Page MenuHome GnuPG

DemiMarie (Demi Marie Obenour)
User

Projects

User Details

User Since
May 8 2022, 2:50 AM (136 w, 6 d)
Availability
Available

Recent Activity

Nov 11 2022

DemiMarie added a comment to T6272: gpg --cleartext and truncated lines .

Actually I am not sure whether this is really a bug and that the fix is needed. What has been signed and verified is what gpg has seen and what --output has written. For example a line in the cleartext format may read "- From my " but what actually has been signed was "From my". If a line has been truncated --output will write only the truncated and thus verified data and not what was in the cleartext format.

Nov 11 2022, 12:39 AM · Bug Report, gnupg

Sep 3 2022

DemiMarie created T6186: gpgv does not support --exit-on-status-write-error.
Sep 3 2022, 7:33 AM · gnupg
DemiMarie created T6185: `gpg2 --list-keys --with-colons > /dev/full` exits with status 0.
Sep 3 2022, 6:45 AM · Bug Report, gnupg

Sep 2 2022

DemiMarie created T6178: es_write_sanitized swallows errors.
Sep 2 2022, 2:20 AM · Not A Bug, gpgrt
DemiMarie created T6177: GnuPG mishandles write errors on status fd and stdout.
Sep 2 2022, 2:15 AM · gnupg

Jun 20 2022

DemiMarie abandoned D555: g10: Disallow compressed signatures and certificates.

Closing in favor of D556.

Jun 20 2022, 6:41 PM · gnupg
DemiMarie updated the diff for D556: Disallow compressed signatures and certificates.

When failing due to a bad packet in a detached signature, log the
packet's type.

Jun 20 2022, 6:40 PM
DemiMarie requested review of D556: Disallow compressed signatures and certificates.
Jun 20 2022, 6:32 PM
DemiMarie added a revision to T5993: gpg should reject compressed packets outside of messages: D556: Disallow compressed signatures and certificates.
Jun 20 2022, 6:32 PM · Feature Request, gnupg

Jun 18 2022

DemiMarie edited reviewers for D555: g10: Disallow compressed signatures and certificates, added: gniibe; removed: sergei, gp_ast.
Jun 18 2022, 1:38 AM · gnupg
DemiMarie added reviewers for D555: g10: Disallow compressed signatures and certificates: sergei, gp_ast.
Jun 18 2022, 1:35 AM · gnupg
DemiMarie removed a reviewer for D555: g10: Disallow compressed signatures and certificates: werner.
Jun 18 2022, 1:34 AM · gnupg

Jun 17 2022

DemiMarie updated the summary of D555: g10: Disallow compressed signatures and certificates.
Jun 17 2022, 8:37 PM · gnupg
DemiMarie added a comment to D555: g10: Disallow compressed signatures and certificates.

Compressed packets in detached signatures and/or certificates have never been permitted by any version of the standard.

Jun 17 2022, 8:36 PM · gnupg
DemiMarie updated subscribers of D555: g10: Disallow compressed signatures and certificates.
In D555#5569, @werner wrote:

Sorry, there is no padding packet in OpenPGP. Please do no try to push ideas from that crypto-refresh-06 thing into GnuPG. We continue to follow the last draft with consesus, which is rfc4880bis-10.

Jun 17 2022, 8:26 PM · gnupg
DemiMarie updated the diff for D555: g10: Disallow compressed signatures and certificates.
Jun 17 2022, 8:21 PM · gnupg

Jun 16 2022

DemiMarie added a comment to T6031: Creating an overlong notation hits a fatal error..

{please add comments instead of adding the description - a changed description makes it hard to understand follow up comments. I will change the title, though for clarity.]

Jun 16 2022, 7:19 PM · Bug Report, gnupg
DemiMarie edited projects for D555: g10: Disallow compressed signatures and certificates, added: gnupg; removed g10.
Jun 16 2022, 6:53 PM · gnupg
DemiMarie added a task to D555: g10: Disallow compressed signatures and certificates: T5993: gpg should reject compressed packets outside of messages.
Jun 16 2022, 6:53 PM · gnupg
DemiMarie added a revision to T5993: gpg should reject compressed packets outside of messages: D555: g10: Disallow compressed signatures and certificates.
Jun 16 2022, 6:53 PM · Feature Request, gnupg
DemiMarie retitled D555: g10: Disallow compressed signatures and certificates from Disallow compressed signatures and certificates to g10: Disallow compressed signatures and certificates.
Jun 16 2022, 6:53 PM · gnupg
DemiMarie raised the priority of T6021: GPG misparses `--list-options=show-sig-subpackets="100"a` from Low to Needs Triage.
Jun 16 2022, 6:52 PM · g10, Bug Report
DemiMarie added a comment to T6032: Assertion failure in gpg.

I will try, but it will likely be a while. In any case I believe you will need a Red Hat-family distro to trigger the bug; it happens when gpg trys to encrypt with a key that uses a public key algorithm libgcrypt does not support.

Jun 16 2022, 6:42 PM · RHEL, g10, Bug Report
DemiMarie reopened T6021: GPG misparses `--list-options=show-sig-subpackets="100"a` as "Open".

Reopening as it appears this issue was closed based on an incorrect understanding of what it is.

Jun 16 2022, 3:20 PM · g10, Bug Report
DemiMarie reopened T6032: Assertion failure in gpg as "Open".

Reopening as gpg’s handling of the situation is very much suboptimal.

Jun 16 2022, 3:19 PM · RHEL, g10, Bug Report
DemiMarie closed T6032: Assertion failure in gpg as Invalid.

