Page MenuHome GnuPG

ikloecker (Ingo Klöcker)
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Jul 24 2020, 9:57 AM (139 w, 6 d)
Availability
Available

Recent Activity

Yesterday

ikloecker added a comment to T5960: Kleopatra: Encoding problems with GnuPG output on Windows.
In T5960#168905, @ebo wrote:

Here is an other instance with broken encoding (on 3.1.27.0-beta44):

Wed, Mar 29, 2:14 PM · Restricted Project, kleopatra

Mon, Mar 27

ikloecker committed rMb608c084b922: core: Initialize error variable (authored by ikloecker).
core: Initialize error variable
Mon, Mar 27, 4:52 PM
ikloecker committed rKLEOPATRAe395e77c3ba7: The config header must always be included as first header (authored by ikloecker).
The config header must always be included as first header
Mon, Mar 27, 11:11 AM
ikloecker committed rKLEOPATRA00dd596fb3c4: Do not use a local include for the external kcmutils_version.h (authored by ikloecker).
Do not use a local include for the external kcmutils_version.h
Mon, Mar 27, 11:11 AM
ikloecker committed rKLEOPATRA0a03443ccbba: Keep alphabetical order of required/linked modules (authored by ikloecker).
Keep alphabetical order of required/linked modules
Mon, Mar 27, 11:11 AM

Fri, Mar 24

ikloecker added a comment to T6423: Kleopatra: Tooltip for "Lookup on server" wrong in case of GnuPG VSD .

The lookup also uses WKD (if the search term looks like an email address). (Maybe only if WKD is configured as auto key locate mechanism.)

Fri, Mar 24, 12:23 PM · Bug Report, kleopatra

Tue, Mar 21

ikloecker claimed T6330: Kleopatra: Additional Expiry handling.
Tue, Mar 21, 9:56 AM · kleopatra, Restricted Project

Mon, Mar 20

ikloecker placed T5543: pinentry-qt: Accessibility switch to repeat on enter up for grabs.

Not sure why this was assigned to Andre.

Mon, Mar 20, 3:58 PM · pinentry, Restricted Project
ikloecker added a comment to T5543: pinentry-qt: Accessibility switch to repeat on enter.
In T5543#168681, @ebo wrote:

How about emptying both fields in case of mismatch and start from the beginning?

Mon, Mar 20, 3:57 PM · pinentry, Restricted Project

Fri, Mar 17

ikloecker changed the status of T6415: Kleopatra clipboard does not remember selected signing and --encrypt-to key. from Open to Testing.

Fixed.

Fri, Mar 17, 3:00 PM · Restricted Project, Bug Report, kleopatra
ikloecker committed rKLEOPATRAcb1611aa65b0: Remember the keys used to sign/encrypt the notepad (authored by ikloecker).
Remember the keys used to sign/encrypt the notepad
Fri, Mar 17, 2:59 PM
ikloecker changed the status of T6380: Kleopatra: SignEncryptWidget::isDeVsAndValid does not skip revoked UIds from Open to Testing.

We are now using the new helper DeVSCompliance::keyIsCompliant everywhere where previously isKeyDeVs and uidsHaveFullValidity were used or should have been used (as in SignEncryptWidget::isDeVsAndValid).

Fri, Mar 17, 2:31 PM · Restricted Project, kleopatra
ikloecker committed rKLEOPATRAc4c9e6fbd089: Use new helper function (authored by ikloecker).
Use new helper function
Fri, Mar 17, 2:18 PM
ikloecker committed rKLEOPATRA1d70e822f9ea: Use new keyIsCompliant helper to unify compliance check (authored by ikloecker).
Use new keyIsCompliant helper to unify compliance check
Fri, Mar 17, 2:18 PM
ikloecker committed rLIBKLEO815e4efbf5e9: Bump library version (authored by ikloecker).
Bump library version
Fri, Mar 17, 2:15 PM
ikloecker committed rLIBKLEO93ea0bde0ad6: Remove duplicate keyValidity helper (authored by ikloecker).
Remove duplicate keyValidity helper
Fri, Mar 17, 2:15 PM
ikloecker committed rLIBKLEO3f8be7e6534d: Use warning indicator for non-compliant keys (authored by ikloecker).
Use warning indicator for non-compliant keys
Fri, Mar 17, 12:56 PM
ikloecker committed rLIBKLEO8400035eedd5: Simplify checking keys for compliance with de-vs mode (authored by ikloecker).
Simplify checking keys for compliance with de-vs mode
Fri, Mar 17, 12:56 PM
ikloecker committed rLIBKLEOe0e4b2bff211: Make the key resolver reject not fully valid keys in compliance mode (authored by ikloecker).
Make the key resolver reject not fully valid keys in compliance mode
Fri, Mar 17, 12:56 PM
ikloecker committed rLIBKLEO257c62365032: Move Formatting::isKeyDeVs to compliance (authored by ikloecker).
Move Formatting::isKeyDeVs to compliance
Fri, Mar 17, 12:56 PM
ikloecker committed rLIBKLEO222614e5450c: Move Formatting::uidsHaveFullValidity to keyhelpers (authored by ikloecker).
Move Formatting::uidsHaveFullValidity to keyhelpers
Fri, Mar 17, 12:56 PM
ikloecker committed rMe50724e1bbe5: tests: Package the ownertrust file (authored by ikloecker).
tests: Package the ownertrust file
Fri, Mar 17, 9:22 AM

