Page MenuHome GnuPG

werner (Werner Koch)
EngineeringAdministrator

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (323 w, 15 h)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner added a comment to T2701: Do not let users create keys without an expiration date.

To align the default expiration time with the BSI approval and other related software we change this now to 3 years.

Mon, Jun 5, 3:06 PM · gnupg, Feature Request, gnupg (gpg22)
werner closed T5003: GpgME++: Add support for gpgme_set_expire as Resolved.
Mon, Jun 5, 3:04 PM · kleopatra, gpg4win
werner closed T5003: GpgME++: Add support for gpgme_set_expire, a subtask of T4999: GPGME: Add interface for quick-set-expire, as Resolved.
Mon, Jun 5, 3:04 PM · gpgme, kleopatra, gpg4win
werner triaged T6518: GpgOL shows a blank message if an X.509 curve is used for signing as Normal priority.
Mon, Jun 5, 2:58 PM · Restricted Project, gpgol, Feature Request
werner changed the status of T6503: Do not make use of the VirtualStore under Windows from Open to Testing.

Works in kleopatra; tested with gpg4win-4.2.0-beta339.

Mon, Jun 5, 12:53 PM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner triaged T6515: GPG in FIPS mode spits out useless "out of core handler ignored in FIPS mode" message on every execution as Normal priority.
Mon, Jun 5, 12:49 PM · FIPS, Bug Report

Fri, Jun 2

werner edited projects for T3164: The argument parser does not detect invalid integers, added: gpgrt, Bug Report; removed common.
Fri, Jun 2, 11:52 AM · Bug Report, gpgrt
werner removed a project from T5323: adduid and key expiration oddity in gpg-wks-client: gnupg (gpg23).
Fri, Jun 2, 11:49 AM · gnupg24, Bug Report, wkd

Thu, Jun 1

werner committed rDb63b05d20edf: web: Add more links to the man pages (authored by werner).
web: Add more links to the man pages
Thu, Jun 1, 4:45 PM
werner committed rD4b6480194592: web: We now have man pages online (authored by werner).
web: We now have man pages online
Thu, Jun 1, 4:36 PM
werner committed rDbd85db531f44: web: Add backlink to Mastodon (authored by werner).
web: Add backlink to Mastodon
Thu, Jun 1, 2:40 PM
werner committed rG22350d0768d3: doc: Replace remaining "gpg2" by "gpg". (authored by werner).
doc: Replace remaining "gpg2" by "gpg".
Thu, Jun 1, 12:44 PM
werner committed rE43dcdbff50fa: yat2m: Some basic HTML formatting works now. (authored by werner).
yat2m: Some basic HTML formatting works now.
Thu, Jun 1, 12:14 PM
werner raised the priority of T6511: EdDSA support in FIPS mode from Normal to High.

They re-used the same file name for the update from March and no history section. Anyway that looks promising and may solve the problem of having different algorithms allowed for restricted communication in the EU and the US.

Thu, Jun 1, 9:26 AM · FIPS, libgcrypt, Bug Report
werner triaged T6511: EdDSA support in FIPS mode as Normal priority.

My understanding is that FIPS 186-x lists more algorithms than approved for FIPS 140-y; the approved algorithms for 140-y are in the latest revisions of SP800-140. I have not checked the latter document, though.

Thu, Jun 1, 9:05 AM · FIPS, libgcrypt, Bug Report
werner triaged T6512: keyboxd with data pipe as Low priority.

See also commit rG6fcc263c18 from 2020 where I switched to D-lines.

Thu, Jun 1, 8:57 AM · gnupg26, Bug Report

Wed, May 31

werner committed rWfc1bd4cf48d5: Update to GnuPG 2.4.2 (authored by werner).
Update to GnuPG 2.4.2
Wed, May 31, 12:37 PM
werner committed rG6ed61d98a04f: Add release dates of 2.4 versions to NEWS (authored by werner).
Add release dates of 2.4 versions to NEWS
Wed, May 31, 9:39 AM
werner committed rDa74c6de1f738: web: Announce 2.4.2 (authored by werner).
web: Announce 2.4.2
Wed, May 31, 9:32 AM
werner closed T6506: Release GnuPG 2.4.2 as Resolved.
Wed, May 31, 8:48 AM · gnupg, Release Info
werner committed rD398532ab65c8: swdb: gnupg 2.4.2 (authored by werner).
swdb: gnupg 2.4.2
Wed, May 31, 8:39 AM

