Page MenuHome GnuPG

werner (Werner Koch)
EngineeringAdministrator

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (221 w, 1 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner committed rG2c6b62b3572f: tools: Extend ccidmon to print T=1 APDUs (authored by werner).
tools: Extend ccidmon to print T=1 APDUs
Tue, Jun 22, 8:42 PM
werner renamed T5504: git commit signing fails due to git's included gpg version. from Commit signing fails to git commit signing fails due to git's included gpg version..
Tue, Jun 22, 5:33 PM · FAQ, gpg4win
werner edited projects for T5504: git commit signing fails due to git's included gpg version., added: FAQ; removed Bug Report.

So let's close this task.

Tue, Jun 22, 5:32 PM · FAQ, gpg4win
werner added a comment to T5504: git commit signing fails due to git's included gpg version..

That looks all fine.

Tue, Jun 22, 1:13 PM · FAQ, gpg4win
werner closed T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1 as Resolved.

With the next release you will get only a warning:

gnupg-2.2/common/t-sexputil.c:467: test 0 failed: Unknown elliptic curve - ignored
This is likely due to a patched version of Libgcrypt with removed support for Brainpool curves
Tue, Jun 22, 12:32 PM · gnupg, Fedora, libgcrypt, Bug Report
werner committed rG5df658233a3a: tests: Cope with broken Libgcrypt versions (authored by werner).
tests: Cope with broken Libgcrypt versions
Tue, Jun 22, 12:31 PM
werner committed rGaf2fd9f0af25: tests: Cope with broken Libgcrypt versions (authored by werner).
tests: Cope with broken Libgcrypt versions
Tue, Jun 22, 12:30 PM
werner added a comment to T5504: git commit signing fails due to git's included gpg version..

may give you some clues.

Tue, Jun 22, 11:38 AM · FAQ, gpg4win
werner added a comment to T5504: git commit signing fails due to git's included gpg version..

You are not using gpg4win with its included GnuPG 2.2 but some broken gpg version. The error message
"invalid size of lockfile" can only be emitted by the Unix version of GnuPG. Check for other installed gpg versions - there are sites which allows the download of for example a Cygwin version - these version can't work properly on Windows.

Tue, Jun 22, 11:37 AM · FAQ, gpg4win
werner changed the status of T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient. from Open to Testing.

I did some test on Windows 10 using gnupg 2.2 with this patch and things work.

Tue, Jun 22, 11:33 AM · gnupg (gpg22), Windows, Bug Report
werner committed rGedfe9453be5f: w32: Add fallback in case the Windows console can't cope with Unicode. (authored by werner).
w32: Add fallback in case the Windows console can't cope with Unicode.
Tue, Jun 22, 11:14 AM
werner committed rGe387cc97c823: scd:p15: Prepare AODF parsing for other authentication types. (authored by werner).
scd:p15: Prepare AODF parsing for other authentication types.
Tue, Jun 22, 11:14 AM
werner committed rGe94dfa21d2c1: w32: Add fallback in case the Windows console can't cope with Unicode. (authored by werner).
w32: Add fallback in case the Windows console can't cope with Unicode.
Tue, Jun 22, 11:09 AM
werner added a comment to T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient..

For testing ion Windows 10 you need to switch to "Legacy Console" and reboot.

Tue, Jun 22, 7:59 AM · gnupg (gpg22), Windows, Bug Report

Mon, Jun 21

werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Sorry for the expired certificate.

Mon, Jun 21, 10:48 PM · gnupg, Fedora, libgcrypt, Bug Report
werner triaged T5503: Add APIs to sign (and encrypt?) with a specific subkey as Normal priority.
Mon, Jun 21, 5:16 PM · gpgme, Feature Request
werner added a comment to T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient..

Please run

Mon, Jun 21, 5:16 PM · gnupg (gpg22), Windows, Bug Report
werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

The thing is that I added a test for a new function which uses standard curves of Libgcrypt. But here we are again at the RedHat mess: They support the NIST curves but they removed support for Brainpool curves. Both are very similiar curves just different parameters. Brainpool is just in Europe out of fear that the NIST curves are rigged by the the NSA. Now, why RedHat removed Brainpool is probably just a legal dept thing who didn't have a clue. The tin foil hats probably see a different reason.

