gniibe (NIIBE Yutaka)Administrator
User

Projects (7)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:47 PM (192 w, 3 d)
Roles
Administrator
Availability
Available

Recent Activity

Today

gniibe triaged T5161: scd: For NetKey cards KEYINFO with keygrip fails as Normal priority.
Thu, Dec 3, 8:26 AM · Testing, scd
gniibe claimed T5161: scd: For NetKey cards KEYINFO with keygrip fails.

I think that T5150 was also not fixed completely.

Thu, Dec 3, 8:26 AM · Testing, scd
gniibe committed rG87d2c579cc38: scd:nks: Fix caching keygrip (more). (authored by gniibe).
scd:nks: Fix caching keygrip (more).
Thu, Dec 3, 8:25 AM
gniibe added a commit to T5150: scd: For NetKey cards READKEY with keygrip fails: rG87d2c579cc38: scd:nks: Fix caching keygrip (more)..
Thu, Dec 3, 8:25 AM · backport, gnupg (gpg23), scd
gniibe added a commit to T5161: scd: For NetKey cards KEYINFO with keygrip fails: rG87d2c579cc38: scd:nks: Fix caching keygrip (more)..
Thu, Dec 3, 8:25 AM · Testing, scd
gniibe added a comment to T5161: scd: For NetKey cards KEYINFO with keygrip fails.

I found a bug which resulted "Not Found <SCD>" when "SCD KEYINFO" is used with "--data" or "--".
It is fixed in [rG54b88ae46}.

Thu, Dec 3, 7:44 AM · Testing, scd
gniibe committed rG54b88ae46062: scd: Fix KEYINFO command with --data option. (authored by gniibe).
scd: Fix KEYINFO command with --data option.
Thu, Dec 3, 7:32 AM
gniibe edited projects for T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card, added: gnupg, backport; removed gnupg (gpg22).

Fixed in master. I will backport to 2.2.

Thu, Dec 3, 7:08 AM · backport, gnupg, scd, Bug Report
gniibe committed rGa25c99b156ca: scd:openpgp: Fix writing ECC key to card. (authored by gniibe).
scd:openpgp: Fix writing ECC key to card.
Thu, Dec 3, 7:07 AM
gniibe added a commit to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card: rGa25c99b156ca: scd:openpgp: Fix writing ECC key to card..
Thu, Dec 3, 7:07 AM · backport, gnupg, scd, Bug Report
gniibe added a comment to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.

I was wrong. Patch is being updated...

Thu, Dec 3, 6:33 AM · backport, gnupg, scd, Bug Report
gniibe committed rM7a4fe82a017b: python: Fix key_export*. (authored by gniibe).
python: Fix key_export*.
Thu, Dec 3, 4:30 AM
gniibe added a commit to T5149: Incorrect error handling in export_key_minimal(): rM7a4fe82a017b: python: Fix key_export*..
Thu, Dec 3, 4:30 AM · Python, gpgme, Bug Report
gniibe committed rC16e855d49ca2: tests: Put a work around to tests/random for macOS. (authored by gniibe).
tests: Put a work around to tests/random for macOS.
Thu, Dec 3, 3:54 AM
gniibe committed rC9769b40b54cf: tests: Put a work around to tests/random for macOS. (authored by gniibe).
tests: Put a work around to tests/random for macOS.
Thu, Dec 3, 3:54 AM
gniibe added a commit to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac: rC9769b40b54cf: tests: Put a work around to tests/random for macOS..
Thu, Dec 3, 3:54 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe claimed T5149: Incorrect error handling in export_key_minimal().

Thanks. Fixed in rM7a4fe82a017b: python: Fix key_export*..

Thu, Dec 3, 3:40 AM · Python, gpgme, Bug Report
gniibe triaged T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac as Normal priority.
Thu, Dec 3, 3:11 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe changed the status of T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac from Open to Testing.
Thu, Dec 3, 3:11 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a project to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac: Testing.

So, I'm going to push D513 to both of 1.8 and master (to be 1.9).

Thu, Dec 3, 1:07 AM · Testing, MacOS, libgcrypt, Bug Report

Yesterday

gniibe added a comment to T5161: scd: For NetKey cards KEYINFO with keygrip fails.

I can't see how it occurs. "SCE KEYINFO" and "SCD READKEY" with keygrip both goes exactly same code path (the difference is only the "action" argument).