Thu, Mar 16

ikloecker claimed T6380: Kleopatra: SignEncryptWidget::isDeVsAndValid does not skip revoked UIds.
Thu, Mar 16, 10:43 AM · Restricted Project, kleopatra
ikloecker changed the status of T6379: Kleopatra: Brainpool key can not be moved to smart card from Open to Testing.

I think Werner backported some missing functionality to GnuPG 2.2. Please retest with the next version.

Thu, Mar 16, 10:43 AM · Restricted Project, kleopatra
ikloecker changed the status of T5478: Kleopatra: Performance problems decrypting and encrypting large Archives from Open to Testing.

ready for testing

Thu, Mar 16, 10:37 AM · Restricted Project, gpgme, kleopatra
ikloecker added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

I wrote T6412: Kleopatra: Inform user if some files were not extracted from encrypted archive to inform the user about not extracted files. I think this shouldn't block this issue because special files probably don't occur in normal usage of GnuPG VSD.

Thu, Mar 16, 10:36 AM · Restricted Project, gpgme, kleopatra
ikloecker created T6412: Kleopatra: Inform user if some files were not extracted from encrypted archive.
Thu, Mar 16, 10:32 AM · kleopatra, Feature Request
ikloecker placed T6355: gpgtar: Does not allow decryption from stdin up for grabs.
Thu, Mar 16, 10:24 AM · gnupg22, gnupg24, Restricted Project
ikloecker moved T6342: GPGME/Kleopatra: Extend gpgme to use gpgtar from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Mar 16, 10:22 AM · Restricted Project, gpgme, kleopatra
ikloecker closed T6342: GPGME/Kleopatra: Extend gpgme to use gpgtar, a subtask of T5478: Kleopatra: Performance problems decrypting and encrypting large Archives, as Resolved.
Thu, Mar 16, 10:22 AM · Restricted Project, gpgme, kleopatra
ikloecker closed T6342: GPGME/Kleopatra: Extend gpgme to use gpgtar as Resolved.

Closing. This will be tested with T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

Thu, Mar 16, 10:22 AM · Restricted Project, gpgme, kleopatra
ikloecker changed the status of T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination from Open to Testing.

I think letting KIO show the progress is okay for now. I hope it also works on Windows (if showing progress is necessary).

Thu, Mar 16, 10:20 AM · Restricted Project, kleopatra
ikloecker changed the status of T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination, a subtask of T5478: Kleopatra: Performance problems decrypting and encrypting large Archives, from Open to Testing.
Thu, Mar 16, 10:20 AM · Restricted Project, gpgme, kleopatra
ikloecker added a comment to T6064: Kleopatra: Allow queries to list all certificates on the server.

If it's possible to search for any keys on an LDAP server, then gpg's LDAP support could probably map "*" to the required LDAP search filter. I'm pretty sure that (modern) keyservers don't allow listing all keys.