Mon, Jun 21, 5:00 PM · gnupg, Fedora, libgcrypt, Bug Report
werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Supported curves should be listed by

gpg --list-config --with-colons curve
Mon, Jun 21, 2:47 PM · gnupg, Fedora, libgcrypt, Bug Report
werner added projects to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1: libgcrypt, Fedora, gnupg.

I am not sure about Fedora, but RedHat used to remove ECC support from Libgcrypt; GnuPG requires these curves. As long as you don't use ECC you things will work despite of this failed test. The test is new to check and does not anticipate a broken Libgcrypt.

Mon, Jun 21, 2:44 PM · gnupg, Fedora, libgcrypt, Bug Report
werner triaged T5501: "Remove my account" does not anymore work as Normal priority.
Mon, Jun 21, 1:50 PM · dev.gnupg.org
werner updated the task description for T5225: Release GPGME 1.15.1.
Mon, Jun 21, 10:29 AM · Release Info, gpgme
werner triaged T5499: Release GPGME 1.16.0 as Normal priority.
Mon, Jun 21, 10:28 AM · Release Info, gpgme
werner added a comment to E873: Weekly Standup.

Last week:

  • Worked on a A.E.T. Smartcard
Mon, Jun 21, 10:01 AM
werner is attending E873: Weekly Standup.
Mon, Jun 21, 9:42 AM
werner updated the task description for T5482: Release GnuPG 2.2.28.
Mon, Jun 21, 9:37 AM · Release Info, gnupg (gpg22)
werner triaged T5498: Release GnuPG 2.2.29 as Normal priority.
Mon, Jun 21, 9:37 AM · Release Info, gnupg (gpg22)
werner added a comment to T5482: Release GnuPG 2.2.28.

Regression for keyserver search by mail address: T5497

Mon, Jun 21, 9:35 AM · Release Info, gnupg (gpg22)
werner changed the status of T5497: v2.2.28 fails to locate-key from keyserver by email: Invalid user ID from Open to Testing.

Replicated and fixed. Thanks for the report.

Mon, Jun 21, 9:33 AM · Bug Report
werner committed rGd5126efd895b: dirmngr: Fix regression in KS_GET for mail address pattern. (authored by werner).
dirmngr: Fix regression in KS_GET for mail address pattern.
Mon, Jun 21, 9:32 AM
werner committed rGadf7bfba5ddc: dirmngr: Fix regression in KS_GET for mail address pattern. (authored by werner).
dirmngr: Fix regression in KS_GET for mail address pattern.
Mon, Jun 21, 9:31 AM
werner claimed T5497: v2.2.28 fails to locate-key from keyserver by email: Invalid user ID.
Mon, Jun 21, 8:35 AM · Bug Report

Sun, Jun 20

werner activated P5 bak.
Sun, Jun 20, 6:16 PM · Feature Request
werner activated P7 X25519 the ugly way.
Sun, Jun 20, 6:16 PM
werner activated P10 Slow dirmngr.
Sun, Jun 20, 6:15 PM
werner activated P11 (An Untitled Masterwork).
Sun, Jun 20, 6:15 PM
werner activated P13 (An Untitled Masterwork).
Sun, Jun 20, 6:15 PM
werner restored Image Macro "ilovetrains".
Sun, Jun 20, 6:14 PM
werner renamed Image Macro "ripfernmeldegeheimnis" from ripfernmeldege to ripfernmeldegeheimnis.
Sun, Jun 20, 6:14 PM
werner restored Image Macro "ripfernmeldegeheimnis".
Sun, Jun 20, 6:13 PM
werner restored Image Macro "dancewithme".
Sun, Jun 20, 6:13 PM

Fri, Jun 18

werner triaged T5494: gpg-agent doesn't support security-key (sk) key types as Low priority.