Wed, Dec 2, 9:13 AM · Testing, scd
gniibe added a comment to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.

You better wipe ecc_d_padded or use xtrymalloc_secure.

Wed, Dec 2, 9:07 AM · backport, gnupg, scd, Bug Report
gniibe triaged T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card as High priority.
Wed, Dec 2, 4:07 AM · backport, gnupg, scd, Bug Report
gniibe added a comment to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.

Here is a patch:

Wed, Dec 2, 4:06 AM · backport, gnupg, scd, Bug Report
gniibe claimed T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.
Wed, Dec 2, 3:32 AM · backport, gnupg, scd, Bug Report
gniibe added a comment to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.

In future, please try to minimize your log. Your log actually includes information of the session of keytocard before setting key attribute correctly.

Wed, Dec 2, 3:31 AM · backport, gnupg, scd, Bug Report
gniibe removed a project from T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac: Info Needed.

I created D513: Support macOS build with SIP by using posix_spawn in tests/random, which is more conservative; It only affects build under macOS.

Wed, Dec 2, 2:22 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe created D513: Support macOS build with SIP by using posix_spawn in tests/random.
Wed, Dec 2, 2:17 AM

Tue, Dec 1

gniibe closed T5151: GPGME++ : bad passphrase problems as Resolved.
Tue, Dec 1, 5:34 AM · segv, gpgme, Bug Report
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

BTW, I'm not sure if the claim in T5009#136688 is correct.

Tue, Dec 1, 4:18 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

See also: https://dev.gnupg.org/T5009#136688

Tue, Dec 1, 3:16 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

See my comment in: https://dev.gnupg.org/T5024#139701

Tue, Dec 1, 3:10 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5024: libtool problem for some platforms for 'make check' (program built with -no-install won't work without installation).

For macOS, with SIP, some program like libgcrypt/tests/random fails, because the hack for DYLD_LIBRARY_PATH by libtool doesn't work for child process:
https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/RuntimeProtections/RuntimeProtections.html

Tue, Dec 1, 3:09 AM · toolchain

Mon, Nov 30

GPF awarded T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)) a Love token.
Mon, Nov 30, 11:30 AM · Testing, gnupg, Feature Request
gniibe added projects to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac: MacOS, Info Needed.

IIUC, for the build of Homebrew, it is the issue of in: https://github.com/Homebrew/homebrew-core/commit/e7da1e2157b2e8373c3b39ea6398f51588ea537c

Mon, Nov 30, 7:30 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

Please have a look at T5024: libtool problem for some platforms for 'make check' (program built with -no-install won't work without installation), if make check works after the installation of libgcrypt.

Mon, Nov 30, 7:11 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

See {TT2056}.

Mon, Nov 30, 7:09 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to E828: Weekly Standup.

Last week:

This week:

Mon, Nov 30, 6:01 AM
gniibe is attending E828: Weekly Standup.
Mon, Nov 30, 5:51 AM
gniibe added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.
Mon, Nov 30, 2:51 AM · Testing, MacOS, libgcrypt, Bug Report
gniibe added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.

ARM64 has been only tested on platforms which support ELF.

Mon, Nov 30, 2:48 AM · toolchain, MacOS, libgcrypt, Bug Report

Fri, Nov 27

gniibe changed the status of T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds from Open to Testing.
Fri, Nov 27, 7:21 AM · backport, Testing, scd, gnupg
gniibe committed rGbb591222c3c5: scd:ccid-driver: Fix pinpad error handling for cancel/timeout. (authored by gniibe).
scd:ccid-driver: Fix pinpad error handling for cancel/timeout.
Fri, Nov 27, 7:21 AM
gniibe added a commit to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds: rGbb591222c3c5: scd:ccid-driver: Fix pinpad error handling for cancel/timeout..
Fri, Nov 27, 7:21 AM · backport, Testing, scd, gnupg
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

Finally, with the physical device, I figure out what's going on.
The error handling in bulk_in in ccid-driver.c is not good for pinpad input.
It doesn't return an error when it is cancelled or timeout (for the user interaction).
And it calls libusb_clear_hald which causes screwed up situation.

Fri, Nov 27, 7:17 AM · backport, Testing, scd, gnupg

Thu, Nov 26

gniibe added a comment to T3722: gpg "No name" error.

Or it might be related issue of name server access like in T3168: dirmngr: gpg: keyserver receive failed: No keyserver available.

