stm (Heiko Stamer)
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Sep 7 2017, 9:40 AM (93 w, 6 d)
Availability
Available

Currently I am working on Distributed Key Generation and Threshold Cryptography for OpenPGP: cf. Distributed Privacy Guard (DKGPG) as an experimental proof of concept.

Recent Activity

Nov 15 2018

stm created T4259: Invalid version check.
Nov 15 2018, 7:04 PM · gnupg, Bug Report

Nov 13 2018

stm added a comment to T4250: Conditional jump or move depends on uninitialised value(s).

The corresponding fix can be found here: https://github.com/smuellerDD/jitterentropy-library/commit/9048af7f06fc1488904f54852e0a2f8da45a4745

Nov 13 2018, 9:56 PM · libgcrypt, Bug Report
stm added a comment to T4250: Conditional jump or move depends on uninitialised value(s).

Please note that this issue in Jitterentropy has been already fixed by upstream: http://www.chronox.de/jent.html

Nov 13 2018, 9:53 PM · libgcrypt, Bug Report
stm created T4250: Conditional jump or move depends on uninitialised value(s).
Nov 13 2018, 9:30 PM · libgcrypt, Bug Report

Oct 30 2018

stm added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

There is another argument for respecting the usage flags: it trims the admissible key space, if key ID in the PKESK packet is zero ('wild card') and thus all private keys have to be considered for decryption.

Oct 30 2018, 9:48 PM · Not A Bug, OpenPGP, gnupg

Sep 9 2018

stm added a comment to rCc5bed9df9633: prime: Avoid rare assertion failure in gcry_prime_check..

By the attached test program I can confirm that the issue is solved.

Sep 9 2018, 8:33 AM

Aug 30 2018

stm added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

BTW: For TSA keys an additional key (usage) flag ("This key may be used for time-stamping") in RFC 4880bis would be nice. What do you think?

Aug 30 2018, 8:44 PM · gnupg (gpg23), Feature Request
stm added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

According to RFC 3628 there are two additional conditions to consider:

A timestamp or a time mark (which is an audit record kept in a secure
audit trail from a trusted third party) applied to a digital
signature value proves that the digital signature was created before
the date included in the time-stamp or time mark.
Aug 30 2018, 6:55 AM · gnupg (gpg23), Feature Request

Aug 27 2018

stm added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

Attached is a timestamp signature created with the test key (alfa, alpha, alice) from tests/openpgp.

Aug 27 2018, 9:30 PM · gnupg (gpg23), Feature Request

Aug 25 2018

stm added a comment to T4108: Support for verifying OpenPGP standalone and timestamp signatures.

DKGPG will contain programs to generate such signatures in its next release. Thus it would be nice, if those signatures can be verified by GnuPG as one of the most widespread OpenPGP implementations.

Aug 25 2018, 9:42 AM · gnupg (gpg23), Feature Request

Aug 24 2018

stm created T4108: Support for verifying OpenPGP standalone and timestamp signatures.
Aug 24 2018, 7:04 AM · gnupg (gpg23), Feature Request

Aug 20 2018

stm created T4105: Inconsistent output for revocation keys in --list-keys --with-colons.
Aug 20 2018, 8:24 PM · Documentation, gnupg, Bug Report

Jul 4 2018

stm added a comment to T4022: too-large User ID packets result in dropping an entire certificate.

What happens, if other bad packets beside PKT_USER_ID, PKT_ATTRIBUTE, PKT_OLD_COMMENT, and PKT_COMMENT are found?

Jul 4 2018, 9:56 PM · gnupg, Bug Report

Jun 24 2018

stm created T4042: RFC 4880 compliance.
Jun 24 2018, 12:43 PM · OpenPGP, gnupg

Jun 14 2018

stm added a comment to T4022: too-large User ID packets result in dropping an entire certificate.

I've made the parsing less strict in LibTMCG: https://github.com/HeikoStamer/libtmcg/commit/be7963b33cf8bace9d031074521acc4e89930d33

Jun 14 2018, 4:34 PM · gnupg, Bug Report

Mar 20 2018

stm created T3848: Use of secure memory when generating secret primes in libgcrypt.
Mar 20 2018, 7:09 PM · libgcrypt, Bug Report

Feb 24 2018

stm created T3807: Mandatory OpenPGP Primary Key Binding Signature (sigclass 0x19).
Feb 24 2018, 9:44 AM · Documentation, gnupg

Jan 24 2018

stm added a comment to T3754: Problem importing DSA/1024 key signed with SHA256.

Please note that Section 13.6 of RFC 4880 says:

Jan 24 2018, 7:07 PM · Bug Report

Jan 7 2018

stm edited projects for T3390: Showing complete OpenPGP key flags, added: gnupg (gpg23); removed gnupg.
Jan 7 2018, 10:19 AM · gnupg (gpg23), patch, Feature Request
stm added projects to T3390: Showing complete OpenPGP key flags: gnupg, patch.
Jan 7 2018, 10:18 AM · gnupg (gpg23), patch, Feature Request
stm added a comment to T3390: Showing complete OpenPGP key flags.

I have attached a small patch to show this two additional key flags with "--list-keys":

Jan 7 2018, 9:48 AM · gnupg (gpg23), patch, Feature Request

Nov 25 2017

stm added a comment to T3536: Odd behaviour of option --list-packets.

After having a look at the code base I guess this behaviour is intentional.

Nov 25 2017, 6:23 PM · Bug Report
stm triaged T3536: Odd behaviour of option --list-packets as Low priority.
Nov 25 2017, 6:21 PM · Bug Report

Nov 24 2017

stm created T3536: Odd behaviour of option --list-packets.
Nov 24 2017, 6:36 PM · Bug Report

Sep 7 2017

stm created T3390: Showing complete OpenPGP key flags.
Sep 7 2017, 9:57 AM · gnupg (gpg23), patch, Feature Request