ggp-agent has no support for U2F and it can't work with these key types. Given that Yubikeys also have proper keys (even eddsa) I doubt that we will implement support for ecdsa-sk OpenSSH feature any time soon,

Fri, Jun 18, 11:31 PM · Feature Request, ssh
werner committed rG029924a46e08: scd:p15: Add pre-check for ascii-numeric PINs. (authored by werner).
scd:p15: Add pre-check for ascii-numeric PINs.
Fri, Jun 18, 6:07 PM
werner committed rG7a8545c91b09: scd:p15: Handle cards with bad encoded path objects. (authored by werner).
scd:p15: Handle cards with bad encoded path objects.
Fri, Jun 18, 5:46 PM
werner committed rG544ec7872aed: scd:p15: Add basic support for AET JCOP cards. (authored by werner).
scd:p15: Add basic support for AET JCOP cards.
Fri, Jun 18, 5:46 PM
werner committed rG44f977d0e332: scd: Improve reading of binary records. (authored by werner).
scd: Improve reading of binary records.
Fri, Jun 18, 5:46 PM

Thu, Jun 17

werner added a comment to T5433: libgcrypt: Do not use SHA1 by default.

That patch consists an ABI change. We might consider this for 1.10 but we can't do such a change in 1.9.

Thu, Jun 17, 11:44 AM · libgcrypt, Bug Report
werner added a comment to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf .

Please try the distributed binary version of gpgme from GnuPG or Gpg4win (which is usually a snapshot). As you might now, we don't support building on Windows - it may or may not work, we have no idea and don't suggest that.

Thu, Jun 17, 11:42 AM · gpgme, Bug Report
werner added projects to T5491: Console output failure with no-unicode font: GnuPG 2.2.28 is not working with »encrypt-to« in gpg.conf without specifying another recipient.: Windows, gnupg (gpg22).

Are you using Powershell or another non-standard shell? Which windows version are you using?

Thu, Jun 17, 11:28 AM · gnupg (gpg22), Windows, Bug Report
werner updated the task description for T5465: Kleopatra: Improve configuration of LDAP servers for X.509.
Thu, Jun 17, 11:24 AM · Restricted Project, kleopatra
werner committed rC692e9b1935ed: ecc: Fix bug in gcry_pk_get_param for Curve25519. (authored by werner).
ecc: Fix bug in gcry_pk_get_param for Curve25519.
Thu, Jun 17, 11:12 AM
werner claimed T5490: gcry_pk_get_param aborts program with error on "Curve25519".

Thanks for the report. Will soon be fixed.

Thu, Jun 17, 9:21 AM · libgcrypt, Bug Report

Wed, Jun 16

werner added a project to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf : gpgme.

You should run your test program with GPGME_DEBUG set. This gives some insight. The code you posted is too sparse to actually see what you are doing or want to do or what is the bug. Maybe it is better to ask the gnupg-devel ML?

