gniibe (NIIBE Yutaka)Administrator
User

Projects (7)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Sunday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:47 PM (120 w, 3 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

gniibe added a comment to T4619: Unable to decrypt symmetric-key encrypted data.

If the use of GnuPG (current implementation) is a condition, I think that you could improve the generation of SKESK packets, so that no other passphrase can not let gpg misunderstand as it may decrypt encrypted packet.

Thu, Jul 18, 11:48 PM · gnupg (gpg22), Bug Report
gniibe committed rPTH6b8ed75b40e6: build: Add -no-install for LDFLAGS of test programs. (authored by gniibe).
build: Add -no-install for LDFLAGS of test programs.
Thu, Jul 18, 8:55 AM
gniibe added a commit to T4298: 'make check' with uninstalled library, which is building now (even if rpath doesn't work well): rPTH2501a48930eb: build: With LD_LIBRARY_PATH defined, use --disable-new-dtags..
Thu, Jul 18, 8:55 AM
gniibe committed rPTH2501a48930eb: build: With LD_LIBRARY_PATH defined, use --disable-new-dtags. (authored by gniibe).
build: With LD_LIBRARY_PATH defined, use --disable-new-dtags.
Thu, Jul 18, 8:55 AM
gniibe added a project to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3: Info Needed.

Please let us know what kind of key and how large, like RSA-4096 or ECC Brainpool.
For RSA 2048 or larger, yes, it takes too long.

Thu, Jul 18, 7:47 AM · OpenPGP, scd, Bug Report
gniibe triaged T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools as Normal priority.
Thu, Jul 18, 7:41 AM · libassuan, Feature Request
gniibe claimed T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools.

Thanks.
Merged (with line break in the Makefile.am and formatting of commit message.

Thu, Jul 18, 7:39 AM · libassuan, Feature Request
gniibe committed rA98d7c7ea3f37: build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper programs. (authored by dkg).
build: Use {CFLAGS,CPPFLAGS,LDFLAGS}_FOR_BUILD for helper programs.
Thu, Jul 18, 7:37 AM
gniibe added a comment to T4619: Unable to decrypt symmetric-key encrypted data.

I mean, if all SKESK packets should be tried, we need some larger surgery of current implementation.

Thu, Jul 18, 5:07 AM · gnupg (gpg22), Bug Report
gniibe added a comment to T4619: Unable to decrypt symmetric-key encrypted data.

Is it possible for your application (DOTS), to specify the packet number for SKESKP, not trying all SKESK packets?


^-- with this change, we can decrypt the skesks.asc with --passphrase-repeat=169, and skesks2.asc with --passphrase-repeat=30

Thu, Jul 18, 5:05 AM · gnupg (gpg22), Bug Report
gniibe committed rG44be675b759d: gpg: More check for symmetric key encryption. (authored by gniibe).
gpg: More check for symmetric key encryption.
Thu, Jul 18, 4:05 AM

Tue, Jul 16

gniibe added a comment to T4042: RFC 4880 compliance.

It was rG07250279e7ec: * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password". in 2004, which set default to rfc2440-text behavior.
And in 2007, the commit rGb550330067b6: * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default. Enable… changed the default to no-rfc2440-text.

Tue, Jul 16, 10:20 AM · OpenPGP, gnupg
gniibe closed T4105: Inconsistent output for revocation keys in --list-keys --with-colons as Resolved.

Thanks, fixed in master.

Tue, Jul 16, 9:55 AM · Documentation, gnupg, Bug Report
gniibe committed rG4195ce15f494: doc: Fix description of the field 11. (authored by gniibe).
doc: Fix description of the field 11.
Tue, Jul 16, 9:55 AM
gniibe added a commit to T4105: Inconsistent output for revocation keys in --list-keys --with-colons: rG4195ce15f494: doc: Fix description of the field 11..
Tue, Jul 16, 9:55 AM · Documentation, gnupg, Bug Report
gniibe added a comment to T4623: pkg-config for mingw needs to emit -lws2_32.

Current situation of *.pc: static linking is not supported (yet).
It has never supported, actually, by *-config.

Tue, Jul 16, 5:49 AM · Windows, gpgrt, Bug Report
gniibe triaged T4594: dirmngr appears to unilaterally import system CAs as Normal priority.

While I understand incorrectness, the risk in practice is not that high. So, I put this as "normal" priority.

