILENT: it compiles fine without deprecated methods
Sep 27 2022, 7:55 PM
vitusb added a comment to T6203: GpgOL (Gpg4Win 3.1.24) / Error in parsing mail-headers (empty mail-body without correct decoded encryption-scheme) when using gpgol.dll 2.5.4 (gpgol.dll 2.5.0 from 3.1.16 works).

I did a build of Gpg4Win 3.1.24 with Andre's provided patch :-)

Sep 27 2022, 11:08 AM · Restricted Project, gpgol
Jakuje added a comment to T6219: Ensure minimum key length for KDF in FIPS mode.

The specs https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf page 10 says specifically:

Sep 27 2022, 11:07 AM · libgcrypt, FIPS, Bug Report
mkjmkj added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

Using Scute as a drop-in replacement doesn't currently work. Perhaps my config needs more adjustments than just:

module = /usr/lib/x86_64-linux-gnu/scute/scute.so
Sep 27 2022, 9:20 AM · gnupg24, scute, scd, Bug Report
jukivili committed rC0cb29a5736cf: tests/hashtest: add hugeblock & disable-hwf options and 6 gig test vectors (authored by jukivili).
tests/hashtest: add hugeblock & disable-hwf options and 6 gig test vectors
Sep 27 2022, 7:34 AM
jukivili committed rC9c828129b205: keccak: Use size_t to avoid integer overflow (authored by Jakuje).
keccak: Use size_t to avoid integer overflow
Sep 27 2022, 7:34 AM
jukivili added a comment to T6217: sha3: wrong results for large inputs.

I've tested the different hw implementations (amd64, arm64, s390x) and they are all ok.

Sep 27 2022, 7:27 AM · libgcrypt, FIPS, Bug Report
gniibe committed rC3c04b692de1e: kdf:pkdf2: Check minimum allowed key size when running in FIPS mode. (authored by tobhe).
kdf:pkdf2: Check minimum allowed key size when running in FIPS mode.
Sep 27 2022, 6:57 AM
gniibe committed rC857e6f467d0f: kdf:pkdf2: Require longer input when FIPS mode. (authored by gniibe).
kdf:pkdf2: Require longer input when FIPS mode.
Sep 27 2022, 6:57 AM
gniibe changed the status of T6219: Ensure minimum key length for KDF in FIPS mode from Open to Testing.

Thank you for your report.

Sep 27 2022, 6:34 AM · libgcrypt, FIPS, Bug Report
tobhe added a member for Ubuntu: tobhe.
Sep 27 2022, 1:38 AM

Sep 26 2022

tobhe created T6219: Ensure minimum key length for KDF in FIPS mode.
Sep 26 2022, 9:08 PM · libgcrypt, FIPS, Bug Report
werner added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

Yes, I meant to use Scute as pkcsc11 module for pam_pkcs11. Thanks for explaining more verbosely what I meant.

Sep 26 2022, 7:59 PM · gnupg24, scute, scd, Bug Report
werner triaged T6217: sha3: wrong results for large inputs as Normal priority.
Sep 26 2022, 7:36 PM · libgcrypt, FIPS, Bug Report
gouttegd added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

I think Werner may have confused pam_pkcs11 with gnupg-pkcs11-scd. :)

Sep 26 2022, 4:26 PM · gnupg24, scute, scd, Bug Report
werner added a comment to T6217: sha3: wrong results for large inputs.

My poor old laptop - its RAM will now have a hard time to run the huge tests ;-)

Sep 26 2022, 3:57 PM · libgcrypt, FIPS, Bug Report
Jakuje added a comment to T6217: sha3: wrong results for large inputs.

The test looks good. I hope I changed the API in all the hw optimized implementations.

Sep 26 2022, 2:44 PM · libgcrypt, FIPS, Bug Report
werner committed rGacabbc0078d8: dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND. (authored by werner).
dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND.
Sep 26 2022, 2:43 PM
werner committed rG1b2ac21c4cf7: gpg: Don't consider unknown keys as non-compliant while decrypting. (authored by werner).
gpg: Don't consider unknown keys as non-compliant while decrypting.
Sep 26 2022, 2:43 PM
cklassen committed rWe51c5e3bb504: edited last paragraph of support page (authored by cklassen).
edited last paragraph of support page
Sep 26 2022, 12:47 PM
aheinecke committed rW1b720351db2a: MSI: Add uids for 3.1.23 and 3.1.24 releases (authored by aheinecke).
MSI: Add uids for 3.1.23 and 3.1.24 releases
Sep 26 2022, 11:51 AM
cklassen committed rWfe0ea5a9f3f4: fix for boxes on the right side of some pages (authored by cklassen).
fix for boxes on the right side of some pages
Sep 26 2022, 11:46 AM
cklassen committed rWc1aada678c3d: wiki link http -> https (authored by cklassen).
wiki link http -> https
Sep 26 2022, 11:46 AM
mkjmkj added a comment to T6218: Using Yubikey with GnuPG+scdaemon and PKCS11 over pcscd errors.

I'm not sure what you mean with using Scute as PKCS#11 provider instead of pam_pkcs11, as pam_pkcs11 is not a provider but a user of PKCS#11

Sep 26 2022, 10:08 AM · gnupg24, scute, scd, Bug Report
werner added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

BTW, I have also in mind to use an AD entry to figure out the used keyserver. It turned out that people don't like to modify the schema of their AD but instead use a separate LDS.

Sep 26 2022, 9:41 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
First
Prev
Next