Thu, Nov 26, 7:56 AM · dns
gniibe added a parent task for T3168: dirmngr: gpg: keyserver receive failed: No keyserver available: T3517: dirmngr: retry without SRV due to buggy routers.
Thu, Nov 26, 7:51 AM · dns, dirmngr
gniibe added a subtask for T3517: dirmngr: retry without SRV due to buggy routers: T3168: dirmngr: gpg: keyserver receive failed: No keyserver available.
Thu, Nov 26, 7:51 AM · Feature Request, dns, dirmngr
gniibe closed T3524: "GnuPG MiniHOWTO" English version page unavailable as Resolved.

As of November 2020, the redirect problem has gone.
And we addressed that as "Legacy GnuPG MiniHOWTO" in rDd51cd2013e66: web: Add warning notes to most HOWTOS..

Thu, Nov 26, 7:42 AM · Bad link, gpgweb
gniibe merged task T3722: gpg "No name" error into T3517: dirmngr: retry without SRV due to buggy routers.
Thu, Nov 26, 7:31 AM · dns
gniibe merged T3722: gpg "No name" error into T3517: dirmngr: retry without SRV due to buggy routers.
Thu, Nov 26, 7:31 AM · Feature Request, dns, dirmngr
gniibe added a comment to T3722: gpg "No name" error.

This must be an issue of SRV record retrieval.
Merging.

Thu, Nov 26, 7:31 AM · dns
gniibe merged task T3574: gpg-agent doesn't pick up ssh certificates into T1756: gpg-agent doesn't accept ssh certificates.
Thu, Nov 26, 7:20 AM · Bug Report
gniibe merged T3574: gpg-agent doesn't pick up ssh certificates into T1756: gpg-agent doesn't accept ssh certificates.
Thu, Nov 26, 7:20 AM · gnupg, Feature Request
gniibe closed T4004: Curve25519 for Zeitcontrol card as Resolved.

Support was added in version 3 card.

Thu, Nov 26, 7:17 AM · Feature Request, scd
gniibe merged task T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol into T4977: dirmngr not working with linux kernel parameter ipv6.disable=1.
Thu, Nov 26, 7:15 AM · Bug Report
gniibe merged T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol into T4977: dirmngr not working with linux kernel parameter ipv6.disable=1.
Thu, Nov 26, 7:15 AM · Testing, gnupg (gpg22), dirmngr, Bug Report
gniibe added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

Because the original problem of EAFNOSUPPORT has been fixed, I am going to close this bug.

Thu, Nov 26, 7:14 AM · Bug Report
gniibe added a comment to T4152: command 'KS_GET' failed: Operation not permitted.

It is likely that EPERM (Operation not permitted) occurs by a system call connect(2) if you have some firewall rule(s) which forbids network access.
The dirmngr use libdns resolver which directly connects name servers.
If this is the case, you can use `--standard-resolver\ to use system's standard DNS resolver instead.

Thu, Nov 26, 6:50 AM · Bug Report
gniibe closed T4153: no dirmngr.log created after previous command 'KS_GET' failed: Operation not permitted as Invalid.

The log file specified in .gnupg/dirmngr.conf is created at the start of dirmngr.
dirmngr is invokded by the first call of gpg, and it keeps running and handle next request from second invocation of gpg.
So, nothing is problem.

Thu, Nov 26, 6:47 AM · Not A Bug
gniibe added a comment to T5055: APPCRASH with libKF5ConfigWidgets.dll.

On Debian, please see: /usr/share/doc/g++-mingw-w64-i686-win32/README.Debian

Thu, Nov 26, 6:15 AM · Bug Report, gpg4win
gniibe added a comment to T5055: APPCRASH with libKF5ConfigWidgets.dll.

IIUC, the error occurred when Kleo is exiting and a destructor (in libKF5ConfigWidgets) is called with null pointer.

Thu, Nov 26, 3:57 AM · Bug Report, gpg4win
gniibe merged T4640: Outdated text and links at <http://git.gnupg.org/> into T4963: Update GnuPG versions listed on https://git.gnupg.org/.
Thu, Nov 26, 2:31 AM · gpgweb, Bug Report
gniibe merged task T4640: Outdated text and links at <http://git.gnupg.org/> into T4963: Update GnuPG versions listed on https://git.gnupg.org/.
Thu, Nov 26, 2:31 AM · gpgweb, Bug Report
gniibe added a comment to T4640: Outdated text and links at <http://git.gnupg.org/>.