Tue, May 30

werner updated the task description for T6506: Release GnuPG 2.4.2.
Tue, May 30, 4:42 PM · gnupg, Release Info
werner triaged T6509: Release GnuPG 2.4.3 as Low priority.
Tue, May 30, 4:41 PM · Release Info, gnupg24
werner triaged T6507: SCRYPT does not work in FIPS mode as Normal priority.
Tue, May 30, 1:42 PM · libgcrypt, FIPS, Bug Report
werner triaged T6508: Port GnuPG to 64-bit Windows as Normal priority.
Tue, May 30, 1:41 PM · Windows 64, Feature Request, gnupg26
werner committed rMe2103be39076: cpp,python: Respect --disable-gpg-test for tests (authored by Biswapriyo Nath <nathbappai@gmail.com>).
cpp,python: Respect --disable-gpg-test for tests
Tue, May 30, 11:45 AM
werner committed rMfbc3963d6229: core: For key signing and uid revoking allow an empty user id. (authored by werner).
core: For key signing and uid revoking allow an empty user id.
Tue, May 30, 11:45 AM
werner edited projects for T5964: gnupg should use the KDFs implemented in libgcrypt, added: gnupg26; removed gnupg24.

Let's schedule that for 2.6

Tue, May 30, 10:57 AM · gnupg26, FIPS, libgcrypt, Feature Request
werner moved T6497: gpgtar does not return failure code to gpgme from QA to gnupg-2.4.2 on the gnupg24 board.
Tue, May 30, 10:55 AM · gnupg24 (gnupg-2.4.2), Bug Report, gnupg22, Restricted Project
werner moved T6503: Do not make use of the VirtualStore under Windows from QA to gnupg-2.4.2 on the gnupg24 board.
Tue, May 30, 10:54 AM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner renamed T6504: Adding an ADSK to several keys may fail with Wrong Key Usage. from Adding an ADKS to several keys may fail with Wrong Key Usage. to Adding an ADSK to several keys may fail with Wrong Key Usage..
Tue, May 30, 10:36 AM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner added a comment to rPTHa075e11080bf: w32: Initialize variable to silence compiler warning..

Hmm, gcc used to figure out that attr is initialized by npth_mutexattr_init. One of these gcc warning regressions?

Tue, May 30, 8:56 AM

Fri, May 26

werner committed rEa5a513e0fdb8: doc: Typo fix (authored by werner).
doc: Typo fix
Fri, May 26, 5:27 PM
werner moved T6421: Improve error message if no reset code (PUK) is set from Backlog to Done on the gpgrt board.
Fri, May 26, 5:19 PM · Feature Request, gnupg22, gnupg24, gpgrt
werner changed the status of T6497: gpgtar does not return failure code to gpgme from Open to Testing.
Fri, May 26, 3:57 PM · gnupg24 (gnupg-2.4.2), Bug Report, gnupg22, Restricted Project
werner committed rGea286895477f: gpgtar: Emit FAILURE status line. (authored by werner).
gpgtar: Emit FAILURE status line.
Fri, May 26, 3:56 PM
werner committed rG0d223fa9b0a7: sm: Emit STATUS_FAILURE for non-implemented commands. (authored by werner).
sm: Emit STATUS_FAILURE for non-implemented commands.
Fri, May 26, 3:56 PM
werner triaged T6506: Release GnuPG 2.4.2 as Normal priority.
Fri, May 26, 3:37 PM · gnupg, Release Info
werner changed the status of T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO from Open to Testing.
Fri, May 26, 2:32 PM · gnupg24, scd
werner committed rG2783b786a931: agent: Do not overwrite a key file by a shadow key file. (authored by werner).
agent: Do not overwrite a key file by a shadow key file.
Fri, May 26, 2:29 PM
werner committed rGa216e9c028ee: agent: Update key files by first writing to a temp file. (authored by werner).
agent: Update key files by first writing to a temp file.
Fri, May 26, 2:29 PM
werner committed rG1d23dc9389a1: agent: Create and use Token entries to track the display s/n. (authored by werner).
agent: Create and use Token entries to track the display s/n.
Fri, May 26, 2:29 PM
werner committed rGec0c35d1b8be: common: New function nve_set (authored by werner).
common: New function nve_set
Fri, May 26, 2:29 PM
werner added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

Due to back porting another change the fix for 2.2 is now also needed in 2.4.