Thu, Mar 16, 10:15 AM · Restricted Project, kleopatra

Wed, Mar 15

ikloecker committed rKLEOPATRAfefd82dd122b: Add include to make Qt6 build happy (authored by ikloecker).
Add include to make Qt6 build happy
Wed, Mar 15, 12:10 PM
ikloecker committed rKLEOPATRA26f01cf32094: Remove obsolete helpers (authored by ikloecker).
Remove obsolete helpers
Wed, Mar 15, 11:50 AM
ikloecker committed rKLEOPATRA32a30acd7d41: Use KIO::moveAs to move decrypted folders to the target folder (authored by ikloecker).
Use KIO::moveAs to move decrypted folders to the target folder
Wed, Mar 15, 11:50 AM
ikloecker committed rKLEOPATRA8da2c9acf38d: Sort/group libraries to link (authored by ikloecker).
Sort/group libraries to link
Wed, Mar 15, 11:50 AM
ikloecker committed rKLEOPATRA39754005e5b3: Look for all KF libraries with a single find_package command (authored by ikloecker).
Look for all KF libraries with a single find_package command
Wed, Mar 15, 11:50 AM
ikloecker committed rKLEOPATRAedf8ae06ff84: Let the compiler control the lifetime of the dialog (authored by ikloecker).
Let the compiler control the lifetime of the dialog
Wed, Mar 15, 9:20 AM
ikloecker added a comment to T6411: Signing Other PGP Keys Fails when Using a SmartCard.

This isn't a support forum. You'd better ask on the gnupg-users mailing list before assuming that you found a bug.

Wed, Mar 15, 8:13 AM · Support

Tue, Mar 14

ikloecker added a comment to T6410: Kleopatra: trust root certificate allowed for user.

Are you using an actual GnuPG VSD installer? I'm asking because, as far as I know, several actions are disabled via immutable config entries that are only shipped to customers.

Tue, Mar 14, 6:27 PM · kleopatra, Restricted Project
ikloecker added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

I agree. Something called READ... shouldn't change existing data. (Updating existing data to a new format that doesn't alter the semantics of the existing data is okay.)

Tue, Mar 14, 10:59 AM · gnupg22, Bug Report
ikloecker committed rLIBKLEO26753ebdd2eb: Use correct INSTALL_TARGETS_DEFAULT_ARGS (authored by ikloecker).
Use correct INSTALL_TARGETS_DEFAULT_ARGS
Tue, Mar 14, 10:43 AM

Mon, Mar 13

ikloecker added a comment to T6409: Kleopatra: misleading representation of key with multiple uids in sign/encrypt dialog.

For non-vsde-enabled installations the green check symbol is okay because in the given context (encryption) it indicates that the key can be used.

Mon, Mar 13, 9:05 PM · vsd, Feature Request, Restricted Project, kleopatra
ikloecker moved T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mon, Mar 13, 8:21 AM · Restricted Project, kleopatra

Fri, Mar 10

ikloecker committed rLIBKLEO563a217a7594: Show indicator for compliance of selected keys (authored by ikloecker).
Show indicator for compliance of selected keys
Fri, Mar 10, 12:12 PM
ikloecker committed rLIBKLEOcb700cea92ca: Show status of compliance in tooltip (authored by ikloecker).
Show status of compliance in tooltip
Fri, Mar 10, 12:12 PM
ikloecker committed rLIBKLEO1a9f27b6155b: Use neutral icon for non-compliant, valid keys (authored by ikloecker).
Use neutral icon for non-compliant, valid keys
Fri, Mar 10, 12:12 PM
ikloecker committed rLIBKLEO4ae176bcd27e: Set status string also for trusted keys (authored by ikloecker).
Set status string also for trusted keys
Fri, Mar 10, 12:12 PM
ikloecker added a comment to T6405: Trojan identified in virustotal.

Well, virus checkers aren't perfect. If 1 out of 65 checkers reports a finding, then the probability that this finding is a false positive is very high. You would better report this to the vendor of NANO-Antivirus, so that they can fix the false positive warning.

Fri, Mar 10, 8:58 AM · Bug Report

Tue, Mar 7

ikloecker added a comment to T6403: Kleopatra: Warn if a certificate in a group is deleted.

This pretty much highlights a general problem of groups: If the distribution groups for the email client are managed independently from the certificate groups then there will inevitably be discrepancies. The obvious solution is the usage of groups managed by a central service for email addresses and certificates.

