Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Apr 13 2023

ikloecker committed rLIBKLEOb0564325d824: Remove bogus semicolons from expiry messages (authored by ikloecker).
Remove bogus semicolons from expiry messages
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO6ee2255bf189: Make expiry checker more robust in case of a circular certificate chain (authored by ikloecker).
Make expiry checker more robust in case of a circular certificate chain
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO16fa85c09a95: Use a loop instead of recursion to check the certificate chain (authored by ikloecker).
Use a loop instead of recursion to check the certificate chain
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO335d1fcf7667: Make expiry notification thresholds configurable (authored by ikloecker).
Make expiry notification thresholds configurable
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO86f4904e43e1: Wrap the four thresholds in a simple object (authored by ikloecker).
Wrap the four thresholds in a simple object
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO16ba827ee333: Replace different check methods with a single method (authored by ikloecker).
Replace different check methods with a single method
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEOf40d54c9e19a: Use the appropriate std::chrono type for the thresholds (authored by ikloecker).
Use the appropriate std::chrono type for the thresholds
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEOd8b3a59bab3f: Use the key cache instead of repeated key list jobs in the test (authored by ikloecker).
Use the key cache instead of repeated key list jobs in the test
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEOa8d3694243bc: Test ExpiryChecker without accessing private data (authored by ikloecker).
Test ExpiryChecker without accessing private data
Apr 13 2023, 2:17 PM
ikloecker committed rLIBKLEO83905d1b3814: Add ExpiryChecker (authored by ikloecker).
Add ExpiryChecker
Apr 13 2023, 2:17 PM
ebo added a comment to T6378: keytocard: invalid value.

my Yubikey works, too, if I disable PIV. With enabled PIV:

Apr 13 2023, 11:47 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner added a comment to T6437: Kleopatra: sign/encrypt folder results in general error.

On Windows we always use --status-fd=1 but with gpg it is not a problem because we use a differenrt fd for output.

Apr 13 2023, 10:58 AM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
werner committed rE770a01e6dc52: Update autogen.sh to better support gpg4win (authored by werner).
Update autogen.sh to better support gpg4win
Apr 13 2023, 10:07 AM
heirecka committed rKLEOPATRAfb39c3e1d26d: Add Framework dependencies to .kde-ci.yml (authored by heirecka).
Add Framework dependencies to .kde-ci.yml
Apr 13 2023, 9:01 AM
gniibe closed T5460: Migration for ABI change (newer mingw) as Resolved.
Apr 13 2023, 5:09 AM · gpg4win, Windows
gniibe added a comment to T5460: Migration for ABI change (newer mingw).

Fixed by rGfcbb849c26e9: speedo: Fix regression due to switching from gcc 8.3 to 10.2 for zlib build.

Apr 13 2023, 5:09 AM · gpg4win, Windows
gniibe closed T5897: Fix MinGW compilation error with 'struct _stat32' in common/sysutils.c from gnupg-2.3.4 as Resolved.
Apr 13 2023, 5:07 AM · gnupg24, toolchain, Feature Request, patch
gniibe closed T5891: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgcrypt-1.10.0 as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:47 AM · backport, libgcrypt, Bug Report
gniibe closed T5973: libgcrypt: Minor test issues reported by coverity as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:47 AM · backport, patch, libgcrypt, Bug Report
gniibe closed T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd') as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:46 AM · backport, hppa, libgcrypt, Gentoo, Bug Report
gniibe closed T5980: compilation error libgcrypt 1.10.1 as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:46 AM · backport, ppc, AIX, libgcrypt, Bug Report
gniibe closed T6432: libgcrypt - flag munging does not account for -Oz as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:40 AM · Bug Report
gniibe closed T6066: gcry_pk_hash_verify() does not work with explicitly specified hash algorithm as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:39 AM · backport, libgcrypt, Bug Report
gniibe closed T6239: gnugp 2.3.8 fails to build with --disable-ldap as Resolved.
Apr 13 2023, 3:37 AM · gnupg, Bug Report
gniibe closed T6384: libgcrypt link error if cipher chacha20 is not included as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:37 AM · patch, libgcrypt, Bug Report
gniibe closed T6417: FIPS service indicator regarding the public key algorithm flags and objects as Resolved.
Apr 13 2023, 3:33 AM · libgcrypt, FIPS
gniibe closed T6219: Ensure minimum key length for KDF in FIPS mode as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:31 AM · libgcrypt, FIPS, Bug Report
gniibe closed T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF as Resolved.
Apr 13 2023, 3:31 AM · backport, libgcrypt, FIPS
gniibe closed T5512: Implement service indicators as Resolved.
Apr 13 2023, 3:22 AM · Feature Request, FIPS, libgcrypt
gniibe closed T6048: Test suite fixes with --enable-pubkey-ciphers=ecc as Resolved.
Apr 13 2023, 3:21 AM · FIPS, libgcrypt
gniibe closed T5975: Allow signature verification using specific RSA keys <2k in FIPS mode as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:20 AM · backport, patch, libgcrypt, FIPS, Feature Request
gniibe closed T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:20 AM · backport, FIPS, libgcrypt
gniibe closed T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime" as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:19 AM · backport, FIPS, libgcrypt, Bug Report
gniibe closed T6127: FIPS 140-3 final review comments as Resolved.
Apr 13 2023, 3:17 AM · FIPS, libgcrypt, Bug Report
gniibe closed T6394: FIPS requires running PCT tests unconditionally as Resolved.
Apr 13 2023, 3:17 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T6127: FIPS 140-3 final review comments.

