- User Since
- Mar 27 2017, 4:47 PM (146 w, 6 d)
Fri, Jan 17
Implemented in master.
It looks good.
Thu, Jan 16
With new "KEYINFO" command of scdaemon, finally, we can move on to support better selection of signing key.
(Note: having a private key on multiple cards had already been solved in T4301: Handling multiple subkeys on two SmartCards.)
In master, it has been implemented.
The first "SCD SERIALNO" command let scdaemon re-scan smartcards/tokens.
With new "KEYINFO" command in scdaemon, a list of card keys can be retrieved by:
There is no use cases for $SIGNKEYID.
$ENCRKEYID use case have been removed.
Fixed and backported.
Wed, Jan 15
Err.. Just removing the check may be the correct fix; It doesn't make sense to limit capability here.
Tue, Jan 14
I think rGe573e6188dad: gpg: Fix --default-key checks. should be fixed as:
diff --git a/g10/getkey.c b/g10/getkey.c index ad5dd8e01..cc908964e 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1860,7 +1860,8 @@ parse_def_secret_key (ctrl_t ctrl) PKT_public_key *pk = node->pkt->pkt.public_key;
$ export GNUPGHOME=<somewhere> # Create a key with "C"-only capability $ gpg --quick-gen-key "test-user <firstname.lastname@example.org>" ed25519 cert # Create another key (or get/import it) $ gpg --quick-gen-key "2020-user <email@example.com>" ed25519 # Sign with the first key to the second key with --default-key $ gpg --default-key 7694AB44DED1154CEB981059B0B36418AF85C918 --lsign 72FF31542DB059A507BAF81BE05523DEB4B018E6
rGe573e6188dad: gpg: Fix --default-key checks. is suspicious.
Mon, Jan 13
- gpg: use "SCD KEYINFO --list=auth" for ssh access (1)
- SSH access change
- GETATTR by KEYGRIP
- READKEY by KEYGRIP
- [DONE] gpg: use "SCD KEYINFO --list=auth" for ssh access (2)
- Don't use $AUTHKEYID anymore
- Check use case of $ENCRKEYID (other than keygen)
- Do same for $SIGNKEYID
$AUTHKEYID use cases have been removed.
Fri, Jan 10
Thu, Jan 9
Wed, Jan 8
The particular part of mkheader compilation with -O0 was introduced by dkg for cross build support.
I believe that -O<number> (where <number> is not zero) is common but -O<something-other> is dependent.
Requesting non-optimization by -O0 seems GCC specific.
(I grep-ped autoconf-archive and observed the use cases of -O0.)
Tue, Jan 7
Mon, Jan 6
Mon, Dec 30
- Chopstx USB driver for GD32VF103
- in the master branch of Chopstx
Fri, Dec 27
Dec 19 2019
Considering the concrete use case(s), it is more rational to support listing by capability.
Dec 18 2019
Dec 16 2019
- Recover from cold (which I got when I visited elementary school)
- accounting for my business
- a fix of nPth for corner cases
- On GNU/Linux, only expose npth_rwlock* API when __USE_UNIX98 or __USE_XOPEN2K, because PTHREAD_RWLOCK_* is only available in this condition.
- Investigate remaining SERIALNO issue for scdaemon: T4695: Remove SERIALNO as an identifier to select keys
- Set up my test environment for:
- Scute with Yubikey using PIV
- Are there any site for testing this? Shall we have a page for testing X.509 client certificate authentication?
- Scute with Yubikey using PIV
- USB driver for GD32VF103
Dec 9 2019
Todays topic from me:
- Chasing a bug in: T4256: gpg-agent: Spurious pinentries for an already unlocked key when decryption OpenPGP in 10 threads
- If gpg-agent's option auto-expand-secmem can dismiss the pinentry pop-up, my analysis is correct
- fundamentally, the total fix may be possible by serializing cryptographic operations
- simple way is only one operation at most
- ideally, multiple operations at once by measuring amount of available resource
- scan the tasks: Mostly for pinentry and libgpg-error to consolidate common things
- those are not high priority, though
- confirmed that: on GD32VF103
- USART and SPI are as same as GD32F103/STM32F103
- USB is different, it's like STM32F105
- scan the tasks
- write an invoice to g10code
- considering a proposal (2020) to Purism
- Fully Free (PCB design, firmware) USB Keyboard
- If it is OK, use of GD32VF103 (RISC-V) would be good
Dec 6 2019
In 2.2.18, this fix is not included. (partial fix was reverted)