Tue, Jul 16, 5:35 AM · Bug Report, dirmngr, gnupg (gpg22)
gniibe added a comment to T4619: Unable to decrypt symmetric-key encrypted data.

In the current implementation of GnuPG, multiple packets of Symmetric-Key Encrypted Session Key Packet are not handled very well.

Tue, Jul 16, 4:03 AM · gnupg (gpg22), Bug Report
gniibe changed the status of T4594: dirmngr appears to unilaterally import system CAs from Open to Testing.

Pushed the change to master as well as 2.2 branch.

Tue, Jul 16, 3:15 AM · Bug Report, dirmngr, gnupg (gpg22)
gniibe committed rG58e234fbeb6c: dirmngr: Don't add system CAs for SKS HKPS pool. (authored by gniibe).
dirmngr: Don't add system CAs for SKS HKPS pool.
Tue, Jul 16, 3:14 AM
gniibe added a commit to T4594: dirmngr appears to unilaterally import system CAs: rG58e234fbeb6c: dirmngr: Don't add system CAs for SKS HKPS pool..
Tue, Jul 16, 3:14 AM · Bug Report, dirmngr, gnupg (gpg22)
gniibe committed rG75e0ec65170b: dirmngr: Don't add system CAs for SKS HKPS pool. (authored by gniibe).
dirmngr: Don't add system CAs for SKS HKPS pool.
Tue, Jul 16, 3:13 AM
gniibe added a commit to T4594: dirmngr appears to unilaterally import system CAs: rG75e0ec65170b: dirmngr: Don't add system CAs for SKS HKPS pool..
Tue, Jul 16, 3:13 AM · Bug Report, dirmngr, gnupg (gpg22)
gniibe committed rGb7df72d3074b: gpg: Fix keyring retrieval. (authored by gniibe).
gpg: Fix keyring retrieval.
Tue, Jul 16, 1:34 AM
gniibe committed rGeb00a14f6d2d: gpg: Improve import slowness. (authored by gniibe).
gpg: Improve import slowness.
Tue, Jul 16, 1:34 AM
gniibe added a commit to T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate: rGb7df72d3074b: gpg: Fix keyring retrieval..
Tue, Jul 16, 1:34 AM · gnupg (gpg23), Bug Report

Mon, Jul 15

gniibe committed rC0147a5e69e49: tests: t-mpi-point: Remove implementation dependent checks. (authored by gniibe).
tests: t-mpi-point: Remove implementation dependent checks.
Mon, Jul 15, 9:52 AM
gniibe committed rC8a0bde8c211c: tests: t-mpi-point: Remove implementation dependent checks. (authored by gniibe).
tests: t-mpi-point: Remove implementation dependent checks.
Mon, Jul 15, 9:52 AM
gniibe added a comment to E510: Weekly Standup.

Last week:

This week:

  • libgcrypt master: Doesn't work on my chromebook
  • libgcrypt: ECC problem: the one like CVE-2018-20187
    • just a simple fix
  • scdaemon: Multiple card support
    • master branch breakage
    • possible PC/SC change
Mon, Jul 15, 9:33 AM
gniibe added a comment to E507: Weekly Standup.
Mon, Jul 15, 9:09 AM
gniibe claimed T4623: pkg-config for mingw needs to emit -lws2_32.
Mon, Jul 15, 9:00 AM · Windows, gpgrt, Bug Report
gniibe is attending E510: Weekly Standup.
Mon, Jul 15, 7:30 AM

Fri, Jul 12

gniibe added a comment to T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate.

About importing, there are two other works: repairing and trustdb update. We can figure out the difference by the --import-options of no-repair-keys and fast-import (to skip those works).
I think that both can be O(N^2) for number of signatures.

Fri, Jul 12, 11:03 PM · gnupg (gpg23), Bug Report
gniibe changed the status of T4280: gnupg doc doesn't build due to ImageMagick default policy from Open to Testing.

I disabled the dependency rules for the figures (it's only enabled for maintainers).