Wed, Jun 16, 5:32 PM · gpgme, Bug Report
werner committed rCb2b8fa5edb1a: build: Fix broken mlock detection (authored by Johannes Schindelin via Gcrypt-devel <gcrypt-devel@gnupg.org>).
build: Fix broken mlock detection
Wed, Jun 16, 5:19 PM
werner committed rC66ff25ed4a8f: build: Fix broken mlock detection (authored by Johannes Schindelin via Gcrypt-devel <gcrypt-devel@gnupg.org>).
build: Fix broken mlock detection
Wed, Jun 16, 4:50 PM
werner committed rGc6900f5723b4: dirmngr: Fix build with --disable-ldap. (authored by gniibe).
dirmngr: Fix build with --disable-ldap.
Wed, Jun 16, 1:16 PM
werner committed rG89df86157e35: sm: New option --ldapserver as an alias for --keyserver. (authored by werner).
sm: New option --ldapserver as an alias for --keyserver.
Wed, Jun 16, 1:16 PM
werner committed rG864ea2519839: dirmngr: Rewrite the LDAP wrapper tool (authored by werner).
dirmngr: Rewrite the LDAP wrapper tool
Wed, Jun 16, 1:16 PM
werner committed rG14528ec66bd7: dirmngr: Allow to pass no filter args to dirmngr_ldap. (authored by werner).
dirmngr: Allow to pass no filter args to dirmngr_ldap.
Wed, Jun 16, 1:16 PM
werner committed rGbcb99315627e: dirmngr: Remove useless code. (authored by werner).
dirmngr: Remove useless code.
Wed, Jun 16, 1:16 PM
werner committed rG3e05f99e8db5: dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers. (authored by werner).
dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers.
Wed, Jun 16, 1:16 PM
werner committed rG58e4c82512a4: dirmngr: Fix default port for our redefinition of ldaps. (authored by werner).
dirmngr: Fix default port for our redefinition of ldaps.
Wed, Jun 16, 1:16 PM
werner committed rG0426e6e86938: doc: Update description of LDAP keyservers (authored by werner).
doc: Update description of LDAP keyservers
Wed, Jun 16, 1:16 PM
werner committed rG52cf32ce2f90: dirmngr: New option --ldapserver (authored by werner).
dirmngr: New option --ldapserver
Wed, Jun 16, 1:16 PM
werner committed rGeb3a629154de: dirmngr: Allow for non-URL specified ldap keyservers. (authored by werner).
dirmngr: Allow for non-URL specified ldap keyservers.
Wed, Jun 16, 1:16 PM
werner committed rGbebc71d2291e: gpg,sm: Simplify keyserver spec parsing. (authored by werner).
gpg,sm: Simplify keyserver spec parsing.
Wed, Jun 16, 1:16 PM
werner committed rG1c96f4d663c0: dirmngr: Support pseudo URI scheme "opaque". (authored by werner).
dirmngr: Support pseudo URI scheme "opaque".
Wed, Jun 16, 1:16 PM
werner added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Some ideas:

  • the someflags thing will probably just be a reserved parameter
  • If DATA is not NULL but an MD is set the sign function should fail
  • Should ownership of MD be moved to the CTX?
Wed, Jun 16, 11:11 AM · FIPS, libgcrypt, Feature Request
werner added a comment to T3053: Change license for the website to CC BY-SA 4.0.

CC does not offer such an option as the GPL does.

Wed, Jun 16, 10:19 AM · Stalled, Verein, legal, gpgweb
werner added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

FWIW, there is also this newer patch: https://dev.gnupg.org/differential/diff/1476/

Wed, Jun 16, 8:40 AM · FIPS, libgcrypt, Feature Request

Tue, Jun 15

werner added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Our public key functions are stateless. For several reasons it would be good to have an option to keep some state (think pre-computations). Our gcry_ctx_t would be a perfect fit for this and it will allow us to join a pubkey function with for example a hash function.

Tue, Jun 15, 1:42 PM · FIPS, libgcrypt, Feature Request

Mon, Jun 14

werner committed rMea290108e4df: core: Also detect AuthEnvelopedData (AEAD for CMS) (authored by werner).
core: Also detect AuthEnvelopedData (AEAD for CMS)
Mon, Jun 14, 8:09 PM
werner committed rMfde20940b5ca: core: New data flags "io-buffer-size" and "sensitive". (authored by werner).
core: New data flags "io-buffer-size" and "sensitive".
Mon, Jun 14, 8:09 PM
werner changed the status of T5487: GnuPG 2.2.28 not working with Yubikey NEO from Open to Testing.

Fix will eventually go into 2.2.29. If there is enough public demand we will do a new Windows installer earlier.

Mon, Jun 14, 11:39 AM · yubikey, gnupg (gpg22), Bug Report
werner is attending E872: Weekly Standup.
Mon, Jun 14, 7:29 AM

Sun, Jun 13

werner closed T5488: PGP KEY BLOCKED as Invalid.
Sun, Jun 13, 8:52 PM · Bug Report, gpg4win
werner added a comment to T5476: PGP KEY BLOCKED.

Check out https://gnupg.org

Sun, Jun 13, 8:51 PM · Support, gpg4win

Sat, Jun 12

werner closed T5486: Typo in gpg-card --help as Resolved.