Fixed in 1.10.2.

Apr 13 2023, 3:16 AM · FIPS, libgcrypt, Bug Report
gniibe closed T6393: DRBG with SHA384 is no longer allowed in FIPS mode (and looks like impossible to enable anyway) as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:16 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T6394: FIPS requires running PCT tests unconditionally.

Fixed in 1.10.2.

Apr 13 2023, 3:15 AM · FIPS, libgcrypt, Bug Report
gniibe closed T6396: the gcry_pk_hash_sign/verify operates in FIPS non-operational mode as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:15 AM · libgcrypt, FIPS, Bug Report
gniibe closed T6397: PCT failures inconsistency in regards to the FIPS error state as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:15 AM · libgcrypt, FIPS, Bug Report
gniibe added a comment to T6417: FIPS service indicator regarding the public key algorithm flags and objects.

Fixed in 1.10.2.

Apr 13 2023, 3:14 AM · libgcrypt, FIPS
gniibe closed T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:13 AM · libgcrypt, Feature Request, Ubuntu, Debian, FIPS
gniibe closed T5918: Disable RSA PKCS #1.5 encryption in FIPS mode as Resolved.
Apr 13 2023, 3:12 AM · backport, libgcrypt, FIPS, Bug Report
gniibe closed T5970: gcry_mpi_invm producing wrong result as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:11 AM · backport, libgcrypt, Bug Report
gniibe closed T6204: gpgme:python Fix setup.py, using pkg-config (not deprecated gpg-error-config and gpgme-config), a subtask of T5683: Deprecation of gpg-error-config, as Resolved.
Apr 13 2023, 3:10 AM · gpgrt
gniibe closed T6204: gpgme:python Fix setup.py, using pkg-config (not deprecated gpg-error-config and gpgme-config) as Resolved.

Fixed in 1.19.0.

Apr 13 2023, 3:10 AM · Python, gpgme
gniibe closed T6273: AM_PATH_GPGME requires preceding invocation of AM_PATH_GPG_ERROR as Resolved.

Fixed in 1.19.0.

Apr 13 2023, 3:09 AM · gpgme, Bug Report
gniibe closed T6274: documentation needs update for replacing gpgme-config as Resolved.

Fixed in 1.19.0.

Apr 13 2023, 3:08 AM · Documentation, gpgme, Bug Report

Apr 12 2023

debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

This problem was introduced by commit cf10c74bd9d5aa80798f1c0e23a9126f381b26b3. Perhaps that change should be backed out in the interim so that a portable fix can be considered for the original issue?

Apr 12 2023, 11:25 PM · MacOS, libgcrypt, Bug Report
dj_winston updated dj_winston.
Apr 12 2023, 9:26 PM
dj_winston updated dj_winston.
Apr 12 2023, 9:26 PM
heirecka committed rKLEOPATRAf5bd64ea2e0c: GIT_SILENT Update Appstream for new release (authored by heirecka).
GIT_SILENT Update Appstream for new release
Apr 12 2023, 6:49 PM
heirecka committed rKLEOPATRA83728abb01ba: GIT_SILENT Upgrade release service version to 23.04.0. (authored by heirecka).
GIT_SILENT Upgrade release service version to 23.04.0.
Apr 12 2023, 6:49 PM
heirecka committed rKLEOPATRA229886e235c0: GIT_SILENT Update Appstream for new release (authored by heirecka).
GIT_SILENT Update Appstream for new release
Apr 12 2023, 6:49 PM
werner committed rGd965ee8d65f9: gpg: Curvenames may now compared case insensitive. (authored by werner).
gpg: Curvenames may now compared case insensitive.
Apr 12 2023, 5:32 PM
werner moved T6378: keytocard: invalid value from WiP to QA on the gnupg24 board.