Closing as I believe this is a downstream bug.

Jun 16 2022, 12:26 AM · RHEL, g10, Bug Report
DemiMarie updated the task description for T6031: Creating an overlong notation hits a fatal error..
Jun 16 2022, 12:03 AM · Bug Report, gnupg

Jun 15 2022

DemiMarie created T6032: Assertion failure in gpg.
Jun 15 2022, 11:34 PM · RHEL, g10, Bug Report
DemiMarie created T6031: Creating an overlong notation hits a fatal error..
Jun 15 2022, 9:46 PM · Bug Report, gnupg

Jun 13 2022

DemiMarie created T6029: ntbtls: Require TLS 1.2 or later + AEAD by default.
Jun 13 2022, 11:21 PM · Not A Bug, ntbtls
DemiMarie created T6028: gpgme should support creating clearsigned messages.
Jun 13 2022, 5:52 PM · Feature Request, gpgme

Jun 10 2022

DemiMarie added a comment to T6021: GPG misparses `--list-options=show-sig-subpackets="100"a`.

The quotes are irrelevant because they are evaluated by the shell and don't make a difference here.

Jun 10 2022, 11:59 PM · g10, Bug Report
DemiMarie added a reviewer for D555: g10: Disallow compressed signatures and certificates: werner.
Jun 10 2022, 9:44 PM · gnupg
DemiMarie updated the diff for D555: g10: Disallow compressed signatures and certificates.

Added missing context lines and replaced some tabs with spaces

Jun 10 2022, 9:42 PM · gnupg
DemiMarie requested review of D555: g10: Disallow compressed signatures and certificates.
Jun 10 2022, 9:01 PM · gnupg
DemiMarie created T6025: '--list-options=show-sig-subpackets="100"a` mishandled.
Jun 10 2022, 10:26 AM
DemiMarie added a comment to T6021: GPG misparses `--list-options=show-sig-subpackets="100"a`.

For clarification, the strings I have provided are raw argv elements as would be passed to execve(), with quoting already removed.

Jun 10 2022, 10:24 AM · g10, Bug Report
DemiMarie renamed T6024: gpg-agent segfaults if it receives an invalid response to a KEYPARAM inquire from gpg-agent segfaults if it receives an invalid response to a KEYPARAMS inquire to gpg-agent segfaults if it receives an invalid response to a KEYPARAM inquire.
Jun 10 2022, 10:21 AM · can't replicate, gnupg
DemiMarie created T6024: gpg-agent segfaults if it receives an invalid response to a KEYPARAM inquire.
Jun 10 2022, 4:14 AM · can't replicate, gnupg
DemiMarie added a comment to T6021: GPG misparses `--list-options=show-sig-subpackets="100"a`.

I am using GnuPG 2.3.4 on Fedora Linux. I am referring to --list-options=show-sig-subpackets="100"a (note the quotes). The bug is that the character after the trailing close quote is ignored, rather than being treated as an invalid option and causing an error. That is, I would expect show-sig-subpackets="100"a to be parsed as show-sig-subpackets="100",a or be an error.

Jun 10 2022, 4:10 AM · g10, Bug Report
DemiMarie added a comment to T6022: Socket activation for keyboxd and scdaemon.

gpg-agent --supervised being deprecated is highly surprising, especially because it works so well with systemd.

Jun 10 2022, 4:02 AM · Feature Request

Jun 9 2022

DemiMarie created T6022: Socket activation for keyboxd and scdaemon.
Jun 9 2022, 8:56 AM · Feature Request
DemiMarie created T6021: GPG misparses `--list-options=show-sig-subpackets="100"a`.
Jun 9 2022, 8:53 AM · g10, Bug Report

May 23 2022

DemiMarie added a comment to T5975: Allow signature verification using specific RSA keys <2k in FIPS mode.

I can imagine thar there are use cases for this. Thus I see no problems for the first part.

The second part is imho not a good idea. Libgcrypt is a building block for all kind of software and there are for sure legitimate reasons to use rsa512 (MCUs, short living keys, etc). Thus I think that the decision on the key size should be done by the software using libgcrypt.

May 23 2022, 5:56 PM · backport, patch, libgcrypt, FIPS, Feature Request
DemiMarie created T6001: Drop compression support in ntbtls.
May 23 2022, 5:52 PM · ntbtls
DemiMarie created T6000: GnuPG considers certain invalid UTF-8 to be valid.
May 23 2022, 5:42 PM
DemiMarie created T5999: Provide an ASCII-output-only mode.
May 23 2022, 5:40 PM

May 22 2022

DemiMarie added a comment to T5993: gpg should reject compressed packets outside of messages.

I would be okay with GnuPG ignoring such packets, but I do not want verifying a signature or importing a key to activate the decompression code and its associated attack surface.

May 22 2022, 8:57 PM · Feature Request, gnupg
DemiMarie added a comment to T5993: gpg should reject compressed packets outside of messages.

This specificiation is a draft which has not even been discussed in the WG. In any case gpg won't implement this because it would break processing of existing data.

May 22 2022, 8:56 PM · Feature Request, gnupg
DemiMarie created T5994: LC_ALL=C gpg should produce ASCII-only output.
May 22 2022, 12:42 AM · gnupg
DemiMarie created T5993: gpg should reject compressed packets outside of messages.
May 22 2022, 12:20 AM · Feature Request, gnupg
DemiMarie created T5992: gpg should reject compressed packets outside of messages.
May 22 2022, 12:19 AM · Duplicate