Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Oct 7 2022

werner committed rGa946343f1475: wkd: New command --mirror for gpg-wks-client. (authored by werner).
wkd: New command --mirror for gpg-wks-client.
Oct 7 2022, 5:46 PM
werner committed rG88042821d81b: wkd: Restrict gpg-wks-client --mirror to the given domains. (authored by werner).
wkd: Restrict gpg-wks-client --mirror to the given domains.
Oct 7 2022, 5:46 PM
werner committed rGcd020284c9cf: wkd: Implement --blacklist option for gpg-wks-client (authored by werner).
wkd: Implement --blacklist option for gpg-wks-client
Oct 7 2022, 5:46 PM
werner committed rGb18b9b972e2d: wkd: Silence gpg-wks-client diagnostics from gpg. (authored by werner).
wkd: Silence gpg-wks-client diagnostics from gpg.
Oct 7 2022, 5:45 PM
werner committed rG0a151548b623: wkd: Restrict gpg-wks-client --mirror to the given domains. (authored by werner).
wkd: Restrict gpg-wks-client --mirror to the given domains.
Oct 7 2022, 5:36 PM
werner committed rG4364283f757f: wkd: Silence gpg-wks-client diagnostics from gpg. (authored by werner).
wkd: Silence gpg-wks-client diagnostics from gpg.
Oct 7 2022, 5:36 PM
werner committed rG94d13f53a3b4: common: Protect against a theoretical integer overflow in tlv.c (authored by werner).
common: Protect against a theoretical integer overflow in tlv.c
Oct 7 2022, 5:36 PM
werner committed rGb0b4e24c4fa8: wkd: Implement --blacklist option for gpg-wks-client (authored by werner).
wkd: Implement --blacklist option for gpg-wks-client
Oct 7 2022, 5:36 PM
Atzeloss created T6232: Documentation refers to wrong the RFC for GCM-SIV cipher mode (GCRY_CIPHER_MODE_GCM_SIV).
Oct 7 2022, 4:49 PM · Documentation
manonfgoo updated the task description for T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.
Oct 7 2022, 2:46 PM · gnupg24, gnupg (gpg23), scd, Feature Request
werner committed rGc300253181cf: common: Protect against a theoretical integer overflow in tlv.c (authored by werner).
common: Protect against a theoretical integer overflow in tlv.c
Oct 7 2022, 2:24 PM
werner committed rG2b2f8a1a0ca1: gpg: Show just keyserver and port with --send-keys. (authored by werner).
gpg: Show just keyserver and port with --send-keys.
Oct 7 2022, 2:24 PM
werner committed rG4cf8dc2d968f: dirmngr: Minor fix for baseDN fallback. (authored by werner).
dirmngr: Minor fix for baseDN fallback.
Oct 7 2022, 2:24 PM
werner committed rGa70a3204c24a: dirmngr: Support paged LDAP mode for KS_GET (authored by werner).
dirmngr: Support paged LDAP mode for KS_GET
Oct 7 2022, 2:24 PM
werner committed rG20cb9319d998: dirmngr: New options --first and --next for KS_GET. (authored by werner).
dirmngr: New options --first and --next for KS_GET.
Oct 7 2022, 2:24 PM
werner committed rG98fbac614105: dirmngr: Change interrogate_ldap_dn for better memory semantics. (authored by gniibe).
dirmngr: Change interrogate_ldap_dn for better memory semantics.
Oct 7 2022, 2:24 PM
werner committed rG73cc5e073ce9: dirnmgr: Fix the function prototype. (authored by gniibe).
dirnmgr: Fix the function prototype.
Oct 7 2022, 2:24 PM
werner committed rG5516f92224b6: dirmngr: Interrogate LDAP server when base DN specified. (authored by joeyberkovitz).
dirmngr: Interrogate LDAP server when base DN specified.
Oct 7 2022, 2:24 PM
werner committed rG615c9717c15a: dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND. (authored by werner).
dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND.
Oct 7 2022, 2:24 PM
werner committed rG44960e702ee3: dirmngr: Factor out interrogate_ldap_dn function. (authored by werner).
dirmngr: Factor out interrogate_ldap_dn function.
Oct 7 2022, 2:24 PM
werner committed rGfe7114ebf344: po: Fix wrong LF in the German translation (authored by werner).
po: Fix wrong LF in the German translation
Oct 7 2022, 11:54 AM
werner closed T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject as Resolved.
Oct 7 2022, 11:41 AM · gpgrt, gpgme, Bug Report
werner closed T5683: Deprecation of gpg-error-config as Resolved.
Oct 7 2022, 11:41 AM · gpgrt
werner closed T5912: libgpg-error: Drop WindowsCE support as Resolved.
Oct 7 2022, 11:40 AM · gpgrt
werner closed T5890: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgpg-error-1.44 as Resolved.
Oct 7 2022, 11:40 AM · gpgrt, Bug Report
werner closed T5922: libgpg-error: gpgrt_log_get_fd always returns -1 even if it's not tcp/socket., a subtask of T5921: No sharing of log_fd between child process, as Resolved.
Oct 7 2022, 11:39 AM · Bug Report, gnupg (gpg23)
werner closed T5922: libgpg-error: gpgrt_log_get_fd always returns -1 even if it's not tcp/socket. as Resolved.
Oct 7 2022, 11:39 AM · Bug Report, gpgrt
werner committed rEea031873aa96: Release 1.46 (authored by werner).
Release 1.46
Oct 7 2022, 11:39 AM
werner committed rEe08d87f06932: Post release updates (authored by werner).
Post release updates
Oct 7 2022, 11:39 AM
werner closed T6112: libgpg-error,w32: bidirectional Pipe support for estream as Resolved.
Oct 7 2022, 11:39 AM · Windows, gpgrt, Bug Report
werner closed T5923: Release Libgpg-error 1.46 as Resolved.
Oct 7 2022, 11:39 AM · Release Info, gpgrt
werner committed rD4ac00609b0ce: swdb: gpgrt 1.46 (authored by werner).
swdb: gpgrt 1.46
Oct 7 2022, 11:38 AM
Jakuje added a comment to T6217: sha3: wrong results for large inputs.