Tue, Mar 7, 9:56 AM · Feature Request, kleopatra

Mon, Mar 6

ikloecker added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

If agent_write_shadow_key does now also check for an existing private key file, then I'd replace following code in cmd_readkey:

if (agent_key_available (grip))
  {
    /* Shadow-key is not available in our key storage.  */
    rc = agent_write_shadow_key (0, grip, serialno, keyid, pkbuf, 0,
                                 dispserialno);
  }
else
  {
    /* Shadow-key is available in our key storage but ne check
     * whether we need to update it with a new display-s/n or
     * whatever.  */
    rc = agent_write_shadow_key (1, grip, serialno, keyid, pkbuf, 0,
                                 dispserialno);
  }

with a simple call of agent_write_shadow_key (removing the maybe_update flag) and let agent_write_shadow_key do all checking for an already existing private key file and whether it's a stub file that needs updating.

Mon, Mar 6, 9:17 AM · gnupg22, Bug Report
ikloecker added a comment to T6400: Improve Pinentry error message for a bad $TERM.

Could this be a duplicate of T4924: pinentry: pinentry-curses doesn't allow to set no password or weak passwords on 80 char width and smaller terminals?

Mon, Mar 6, 8:57 AM · FreeBSD, Documentation, pinentry, Bug Report

Fri, Mar 3

ikloecker added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

Make sure that the fix doesn't break "gpg --edit-key; keytocard; save" which explicitly does replace the private key with a stub file.

Fri, Mar 3, 4:17 PM · gnupg22, Bug Report

Thu, Mar 2

ikloecker added a project to T6399: Missing trustdb check on import of certificate: gnupg.
Thu, Mar 2, 6:38 PM · OpenPGP, gnupg22, Restricted Project
ikloecker created M11: KMail showing compliance.
Thu, Mar 2, 12:22 PM

Wed, Mar 1

ikloecker added a comment to T6392: Kleopatra: Tags no longer shown in useridlistmodel .

Just had a look at the development version. There the observation is exactly the opposite, i.e. the Tags columns of the certificate list and of the user ID list are empty, but the tags are shown in the Tags column of the certifications list.

Wed, Mar 1, 9:47 PM · kleopatra, Restricted Project

Feb 24 2023

ikloecker added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

I should probably add that Kleopatra calls this command when reading a smart card to create the key stubs if necessary. Kleopatra does this since gpg4win-3.1.24 (according to the tags) and the KDE Gear 22.04 release (see T5782: Kleopatra: Smartcard unusable secret key until used via command line).

Feb 24 2023, 11:58 AM · gnupg22, Bug Report
ikloecker added a comment to T6385: Regarding "gpg: can't connect to the agent - trying fall back ".

Your report lacks any useful information starting with the version of gpg you are using. Did this ever work? What did you change? Did you probably upgrade the system and have previously been using gpg1, but are now using gpg2?

Feb 24 2023, 11:42 AM · No Response, Bug Report
ikloecker added a comment to T6377: Kleopatra: gpgsk file contains shadowed private key.

I have analyzed the problem. It is caused by a serious regression in gpg 2.2: https://dev.gnupg.org/T6386

Feb 24 2023, 11:38 AM · gnupg22, Restricted Project, kleopatra
ikloecker created T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.
Feb 24 2023, 11:34 AM · gnupg22, Bug Report

Feb 23 2023

ikloecker committed rLIBKLEOc7aa02e18788: Remove CI for Linux Qt 6 (authored by ikloecker).
Remove CI for Linux Qt 6
Feb 23 2023, 11:40 AM

Feb 22 2023

ikloecker added a comment to T6377: Kleopatra: gpgsk file contains shadowed private key.

Arguing with the documentation of a functionality Kleopatra doesn't make use of makes no sense. Kleopatra uses gpg-agent's "KEYTOCARD" command which, unfortunately, lacks a good documentation.

Feb 22 2023, 3:20 PM · gnupg22, Restricted Project, kleopatra
ikloecker changed the status of T6372: Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists, a subtask of T5478: Kleopatra: Performance problems decrypting and encrypting large Archives, from Open to Testing.
Feb 22 2023, 11:56 AM · Restricted Project, gpgme, kleopatra
ikloecker changed the status of T6372: Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists from Open to Testing.

Ready for testing. In case of a file name conflict the users are now offered to Overwrite the existing file or to Rename the new file (i.e. save it with a different name). If multiple output files are created (e.g. when encrypting multiple files separately), then the users are additionally offered the options "Overwrite All", "Rename All", "Skip", "Skip All".

Feb 22 2023, 11:56 AM · Restricted Project, kleopatra
ikloecker added a comment to T6381: Option to set default encryption subkey.