Fri, Jul 12, 1:34 PM · gnupg, Documentation, Info Needed, Bug Report
gniibe committed rG58bab1a8784b: doc: Dependencies for figures are only for maintainers. (authored by gniibe).
doc: Dependencies for figures are only for maintainers.
Fri, Jul 12, 10:25 AM
gniibe added a commit to T4280: gnupg doc doesn't build due to ImageMagick default policy: rG58bab1a8784b: doc: Dependencies for figures are only for maintainers..
Fri, Jul 12, 10:25 AM · gnupg, Documentation, Info Needed, Bug Report
gniibe committed rMd9387650ffb1: python: doc: Add suffix for org files. (authored by gniibe).
python: doc: Add suffix for org files.
Fri, Jul 12, 8:43 AM
gniibe committed rM36428d8cf153: python: doc: Remove generated files, put rules in Makefile. (authored by gniibe).
python: doc: Remove generated files, put rules in Makefile.
Fri, Jul 12, 8:43 AM
gniibe added a commit to T4275: python gpg binding VCS contains generated files (documentation): rM36428d8cf153: python: doc: Remove generated files, put rules in Makefile..
Fri, Jul 12, 8:43 AM · gpgme, Bug Report
gniibe closed T4275: python gpg binding VCS contains generated files (documentation) as Resolved.

Fixed.

Fri, Jul 12, 7:55 AM · gpgme, Bug Report
gniibe committed rG4e601c7643fc: Fix a reference in comment. (authored by gniibe).
Fix a reference in comment.
Fri, Jul 12, 5:12 AM
gniibe committed rG89303b9998ea: gpg: Don't try decryption by session key when NULL. (authored by gniibe).
gpg: Don't try decryption by session key when NULL.
Fri, Jul 12, 2:30 AM
gniibe added a comment to T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.

If I were testing more, I would generate many (say, 1000, or more, for example) encrypted message by the tool (IBM Encryption Facility), to examine by GnuPG and figure out some patterns of failure.

Fri, Jul 12, 2:23 AM · gnupg (gpg22), Bug Report

Thu, Jul 11

gniibe added a comment to T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.

While I only observed the output of --list-packet, what I see are:

Thu, Jul 11, 9:59 AM · gnupg (gpg22), Bug Report
gniibe claimed T4594: dirmngr appears to unilaterally import system CAs.

With NTBTLS, it seems it works correctly.

Thu, Jul 11, 9:36 AM · Bug Report, dirmngr, gnupg (gpg22)
gniibe added projects to T4563: gpg-agent fails to sign request: gpgagent, Info Needed.

Which SSH client are you using?

Thu, Jul 11, 8:42 AM · Info Needed, gpgagent, Bug Report
gniibe claimed T4587: pinentry-gnome3 grabs input (is system modal) despite`--no-global-grab` or `OPTION no-grab`.

gpg-agent side is fixed to relax the error handling.

Thu, Jul 11, 7:57 AM · gpgagent, pinentry
gniibe committed rG02d8b383833b: agent: Relax the handling of pinentry error for keyboard grab. (authored by gniibe).
agent: Relax the handling of pinentry error for keyboard grab.
Thu, Jul 11, 7:56 AM
gniibe added a commit to T4587: pinentry-gnome3 grabs input (is system modal) despite`--no-global-grab` or `OPTION no-grab`: rG02d8b383833b: agent: Relax the handling of pinentry error for keyboard grab..
Thu, Jul 11, 7:56 AM · gpgagent, pinentry
gniibe committed rGb31060425226: scd: Fix internal CCID driver, so that -DTEST works. (authored by gniibe).
scd: Fix internal CCID driver, so that -DTEST works.
Thu, Jul 11, 7:38 AM
gniibe committed rE7ffab1750fde: Fix signedness for a single-bit field. (authored by gniibe).
Fix signedness for a single-bit field.
Thu, Jul 11, 7:01 AM
gniibe committed rG2536bf276189: scd: Fix debug logging of the internal CCID driver. (authored by gniibe).
scd: Fix debug logging of the internal CCID driver.
Thu, Jul 11, 6:25 AM
gniibe committed rG29c7fb4053d2: gpg: Fix getting User ID. (authored by gniibe).
gpg: Fix getting User ID.
Thu, Jul 11, 5:40 AM
gniibe closed T4598: curses: dialog broken with wide characters as Resolved.
Thu, Jul 11, 3:53 AM · pinentry
gniibe added a comment to T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate.

For the particular problem of --list-key with pubring.gpg, I think we can say it's fixed.

Thu, Jul 11, 3:13 AM · gnupg (gpg23), Bug Report
gniibe claimed T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate.

@werner : Yes, the way to go is having something like a server for keys; It can remove all unnecessary search/lookup all together.