Unfortunately I can't replicate that with my Yubikey on 2.4.1. Tried several variant and with and without keyboxd. My Yubikey has PIV disabled but I doubt that this is the problem.

Apr 12 2023, 5:15 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ebo moved T5725: Kleopatra: Certificate lookup shows only one result even if there are 100s matches from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 12 2023, 4:18 PM · Restricted Project, kleopatra, Bug Report
ebo removed a project from T5932: Kleopatra: Make fingerprint easier accessible: Restricted Project.
Apr 12 2023, 4:17 PM · kleopatra
ebo removed a project from T6162: WKD entry confirmation error: Restricted Project.
Apr 12 2023, 4:16 PM · Not A Bug, wkd
ebo moved T6258: IMAP-Fix not integrated in 3.1.25-Codebase and GnuPG VS Desktop 3.1.25 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 12 2023, 4:14 PM · Restricted Project
ebo removed a project from T6301: Kleopatra: Update Button does only check on keyserver: Restricted Project.
Apr 12 2023, 4:13 PM · kleopatra
ebo removed a project from T6300: Kleopatra: Add columns “origin” and “last update” to the User ID list for a certificate: Restricted Project.
Apr 12 2023, 4:11 PM · kleopatra, Feature Request
ebo removed a project from T6410: Kleopatra: trust root certificate allowed for user: Restricted Project.
Apr 12 2023, 4:10 PM · kleopatra
ebo moved T5441: Kleopatra: LDAP Search only shows one key from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 12 2023, 4:08 PM · Restricted Project, LDAP, kleopatra
ebo added a project to T5441: Kleopatra: LDAP Search only shows one key: Restricted Project.
Apr 12 2023, 4:08 PM · Restricted Project, LDAP, kleopatra
ebo assigned T6437: Kleopatra: sign/encrypt folder results in general error to werner.
Apr 12 2023, 3:04 PM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
ebo moved T6437: Kleopatra: sign/encrypt folder results in general error from Backlog to WiP on the gnupg24 board.
Apr 12 2023, 3:04 PM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
ebo added a project to T6437: Kleopatra: sign/encrypt folder results in general error: gnupg24.
Apr 12 2023, 3:00 PM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
ebo removed a project from T5441: Kleopatra: LDAP Search only shows one key: Restricted Project.
Apr 12 2023, 2:54 PM · Restricted Project, LDAP, kleopatra
ebo removed a project from T6328: Kleopatra: Hangs when decrypting an archive on an USB Stick: Restricted Project.
Apr 12 2023, 2:53 PM · kleopatra
ebo moved T6347: gpgtar needs to support a few more general command line args to be usable by gpgme from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 12 2023, 2:52 PM · gnupg, Restricted Project
ebo removed projects from T6377: Kleopatra: gpgsk file contains shadowed private key: gnupg22, Restricted Project.
Apr 12 2023, 2:50 PM · kleopatra
ebo moved T6437: Kleopatra: sign/encrypt folder results in general error from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 12 2023, 2:46 PM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
werner claimed T6378: keytocard: invalid value.
Apr 12 2023, 2:43 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ebo moved T6378: keytocard: invalid value from Backlog to WiP on the gnupg24 board.
Apr 12 2023, 2:40 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ebo moved T6378: keytocard: invalid value from QA to Backlog on the gnupg24 board.
Apr 12 2023, 2:39 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ebo changed the status of T6378: keytocard: invalid value from Testing to Open.
Apr 12 2023, 2:37 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ebo added a comment to T6378: keytocard: invalid value.

Test with GnuPG 2.4.1-beta76 failed with "error getting current key info: invalid name":

Apr 12 2023, 2:35 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
aheinecke triaged T6448: NSIS: Fix g4wihelp runonce and path_add for recent NSIS Versions as High priority.
Apr 12 2023, 2:29 PM · Restricted Project, Installer
ebo edited projects for T6093: gpg: Continues export of secret key if first passphrase dialog was canceled, added: gnupg24 (gnupg-2.4.1); removed gnupg24.
Apr 12 2023, 12:47 PM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), Bug Report, Restricted Project
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

It is a bit complicated. Let me describe the situation.

Apr 12 2023, 10:41 AM · MacOS, libgcrypt, Bug Report
ebo closed T5344: Kleopatra: explain crypto profiles even better as Resolved.