What do you want to achieve by using multiple encryption subkeys? Do you realize that gpg will always encrypt to one subkey (unless you explicitely specify multiple subkeys), i.e. you won't be able to decrypt on device 1 what you have encrypted for device 2 and vice-versa. Usually, this makes little sense because it seems you want to be able to decrypt anything on your main machine.

Feb 22 2023, 11:44 AM · gnupg
ikloecker renamed T6372: Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists from Kleopatra: Check if (archive) file already exists before starting sign/encrypt (archive) operation to Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists.
Feb 22 2023, 11:32 AM · Restricted Project, kleopatra
ikloecker committed rKLEOPATRAc6012540435a: Allow users to change name of signed/encrypted file on name conflict (authored by ikloecker).
Allow users to change name of signed/encrypted file on name conflict
Feb 22 2023, 11:28 AM

Feb 20 2023

ikloecker committed rKLEOPATRA6b914b164729: Double-check that we can use basic ranges features (authored by ikloecker).
Double-check that we can use basic ranges features
Feb 20 2023, 9:32 PM
ikloecker committed rKLEOPATRAb9bec26ae7bf: Double-check that we can use basic ranges features (authored by ikloecker).
Double-check that we can use basic ranges features
Feb 20 2023, 9:27 PM

Feb 17 2023

ikloecker added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.

If 3.1.26 only offers RSA algos, then Kleopatra obviously assumes that the smart card only supports RSA and therefore doesn't offer the transfer of Brainpool keys.

Feb 17 2023, 11:24 AM · Restricted Project, kleopatra

Feb 16 2023

ikloecker added a comment to T6379: Kleopatra: Brainpool key can not be moved to smart card.

Which algorithms are offered when you use "Regenerate Key"? What's the output of gpg -K --with-colon <key_id>?

Feb 16 2023, 6:18 PM · Restricted Project, kleopatra
ikloecker updated subscribers of T6377: Kleopatra: gpgsk file contains shadowed private key.
Feb 16 2023, 10:13 AM · gnupg22, Restricted Project, kleopatra
ikloecker added a project to T6377: Kleopatra: gpgsk file contains shadowed private key: gnupg.

Kleopatra simply copies the content of the corresponding *.key file in the private-keys-v1.d folder. If the *.key file contains a shadowed key after issuing a KEYTOCARD --force [...] command followed by a SCD LEARN --force command (note the SCD!), then gpg-agent is to blame.

Feb 16 2023, 10:08 AM · gnupg22, Restricted Project, kleopatra
ikloecker committed rKLEOPATRAd80112e08257: Defer instantiation of ReaderStatus (authored by ikloecker).
Defer instantiation of ReaderStatus
Feb 16 2023, 9:57 AM
ikloecker committed rKLEOPATRA436e124a414c: Set application attributes before constructing KleopatraApplication (authored by ikloecker).
Set application attributes before constructing KleopatraApplication
Feb 16 2023, 9:57 AM

Feb 15 2023

ikloecker moved T6372: Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Feb 15 2023, 8:18 AM · Restricted Project, kleopatra
ikloecker closed T6348: gpgtar: Error when using --status-fd, a subtask of T6342: GPGME/Kleopatra: Extend gpgme to use gpgtar, as Resolved.
Feb 15 2023, 8:18 AM · Restricted Project, gpgme, kleopatra
ikloecker closed T6348: gpgtar: Error when using --status-fd as Resolved.

Works now for gpgme. Thanks!

Feb 15 2023, 8:18 AM · gnupg, Restricted Project
ikloecker removed a project from T6355: gpgtar: Does not allow decryption from stdin: gpgme.

Works for me with gpgtar (GnuPG) 2.4.1-beta21. I haven't verified this with 2.2.x.