Thu, Jul 11, 2:18 AM · gnupg (gpg23), Bug Report

Wed, Jul 10

gniibe committed rG33c17a8008c3: gpg: Improve import slowness. (authored by gniibe).
gpg: Improve import slowness.
Wed, Jul 10, 8:44 AM
gniibe committed rGa7a043e82555: gpg: Fix keyring retrieval. (authored by gniibe).
gpg: Fix keyring retrieval.
Wed, Jul 10, 8:10 AM
gniibe added a commit to T4592: gpg takes > 30s to list the keys from a 17MiB `pubring.gpg` that contains a single certificate: rGa7a043e82555: gpg: Fix keyring retrieval..
Wed, Jul 10, 8:10 AM · gnupg (gpg23), Bug Report
gniibe claimed T4597: Support GCM modes for ntbtls..

I pushed my change as: rT7b2c4d9dd50b: Support GCM.
Please test.

Wed, Jul 10, 4:51 AM · Feature Request, ntbtls
gniibe committed rPdad35d65f05e: curses: Fix more. (authored by gniibe).
curses: Fix more.
Wed, Jul 10, 2:16 AM
gniibe added a commit to T4598: curses: dialog broken with wide characters: rPdad35d65f05e: curses: Fix more..
Wed, Jul 10, 2:16 AM · pinentry
gniibe added a comment to T4598: curses: dialog broken with wide characters.

I pushed the fix. Thanks for your cooperation.

Wed, Jul 10, 2:15 AM · pinentry
gniibe added a comment to T4598: curses: dialog broken with wide characters.

Thanks for further testing.
I realized that it's not the left border drawing problem in fact, but the newline should be between the description and passphrase line.
I'm going to fix this.

Wed, Jul 10, 2:07 AM · pinentry
gniibe added a comment to T4606: Release GnuPG 2.2.17.

Err... my repo for 2.2 was a week old. Now, I updated, and confirmed it's there.
Thanks having the support!

Wed, Jul 10, 1:25 AM · Release Info, gnupg (gpg22)

Tue, Jul 9

gniibe committed rG37d758e5f2b5: sm: Fix card access. (authored by gniibe).
sm: Fix card access.
Tue, Jul 9, 10:03 AM
gniibe committed rPa03f39207148: curses: Fix handling of newline in description. (authored by gniibe).
curses: Fix handling of newline in description.
Tue, Jul 9, 9:30 AM
gniibe added a commit to T4598: curses: dialog broken with wide characters: rPa03f39207148: curses: Fix handling of newline in description..
Tue, Jul 9, 9:30 AM · pinentry
gniibe committed rP67a7cfa12d15: curses: Fix width calculation. (authored by gniibe).
curses: Fix width calculation.
Tue, Jul 9, 9:09 AM
gniibe committed rP9298cca67742: curses: Fix calculation of columns for CJK text. (authored by gniibe).
curses: Fix calculation of columns for CJK text.
Tue, Jul 9, 7:41 AM
gniibe added a commit to T4598: curses: dialog broken with wide characters: rP9298cca67742: curses: Fix calculation of columns for CJK text..
Tue, Jul 9, 7:41 AM · pinentry
gniibe added a comment to T4598: curses: dialog broken with wide characters.

I pushed the change to master.
Please test.

Tue, Jul 9, 7:23 AM · pinentry
gniibe claimed T4598: curses: dialog broken with wide characters.
Tue, Jul 9, 7:20 AM · pinentry
gniibe added a comment to T4606: Release GnuPG 2.2.17.

Please consider to backport rG914fa3be22bf: dirmngr: Support the new WKD draft with the openpgpkey subdomain. from master. Cherry-pick mostly works, only dirmngr/server.c needs manual edit (because of resolve_dns_name change).
Allowing WKD service by subdomain (openpgpkey) is good, because it is easier to deploy by separate admin, in some situations.

Tue, Jul 9, 4:46 AM · Release Info, gnupg (gpg22)
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

I pushed my change of rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
With TTXS, scdaemon correctly recovers from the error.

Tue, Jul 9, 4:02 AM · gnupg, scd
gniibe committed rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly. (authored by gniibe).
scd: ccid-driver: Initial getting ATR more robustly.
Tue, Jul 9, 4:01 AM
gniibe added a commit to T4616: Smartcard: Card reset required - It should be automatic: rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
Tue, Jul 9, 4:01 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

When the computer is going to suspend, the scdaemon receives a message from USB layer as the interrupt transfer is shutting down, then scdaemon considers it's removal of device/card.
But in case of suspend (and the device does not support USB suspend), USB port is kept with the power.
So, it keeps running actually.