Fixed in rDf810f0bc5b13: git.gnupg.org: Update entry page.

Thu, Nov 26, 2:31 AM · gpgweb, Bug Report
gniibe added a comment to T5151: GPGME++ : bad passphrase problems.

For ctx->exportPublicKeys returning 0 even when a failure, (with fix of gpg) error handling should be done differently.

Thu, Nov 26, 2:22 AM · segv, gpgme, Bug Report
gniibe committed rG605ab99912ac: gpg: Report an error for receiving key from agent. (authored by gniibe).
gpg: Report an error for receiving key from agent.
Thu, Nov 26, 1:52 AM
gniibe added a commit to T5151: GPGME++ : bad passphrase problems: rG605ab99912ac: gpg: Report an error for receiving key from agent..
Thu, Nov 26, 1:52 AM · segv, gpgme, Bug Report
gniibe added a comment to T5150: scd: For NetKey cards READKEY with keygrip fails.

Applied and push the change above in rG920154370834: scd,nks: Fix caching keygrip..

Thu, Nov 26, 1:38 AM · backport, gnupg (gpg23), scd
gniibe committed rG920154370834: scd,nks: Fix caching keygrip. (authored by gniibe).
scd,nks: Fix caching keygrip.
Thu, Nov 26, 1:38 AM
gniibe added a commit to T5150: scd: For NetKey cards READKEY with keygrip fails: rG920154370834: scd,nks: Fix caching keygrip..
Thu, Nov 26, 1:38 AM · backport, gnupg (gpg23), scd

Wed, Nov 25

gniibe triaged T5150: scd: For NetKey cards READKEY with keygrip fails as Normal priority.
Wed, Nov 25, 3:48 AM · backport, gnupg (gpg23), scd
gniibe added a comment to T5150: scd: For NetKey cards READKEY with keygrip fails.

For the first issue, I pushed the change in rGc3a20c88fb30: scd: Fix an error return for READKEY..

Wed, Nov 25, 3:48 AM · backport, gnupg (gpg23), scd
gniibe committed rGc3a20c88fb30: scd: Fix an error return for READKEY. (authored by gniibe).
scd: Fix an error return for READKEY.
Wed, Nov 25, 3:45 AM
gniibe added a commit to T5150: scd: For NetKey cards READKEY with keygrip fails: rGc3a20c88fb30: scd: Fix an error return for READKEY..
Wed, Nov 25, 3:45 AM · backport, gnupg (gpg23), scd
gniibe committed rG006944b856ee: scd,nks: Fix SEGV for learn for older card. (authored by gniibe).
scd,nks: Fix SEGV for learn for older card.
Wed, Nov 25, 2:38 AM
gniibe added a commit to T5144: scd: Fails/crashes on SCD LEARN --keypairinfo for NetKey cards: rG006944b856ee: scd,nks: Fix SEGV for learn for older card..
Wed, Nov 25, 2:38 AM · Testing, gnupg (gpg23), scd
gniibe changed the status of T5144: scd: Fails/crashes on SCD LEARN --keypairinfo for NetKey cards, a subtask of T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, from Open to Testing.
Wed, Nov 25, 2:37 AM · kleopatra
gniibe changed the status of T5144: scd: Fails/crashes on SCD LEARN --keypairinfo for NetKey cards from Open to Testing.
Wed, Nov 25, 2:37 AM · Testing, gnupg (gpg23), scd
gniibe claimed T5144: scd: Fails/crashes on SCD LEARN --keypairinfo for NetKey cards.

Fixed in rG006944b856ee: scd,nks: Fix SEGV for learn for older card..

Wed, Nov 25, 2:37 AM · Testing, gnupg (gpg23), scd
gniibe added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

Great. Please apply the patch.

Wed, Nov 25, 1:42 AM · Testing, gnupg, scd, yubikey, kleopatra
gniibe added a comment to T5151: GPGME++ : bad passphrase problems.

More specifically, in the situation of multiple calls, ->getPassphrase is called multiple times, and it should return newly allocated "char *" object each time, because it is released each time (in lower layer).

Wed, Nov 25, 1:22 AM · segv, gpgme, Bug Report
gniibe added a comment to T5151: GPGME++ : bad passphrase problems.