The crypto profiles have been removed in Gpg4win 4.1.1

Apr 12 2023, 10:14 AM · kleopatra, Feature Request, Documentation
ebo updated the task description for T6447: Kleopatra: "imported certificates" tab inconsistencies.
Apr 12 2023, 10:08 AM · vsd33, Restricted Project, Bug Report, kleopatra
werner added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Actually Linux already returns ENOSYS on older kernels where there is no getrandom libc call. Thus returning ENOSYS if we don't have the libc version of that syscall (i.e. getrandom) in FIPS mode seems to be the Right Thing to do. My whole comment was about fips mode - it does not make much sense to enable FIPS mode if the system is not appropriate for it.

Apr 12 2023, 8:58 AM · MacOS, libgcrypt, Bug Report
werner triaged T6445: Chunking armored messages and pubkeys? as Low priority.
Apr 12 2023, 8:45 AM · OpenPGP, Feature Request
werner triaged T6447: Kleopatra: "imported certificates" tab inconsistencies as Normal priority.
Apr 12 2023, 8:44 AM · vsd33, Restricted Project, Bug Report, kleopatra
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

I see, your issue is with the use of getrandom for FIPS. I understand now.

Apr 12 2023, 3:32 AM · MacOS, libgcrypt, Bug Report
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

ENOSYS is POSIX. My point is that: getrandom was introduced in Linux kernel with flags for particular purpose (differentiate use of /dev/random and /dev/urandom), but that feature has gone.
But, for FIPS behavior, RHEL and related OS use (possibly, some would say misuse) getrandom with GRND_RANDOM. This use is RHEL specific (not for other GNU/Linux). Use of getrandom is non-POSIX.

Apr 12 2023, 3:22 AM · MacOS, libgcrypt, Bug Report
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.
In T6442#169419, @gniibe wrote:

Returning ENOSYS is too strict, in my opinion; It doesn't work for machines other than CentOS/Fedora/RHEL.

Apr 12 2023, 2:41 AM · MacOS, libgcrypt, Bug Report
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Returning ENOSYS is too strict, in my opinion; Because the code in question doesn't work for machines other than CentOS/Fedora/RHEL. For other machines, it would be natural to just rely on getentropy (rather standard call).

Apr 12 2023, 2:27 AM · MacOS, libgcrypt, Bug Report

Apr 11 2023

werner committed rW5e041722c145: Partly rewrote gen-html.sh (authored by werner).
Partly rewrote gen-html.sh
Apr 11 2023, 5:30 PM
werner committed rW0fc432694c83: Fix gen-gnupg.sh output for wixlib files. (authored by werner).
Fix gen-gnupg.sh output for wixlib files.
Apr 11 2023, 4:48 PM
werner committed rWde7e54ffa9bd: Use the standard autogen.sh. (authored by werner).
Use the standard autogen.sh.
Apr 11 2023, 4:06 PM
regnveig added a comment to T6445: Chunking armored messages and pubkeys?.
In T6445#169394, @werner wrote:

Indeed, this is not implemented. AFAIK, this feature was introduced by PGP 2 to support BBS systems. I would suggest that you use binary messages and implement the chunking at the application level.

Apr 11 2023, 1:20 PM · OpenPGP, Feature Request
ebo created T6447: Kleopatra: "imported certificates" tab inconsistencies.
Apr 11 2023, 1:17 PM · vsd33, Restricted Project, Bug Report, kleopatra
ikloecker updated subscribers of T6437: Kleopatra: sign/encrypt folder results in general error.

The gpgme logs show that gpgtar is called with gpgtar [...] --status-fd 1 [...] --output - [...], i.e. fd 1 is used for status output and for the result output of gpgtar. This cannot work. To me this looks like a flawed implementation of _gpgme_io_pipe() resp. new_fd() in w32-io.c which happily returns 1 as FD on the first call.

Apr 11 2023, 11:37 AM · gpgme (gpgme 1.23.x), Bug Report, Restricted Project
werner committed rW296768f0d62f: Fix gen-gnupg.sh for gpg4win (authored by werner).
Fix gen-gnupg.sh for gpg4win
Apr 11 2023, 10:02 AM
werner committed rW17a4414b9aad: Add patch for gpgme 1.19.0 (authored by werner).
Add patch for gpgme 1.19.0
Apr 11 2023, 9:20 AM
ikloecker added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

What Werner wrote was also my thought. If getrandom is mandatory for FIPS, then it must not be possible to disable it silently.

Apr 11 2023, 9:16 AM · MacOS, libgcrypt, Bug Report
werner committed rW3de962e582e3: Update libgpg-error and Libgcrypt (authored by werner).
Update libgpg-error and Libgcrypt
Apr 11 2023, 9:08 AM
First
Prev
Next