One more nit regarding to the test is the format string for size_t which was using %d instead of %zu. This is fixed by the attached patch:

Oct 7 2022, 11:21 AM · libgcrypt, FIPS, Bug Report
werner committed rWdb4da16307ba: packages: Update libksba (authored by werner).
packages: Update libksba
Oct 7 2022, 11:10 AM
manonfgoo added a comment to T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.

Here is the patch as file:

piv.patch3 KBDownload

Oct 7 2022, 10:49 AM · gnupg24, gnupg (gpg23), scd, Feature Request
manonfgoo added a comment to T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.

The patch applies with -p1 to the master brach, alternatively I could push a commit, but my user does not seam to be allowed to do so:

Oct 7 2022, 10:37 AM · gnupg24, gnupg (gpg23), scd, Feature Request
werner committed rD3ac196bbc0a8: swdb: Libksba 1.6.2 (authored by werner).
swdb: Libksba 1.6.2
Oct 7 2022, 10:32 AM
werner triaged T6231: Release Libgpg-error 1.47 as Low priority.
Oct 7 2022, 10:23 AM · Release Info, gpgrt
werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 7 2022, 10:21 AM · CVE, Release Info, libksba
werner committed rK43765244d1dd: Post release updates (authored by werner).
Post release updates
Oct 7 2022, 10:16 AM
werner committed rK29814959fe2b: Release 1.6.2 (authored by werner).
Release 1.6.2
Oct 7 2022, 10:16 AM
werner renamed T6210: Release LibKSBA 1.6.1 from Release Libksba 1.6.1 to Release LibKSBA 1.6.1.
Oct 7 2022, 10:05 AM · Release Info, libksba
werner created T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 7 2022, 10:03 AM · CVE, Release Info, libksba
werner committed rG64002ffdfc17: po: Fix wrong LF in the German translation (authored by werner).
po: Fix wrong LF in the German translation
Oct 7 2022, 9:54 AM
werner added a member for Contributor: manonfgoo.
Oct 7 2022, 9:39 AM
werner added a comment to T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.

[Merging didn't work]

Oct 7 2022, 9:37 AM · gnupg24, gnupg (gpg23), scd, Feature Request
werner reopened T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey as "Open".
Oct 7 2022, 9:36 AM · gnupg24, gnupg (gpg23), scd, Feature Request
werner reopened T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey, a subtask of T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys), as Open.
Oct 7 2022, 9:36 AM · yubikey, Feature Request
werner added a parent task for T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey: T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 7 2022, 9:36 AM · gnupg24, gnupg (gpg23), scd, Feature Request
werner added a subtask for T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys): T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.
Oct 7 2022, 9:36 AM · yubikey, Feature Request
werner merged T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey into T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 7 2022, 9:35 AM · yubikey, Feature Request
werner merged task T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey into T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 7 2022, 9:35 AM · gnupg24, gnupg (gpg23), scd, Feature Request
werner merged T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey into T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 7 2022, 9:34 AM · yubikey, Feature Request
werner merged task T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey into T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 7 2022, 9:34 AM · gnupg24, gnupg (gpg23), scd, Feature Request
l10n daemon script <scripty@kde.org> committed rKLEOPATRA5dbc752a3cca: SVN_SILENT made messages (.desktop file) - always resolve ours (authored by l10n daemon script <scripty@kde.org>).
SVN_SILENT made messages (.desktop file) - always resolve ours
Oct 7 2022, 5:35 AM
gniibe committed rGd68a803c4760: gpg: Fix wrong use of FD2INT with iobuf_fdopen_nc. (authored by gniibe).
gpg: Fix wrong use of FD2INT with iobuf_fdopen_nc.
Oct 7 2022, 4:38 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEO85645b636391: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 7 2022, 4:24 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA7da3a77980a1: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 7 2022, 4:21 AM