My excuse: Please note that the support of exporting secret keys by GPGME are relatively new feature (see {T5046) and the fix rM3382ecb17eb5: core: Support exporting secret keys.). The fix of rM53ac732bae46: core: Call _gpgme_passphrase_status_handler when exporting keys. is a part of the support.
I think that we need more fixes for gpg/gpgme to be fully working well.

Wed, Nov 25, 12:51 AM · segv, gpgme, Bug Report

Tue, Nov 24

gniibe added a comment to T1954: Password too long.

Please use shorter password.

Tue, Nov 24, 8:54 AM · Info Needed, gnupg (gpg20), Bug Report, gnupg
gniibe added a comment to T5151: GPGME++ : bad passphrase problems.

Currently, gpg doesn't report any errors to status line for exporting secret keys. If needed, a patch like this is needed:

Tue, Nov 24, 8:12 AM · segv, gpgme, Bug Report
gniibe committed rM53ac732bae46: core: Call _gpgme_passphrase_status_handler when exporting keys. (authored by gniibe).
core: Call _gpgme_passphrase_status_handler when exporting keys.
Tue, Nov 24, 7:09 AM
gniibe added a comment to T5151: GPGME++ : bad passphrase problems.

Chasing this bug, I pushed a change: rM53ac732bae46: core: Call _gpgme_passphrase_status_handler when exporting keys.

Tue, Nov 24, 7:08 AM · segv, gpgme, Bug Report

Mon, Nov 23

gniibe added a comment to E819: Weekly Standup.

Last week:

This week

Mon, Nov 23, 8:51 AM
gniibe is attending E819: Weekly Standup.
Mon, Nov 23, 8:46 AM

Fri, Nov 20

gniibe added a comment to rG0a265d6498e8: gpg,agent: Fix comments for KEYPAIRINFO status report..

Thanks, I was wrong.

Fri, Nov 20, 9:25 AM
gniibe committed rG777019faf0b8: gpg: Change API of agent_scd_serialno. (authored by gniibe).
gpg: Change API of agent_scd_serialno.
Fri, Nov 20, 9:20 AM
gniibe committed rGcc8b99d18e26: Fix the previous comment changes help doc string. (authored by gniibe).
Fix the previous comment changes help doc string.
Fri, Nov 20, 9:20 AM
gniibe added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

How about distinguishing CARDNO and application specific SERIALNO?

Fri, Nov 20, 8:38 AM · Testing, gnupg, scd, yubikey, kleopatra
gniibe committed rGPAb40ff3b1f20d: build: Update to newer autoconf constructs. (authored by gniibe).
build: Update to newer autoconf constructs.
Fri, Nov 20, 8:26 AM
gniibe committed rSbd471ef56c08: build: Update to newer autoconf constructs. (authored by gniibe).
build: Update to newer autoconf constructs.
Fri, Nov 20, 6:37 AM
gniibe committed rM4c6fd361593e: m4: Update with newer autoconf constructs. (authored by gniibe).
m4: Update with newer autoconf constructs.
Fri, Nov 20, 4:12 AM
gniibe committed rG0a265d6498e8: gpg,agent: Fix comments for KEYPAIRINFO status report. (authored by gniibe).
gpg,agent: Fix comments for KEYPAIRINFO status report.
Fri, Nov 20, 1:58 AM
gniibe added a comment to T5039: 2.2.22 regression: Nitrokey Pro 2 is no longer recognized automatically, requires --card-status.

Yes, it is due to a backport from master: rG1049f06c6d2e: scd:openpgp: Allow keygrip to be used to reference a key
Fixed in rG84020385be19: scd:openpgp: Public keys should be available for check_keyidstr..

Fri, Nov 20, 1:42 AM · Testing, gnupg (gpg22), Bug Report

Thu, Nov 19

gniibe added a comment to T5143: YubiKey 5 Nano GPG --card-edit verify command causes a segfault.

I looked the gpg-agent.log, it indeed suggested the problem fixed in rG61aea64b3c17: scd: Fix the use case of verify_chv2 by CHECKPIN., which is included in 2.2.24.

Thu, Nov 19, 11:54 AM · gnupg (gpg22), Bug Report
gniibe claimed T5143: YubiKey 5 Nano GPG --card-edit verify command causes a segfault.

You have multiple readers and using PC/SC by specifying reader-port.
We fixed in master by T4998: scdaemon: PC/SC "No such device" without reader-port, and I didn't know similar fixes should be backported.
I will soon.

Thu, Nov 19, 9:24 AM · gnupg (gpg22), Bug Report