Tue, Jul 9, 3:07 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

Here are results of my experiment with Intel NUC computer (which supports S4 (and S3)).

Tue, Jul 9, 2:53 AM · gnupg, scd

Mon, Jul 8

gniibe added a comment to E507: Weekly Standup.

Last week:

This week:

  • Setup WKD for fsij.org (2019 AGM of FSIJ: 2019-07-13)
  • X448 things
Mon, Jul 8, 9:37 AM
gniibe is attending E507: Weekly Standup.
Mon, Jul 8, 9:22 AM
gniibe added a comment to T4158: UIF (User Interaction Flag) DO support.

No. I intentionally select: Not-backporting this feature.
The feature is added for Yubikey, in the specification.
Use of the feature by Data-Object is not that so useful.

Mon, Jul 8, 9:21 AM · Feature Request, scd, gnupg
gniibe committed rG39c40e572c56: scd: Fix keygrip search. (authored by gniibe).
scd: Fix keygrip search.
Mon, Jul 8, 5:32 AM

Fri, Jul 5

gniibe committed rG38b9da7de335: sm: Return the last error for pubkey decryption. (authored by gniibe).
sm: Return the last error for pubkey decryption.
Fri, Jul 5, 8:53 AM
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG38b9da7de335: sm: Return the last error for pubkey decryption..
Fri, Jul 5, 8:53 AM · S/MIME, gnupg
gniibe committed rG6cc4119ec03b: gpg: Return the last error for pubkey decryption. (authored by gniibe).
gpg: Return the last error for pubkey decryption.
Fri, Jul 5, 8:18 AM
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG6cc4119ec03b: gpg: Return the last error for pubkey decryption..
Fri, Jul 5, 8:18 AM · S/MIME, gnupg

Wed, Jul 3

gniibe committed rT7b2c4d9dd50b: Support GCM. (authored by gniibe).
Support GCM.
Wed, Jul 3, 8:11 AM

Mon, Jul 1

gniibe added a comment to E506: Weekly Standup.

Today's topic:

Mon, Jul 1, 6:25 AM
gniibe is attending E506: Weekly Standup.
Mon, Jul 1, 6:15 AM
gniibe committed rG526714806da4: tools: gpgconf: Killing order is children-first. (authored by gniibe).
tools: gpgconf: Killing order is children-first.
Mon, Jul 1, 6:14 AM
gniibe changed the status of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 from Open to Testing.
Mon, Jul 1, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG526714806da4: tools: gpgconf: Killing order is children-first..
Mon, Jul 1, 6:14 AM · gpgagent, gnupg, Bug Report
gniibe committed rG7c877f942a34: tools: gpgconf: Killing order is children-first. (authored by gniibe).
tools: gpgconf: Killing order is children-first.
Mon, Jul 1, 6:13 AM
gniibe added a commit to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32: rG7c877f942a34: tools: gpgconf: Killing order is children-first..
Mon, Jul 1, 6:13 AM · gpgagent, gnupg, Bug Report

Fri, Jun 28

gniibe added a comment to T4583: pinentry-tty should accept backspace, delete, and ctrl-U.

Let me explain some technical detail for the record.

Fri, Jun 28, 3:03 AM · Bug Report
gniibe changed the status of T4583: pinentry-tty should accept backspace, delete, and ctrl-U from Open to Testing.
Fri, Jun 28, 2:50 AM · Bug Report
gniibe changed the status of T4585: pinentry-tty mishandles ctrl-C from Open to Testing.
Fri, Jun 28, 2:50 AM · Bug Report
gniibe added a comment to T4585: pinentry-tty mishandles ctrl-C.

Because my fix was incomplete, I pushed another change to GnuPG master: rG374a0775546b: agent: Close a dialog cleanly when gpg/ssh is killed for CONFIRM.
I also pushed my changes to pinentry master: rPf6e84ce0a34c: tty: Confirmation is not by line edit mode., rP531b92300c58: tty: Support line editing by system., rPb176a8ac0dcd: Exit the loop on an error with GPG_ERR_FULLY_CANCELED.

Fri, Jun 28, 2:49 AM · Bug Report
gniibe committed rG374a0775546b: agent: Close a dialog cleanly when gpg/ssh is killed for CONFIRM. (authored by gniibe).
agent: Close a dialog cleanly when gpg/ssh is killed for CONFIRM.
Fri, Jun 28, 2:40 AM