Thanks. Commited as rG755a5f1a0e3

Sat, Jun 12, 6:36 PM · Bug Report
werner committed rG755a5f1a0e33: card: Fix typo in help message (authored by nephirus).
card: Fix typo in help message
Sat, Jun 12, 6:34 PM
werner committed rDd022760ed356: Enhance formatting and wording (authored by olf).
Enhance formatting and wording
Sat, Jun 12, 4:49 PM
werner committed rD5f98e0ff3d6b: Corrected Repo README. (authored by werner).
Corrected Repo README.
Sat, Jun 12, 4:49 PM
werner committed rDa9f1006a191e: Mark this page as unmaintained and do not threaten (authored by olf).
Mark this page as unmaintained and do not threaten
Sat, Jun 12, 4:49 PM
werner committed rD600ec33e056e: Fix entry for "GnuPG 1.2.3 (2003-08-22)" (authored by olf).
Fix entry for "GnuPG 1.2.3 (2003-08-22)"
Sat, Jun 12, 4:49 PM

Fri, Jun 11

werner committed rG6b76693ff542: sm: Fix finding of issuer in use-keyboxd mode. (authored by werner).
sm: Fix finding of issuer in use-keyboxd mode.
Fri, Jun 11, 8:18 PM
werner changed External Link from https://wald.intevation.org/forum/message.php?msg_id=7746&group_id=11 to https://wald.intevation.org/forum/forum.php?thread_id=2276&forum_id=84&group_id=11 on T5335: GpgOL: Ignore unknown PR_SECURTIY_FLAGS.
Fri, Jun 11, 4:46 PM · gpgol
werner committed rO3e5c2d4a90a6: po: Tweaked the German version of a warning box (authored by werner).
po: Tweaked the German version of a warning box
Fri, Jun 11, 11:32 AM

Thu, Jun 10

werner added a project to T5480: Export keys + manual: gpg4win.

The private key contains the public key. Thus there is no need to export the public key if you already got the secret key.

Thu, Jun 10, 10:39 PM · gpg4win, Feature Request
werner closed T5482: Release GnuPG 2.2.28 as Resolved.
Thu, Jun 10, 10:35 PM · Release Info, gnupg (gpg22)
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2021q2/000460.html on T5482: Release GnuPG 2.2.28.
Thu, Jun 10, 10:35 PM · Release Info, gnupg (gpg22)
werner committed rGcd53c6d0f3be: scd: Add new card vendor. (authored by werner).
scd: Add new card vendor.
Thu, Jun 10, 9:56 PM
werner committed rDab1f54d794d6: swdb: GnuPG 2.2.28 (authored by werner).
swdb: GnuPG 2.2.28
Thu, Jun 10, 7:59 PM
werner committed rGfd2571e8fad5: Post release updates (authored by werner).
Post release updates
Thu, Jun 10, 7:44 PM
werner committed rG9f6076868ecd: Release 2.2.28 (authored by werner).
Release 2.2.28
Thu, Jun 10, 7:44 PM
werner committed rG67b039eae9ae: po: Auto updates (authored by werner).
po: Auto updates
Thu, Jun 10, 7:44 PM
werner triaged T5482: Release GnuPG 2.2.28 as Normal priority.
Thu, Jun 10, 5:42 PM · Release Info, gnupg (gpg22)
werner committed rDd5b94b419918: swdb: libksba 1.6.0 (authored by werner).
swdb: libksba 1.6.0
Thu, Jun 10, 3:17 PM
werner committed rK6b3573afb03a: Release 1.6.0 (authored by werner).
Release 1.6.0
Thu, Jun 10, 3:15 PM
werner committed rK60b2246df191: Post release updates (authored by werner).
Post release updates
Thu, Jun 10, 3:15 PM
werner closed T5479: Release LibKSBA 1.6.0 as Resolved.
Thu, Jun 10, 2:59 PM · Release Info, libksba
werner updated the task description for T5379: Release Libksba 1.5.1.
Thu, Jun 10, 2:13 PM · libksba, Release Info