Feb 15 2023, 8:15 AM · gnupg22, gnupg24, Restricted Project

Feb 14 2023

ikloecker triaged T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination as High priority.
Feb 14 2023, 10:36 AM · Restricted Project, kleopatra
ikloecker triaged T6372: Kleopatra: Allow users to change name of sign/encryption result if (archive) file already exists as High priority.
Feb 14 2023, 10:28 AM · Restricted Project, kleopatra
ikloecker committed rKLEOPATRA667b05dd1228: Use new jobProgress signal instead of deprecated progress signal (authored by ikloecker).
Use new jobProgress signal instead of deprecated progress signal
Feb 14 2023, 10:09 AM
ikloecker committed rKLEOPATRA8456af6200b0: Remove unused signal message() (authored by ikloecker).
Remove unused signal message()
Feb 14 2023, 10:09 AM
ikloecker committed rKLEOPATRAb0b7e48dde12: Use the more specific dataProgress signals for the archive jobs (authored by ikloecker).
Use the more specific dataProgress signals for the archive jobs
Feb 14 2023, 10:09 AM
ikloecker committed rKLEOPATRA2313a2ff11ef: Ignore the "what" value of the QGpgME::Job::progress signal (authored by ikloecker).
Ignore the "what" value of the QGpgME::Job::progress signal
Feb 14 2023, 10:09 AM
ikloecker committed rM73e46b34658c: qt: Add signals for file-based and data-based progress (authored by ikloecker).
qt: Add signals for file-based and data-based progress
Feb 14 2023, 9:52 AM
ikloecker committed rMccff6a96fc2b: qt: Remove commented out code (authored by ikloecker).
qt: Remove commented out code
Feb 14 2023, 9:52 AM
ikloecker committed rMea6f15ed602e: qt: Add simple and extended progress signals replacing old signal (authored by ikloecker).
qt: Add simple and extended progress signals replacing old signal
Feb 14 2023, 9:52 AM
ikloecker added a comment to T6370: Print diagnostics to explain certain expiration cases.

With the current development version I get

$ gpg --version
gpg (GnuPG) 2.4.1-beta21
libgcrypt 1.11.0
Feb 14 2023, 9:12 AM · Feature Request, gnupg

Feb 13 2023

ikloecker added a comment to T6369: gpgme: add a faster variant of gpgme_get_key().

Finally, what's your use case? gpgme_get_key() is meant to be used for getting individual keys. It's not meant to be used to get 1000 keys in a loop.

Feb 13 2023, 8:50 AM · gpgme, Feature Request
ikloecker added a comment to T6369: gpgme: add a faster variant of gpgme_get_key().

Moreover, if you have performance problems on Windows, then it's not the best idea to strace the code on Linux.

Feb 13 2023, 8:47 AM · gpgme, Feature Request
ikloecker added a comment to T6369: gpgme: add a faster variant of gpgme_get_key().

Just asking the obvious: You are using an optimized release build for your benchmarks, right?

Feb 13 2023, 8:45 AM · gpgme, Feature Request

Feb 10 2023

ikloecker added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

Okay. So the problems with "file type 1" seem to come from git using hardlinks and tar storing them as hardlinks, but gpgtar ignores them on --decrypt. This would also explain the larger size of the archives if gpgtar stores the hardlinked files multiple times in the archive. Take home message: Don't gpgtar your git repo!

Feb 10 2023, 12:28 PM · Restricted Project, gpgme, kleopatra
ikloecker added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

Running gpgtar directly only gives slightly better results. The following

GNUPGHOME=~/xxxx gpgtar --batch --status-fd 2 --gpg-args --enable-progress-filter --encrypt --gpg-args --always-trust -r D5E17E5ABC11F4CD060E02D41DD0D4BAF77BE140 -r C02C4012C09B2AE33921CF87577E88AC284DC575 --output - --directory /xxxx src >src-gpgtar.tar.gpg 2>src-gpgtar.log

took about 31.1 seconds.

Feb 10 2023, 11:46 AM · Restricted Project, gpgme, kleopatra
ikloecker added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

"file type 2" may refer to symbolic links.

Feb 10 2023, 11:12 AM · Restricted Project, gpgme, kleopatra
ikloecker added a comment to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives.

I did some tests. I encrypted the g10/src folder which contains multiple repos (33098 files) with a total weight of about 1.4 GiB.

Feb 10 2023, 11:09 AM · Restricted Project, gpgme, kleopatra
ikloecker closed T6368: GpgME: gpgme_op_decrypt_verify creates incomplete verification result for not encrypted data as Resolved.

I made the condition for calling the verify handler more strict by checking if err is a NO DATA error. This should minimize the risk of regression.

Feb 10 2023, 10:12 AM · Restricted Project, gpgme
ikloecker closed T6368: GpgME: gpgme_op_decrypt_verify creates incomplete verification result for not encrypted data, a subtask of T6342: GPGME/Kleopatra: Extend gpgme to use gpgtar, as Resolved.
Feb 10 2023, 10:12 AM · Restricted Project, gpgme, kleopatra