Oct 6 2022

manonfgoo added a comment to T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
In T6229#163870, @werner wrote:

The other key slots are claimed to be used for expired or archived keys as you rightfully mention. We need to figure out the real world semantic behind this before we can repurpose such keys.

Oct 6 2022, 10:44 PM · yubikey, Feature Request
manonfgoo added a comment to T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).

Pleaee have a look at https://dev.gnupg.org/T5790, i added a patch.

Oct 6 2022, 10:30 PM · yubikey, Feature Request
manonfgoo added a comment to T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey.

Attached you find a patch to this issue. This Patch sets the "keypair" attribute to the keys 0x82 to 0x95 unconditionaly.

Oct 6 2022, 10:29 PM · gnupg24, gnupg (gpg23), scd, Feature Request
werner triaged T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys) as Low priority.

The other key slots are claimed to be used for expired or archived keys as you rightfully mention. We need to figure out the real world semantic behind this before we can repurpose such keys.

Oct 6 2022, 6:44 PM · yubikey, Feature Request
werner committed rG7ccd489aa2e5: wkd: New command --mirror for gpg-wks-client. (authored by werner).
wkd: New command --mirror for gpg-wks-client.
Oct 6 2022, 6:40 PM
margirou created T6229: Include ability to use any/all of the keys stored on YubiKey's PIV applet ("retired" keys).
Oct 6 2022, 5:53 PM · yubikey, Feature Request
werner accepted rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

That's more than sufficient. Thanks.

Oct 6 2022, 3:07 PM
hefee created T6228: TOFU data are not updated when creating an encrypted message.
Oct 6 2022, 1:47 PM · gpgme, TOFU
gniibe committed rCefdc87b305ff: tests: Reproducer for short dklen in FIPS mode (authored by Jakuje).
tests: Reproducer for short dklen in FIPS mode
Oct 6 2022, 7:12 AM
gniibe committed rC6e832840a8b7: random: Extend the comment about FIPS specifics (authored by Jakuje).
random: Extend the comment about FIPS specifics
Oct 6 2022, 7:11 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA4d4d4a78ae07: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 6 2022, 4:11 AM

Oct 5 2022

werner closed T6142: On Windows, gpg 2.3.7 thinks the certificates of major keyservers have expired as Resolved.
Oct 5 2022, 4:20 PM · workaround, gnupg, Keyserver, Bug Report
werner closed T6142: On Windows, gpg 2.3.7 thinks the certificates of major keyservers have expired, a subtask of T5882: Cross signing certificate in X.509 support, as Resolved.
Oct 5 2022, 4:20 PM
werner committed rK4b7d9cd4a018: Detect a possible overflow directly in the TLV parser. (authored by werner).
Detect a possible overflow directly in the TLV parser.
Oct 5 2022, 4:12 PM
werner committed rG7a01e806eac4: dirmngr: Support paged LDAP mode for KS_GET (authored by werner).
dirmngr: Support paged LDAP mode for KS_GET
Oct 5 2022, 3:16 PM
werner committed rKe11e17620189: Post release updates (authored by werner).
Post release updates
Oct 5 2022, 2:17 PM
werner committed rKd3c1e063d708: Release 1.6.1 (authored by werner).
Release 1.6.1
Oct 5 2022, 2:17 PM
gniibe committed rPTHe894f0197fb4: w32: Add comment for our intentional casting for TlsSetValue. (authored by gniibe).
w32: Add comment for our intentional casting for TlsSetValue.
Oct 5 2022, 9:27 AM
Jakuje added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

I tried to clarify the comment in the following merge request. Feel free to pull it from there or adjust if it is too verbose or missing some points:

Oct 5 2022, 9:17 AM
gniibe triaged T6227: Windows 64-bit: NPTH API as Wishlist priority.
Oct 5 2022, 8:40 AM · Windows 64, Memo, npth
mlaurent committed rLIBKLEO0f469f64c238: GIT_SILENT: make sure to depend against qt6.4, kpimtextedit needs it (authored by mlaurent).
GIT_SILENT: make sure to depend against qt6.4, kpimtextedit needs it
Oct 5 2022, 8:01 AM
mlaurent committed rKLEOPATRA0cd00b23dd13: GIT_SILENT: make sure to depend against qt6.4, kpimtextedit needs it (authored by mlaurent).
GIT_SILENT: make sure to depend against qt6.4, kpimtextedit needs it
Oct 5 2022, 7:56 AM

Oct 4 2022

isundil added a comment to T6005: Problem decrypting inline images came up again.

Hello,
I'm having the same issue here, and as I've an image in the signature of my emails the signature is not visible at all when I sign the messages.
The image attached seems to be well included in the attachments and the image is readable.
Thanks,
isundil

Oct 4 2022, 9:14 PM · Unreleased, Bug Report, gpgol
isundil added a comment to T4350: Attachments in Outlook.
Oct 4 2022, 9:12 PM · Info Needed, gpgol, Bug Report, gpg4win
werner added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

A minor clarification in the code comment would be enough. Something like: Some non-standard kernel return only 32 bytes of strong entropy to satisfy current FIPS requirements.

Oct 4 2022, 9:05 PM
werner added a comment to T6097: SC-HSM 4K Compatibility.

Yes, that's probably right. I talked to the vendor and they were nice enough to send us specs and samples. However, without a strong business case support for these cards we can't prioritize this work.

Oct 4 2022, 9:01 PM · Bug Report
werner closed T6226: Native PKCS#11 support, by attaching any module/library, without having to use workarounds (alternative gpg-agent etc.) as Wontfix.

Most PCKS#11 drivers are proprietary software which do not fit well into a free software system. Thus we avoid them. And of course we provide pcksc#11 support: Install Scute. There are no workarounds like alternative gpg-agent's - those things don't work reliable and are not supported.

Oct 4 2022, 8:57 PM · Feature Request
werner closed T6225: Gpg4win 4.0.3 and GnuPG 2.3.7 cannot use OpenPGP Card with ECC Keys as Resolved.

This is a duplicate of T6070. Please wait for gnupg 2.3.8

Oct 4 2022, 8:46 PM
margirou updated the task description for T6226: Native PKCS#11 support, by attaching any module/library, without having to use workarounds (alternative gpg-agent etc.).
Oct 4 2022, 5:49 PM · Feature Request
margirou added a comment to T6226: Native PKCS#11 support, by attaching any module/library, without having to use workarounds (alternative gpg-agent etc.).
Oct 4 2022, 5:04 PM · Feature Request
margirou created T6226: Native PKCS#11 support, by attaching any module/library, without having to use workarounds (alternative gpg-agent etc.).
Oct 4 2022, 5:01 PM · Feature Request
margirou added a comment to T6097: SC-HSM 4K Compatibility.

I am attaching one last log I have while trying to use the SC-HSM and using the debug options mentioned. From what I understand, the keys and certificates are recognised by scdaemon, but, for some reason, they don't show up in gpg --card-edit --expert or in Kleopatra. Having AES symmetric keys also causes the PrKDF to show up as invalid.

Oct 4 2022, 4:48 PM · Bug Report
margirou updated the task description for T6225: Gpg4win 4.0.3 and GnuPG 2.3.7 cannot use OpenPGP Card with ECC Keys.
Oct 4 2022, 4:03 PM
margirou created T6225: Gpg4win 4.0.3 and GnuPG 2.3.7 cannot use OpenPGP Card with ECC Keys.
Oct 4 2022, 3:56 PM
pirkes reopened T5216: Kleopatra: Fix handling of UNC paths as "Open".
Oct 4 2022, 2:38 PM · kleopatra
werner committed rG4de98d4468f3: dirmngr: New options --first and --next for KS_GET. (authored by werner).
dirmngr: New options --first and --next for KS_GET.
Oct 4 2022, 12:59 PM
werner moved T6219: Ensure minimum key length for KDF in FIPS mode from Backlog to Ready for release on the FIPS board.
Oct 4 2022, 11:09 AM · libgcrypt, FIPS, Bug Report
gniibe added a comment to T6219: Ensure minimum key length for KDF in FIPS mode.

Also applied to 1.10 branch.

Oct 4 2022, 11:09 AM · libgcrypt, FIPS, Bug Report
Jakuje added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.
In rCa6a6e94027abf18a51f5f93bf9fb2cfe5496bdf8#74835, @werner wrote:

Why is that not stated in my man page which knows about kernel 3.19? Is that a regression or a RedHat specific patch?

Oct 4 2022, 9:57 AM
werner added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

Why is that not stated in my man page which knows about kernel 3.19? Is that a regression or a RedHat specific patch?

Oct 4 2022, 9:15 AM
gniibe committed rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode (authored by Jakuje).
random: Get maximum 32B of entropy at once in FIPS Mode
Oct 4 2022, 6:57 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA10ed3105966c: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Oct 4 2022, 4:11 AM
First
Prev
Next