Fri, May 26, 2:25 PM · gnupg22 (gnupg-2.2.42), Bug Report
werner committed rG7cf8c5c29158: agent: Fix printed error in findkey. (authored by werner).
agent: Fix printed error in findkey.
Fri, May 26, 2:21 PM
werner edited Description on gnupg24.
Fri, May 26, 10:07 AM
werner edited Description on gnupg24.
Fri, May 26, 10:06 AM
werner edited Description on gnupg.
Fri, May 26, 10:05 AM
werner edited projects for T6250: GPG-Agent doesn't work properly with smart cards and ed25519 keys and SSH Agent, added: gnupg; removed gnupg24.
Fri, May 26, 10:03 AM · gnupg, Documentation, ssh
werner edited projects for T6465: Store the ECDH parameters in the key file, added: gnupg26; removed gnupg24.
Fri, May 26, 10:00 AM · gnupg26, OpenPGP, scd, Bug Report

Thu, May 25

werner committed rGa391d8f4be4e: gpg: Skip keys found via ADSKs. (authored by werner).
gpg: Skip keys found via ADSKs.
Thu, May 25, 4:54 PM
werner committed rG09a96c9e1bea: gpg: Skip keys found via ADSKs. (authored by werner).
gpg: Skip keys found via ADSKs.
Thu, May 25, 4:50 PM
werner added a comment to T6375: gpg-agent race-condition with parallel clients.

GWIW: I have not done any tests but the comment below is about the case I suspected to be the cuase for your problem:

Thu, May 25, 3:13 PM · gnupg24, gpgagent, Bug Report
werner closed T3390: Showing complete OpenPGP key flags as Resolved.

See rG0988e49c45 which implements time and group but not yet the split thing because we are not shure that is good idea to have this w/o any implementation support.

Thu, May 25, 12:49 PM · gnupg24, patch, Feature Request
werner closed T6179: gnupg 2.3.7 broke YubiKey support: DBG: Curve with OID not supported: 2b06010401da470f01 as Resolved.
Thu, May 25, 12:44 PM · gnupg24, scd, Bug Report
werner removed a project from T5930: Use the FIPS-compatible digest&sign API: gnupg24.
Thu, May 25, 12:41 PM · FIPS, Feature Request
werner archived gnupg24 (gnupg-2.4.1).
Thu, May 25, 12:39 PM
werner edited projects for T6234: Implement access to smartcards via a generic pkcs#11 interface, added: gnupg26; removed gnupg24.
Thu, May 25, 12:37 PM · gnupg26, Feature Request, scd
werner closed T6504: Adding an ADSK to several keys may fail with Wrong Key Usage. as Resolved.

The fix actually does the same as my suggested workaround.

Thu, May 25, 12:03 PM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner moved T6504: Adding an ADSK to several keys may fail with Wrong Key Usage. from Backlog to gnupg-2.4.2 on the gnupg24 board.
Thu, May 25, 12:03 PM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner committed rGe9dd47d789e8: gpg: Fix searching for the ADSK key when adding an ADSK. (authored by werner).
gpg: Fix searching for the ADSK key when adding an ADSK.
Thu, May 25, 12:01 PM
werner lowered the priority of T6504: Adding an ADSK to several keys may fail with Wrong Key Usage. from High to Normal.

There is an easy workaround: Append an exclamation mark to the adsk key. This way gpg will only search for this subkey.
An example with my test keys:

Thu, May 25, 11:21 AM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner moved T6503: Do not make use of the VirtualStore under Windows from Backlog to QA on the gnupg22 board.
Thu, May 25, 11:11 AM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner committed rG625fb548998f: w32: Add missing manifests and set a requestedExecutionLevel. (authored by werner).
w32: Add missing manifests and set a requestedExecutionLevel.
Thu, May 25, 11:10 AM
werner added a comment to T2820: GPGME: Allow to set the keyring for a context.

secring.gpg is only used by unsupported legacy versions of GnuPG. Since 2.1 it is not anymore used.

Thu, May 25, 9:43 AM · Won't Fix, gpgme, Feature Request

Wed, May 24

werner committed rEc62157c615a6: core: Add hurd-amd64 support (authored by Samuel Thibault <samuel.thibault@ens-lyon.org>).
core: Add hurd-amd64 support
Wed, May 24, 4:59 PM
werner committed rE7a42ff0ec971: core: New mode flag "sequential" for gpgrt_fopen. (authored by werner).
core: New mode flag "sequential" for gpgrt_fopen.
Wed, May 24, 4:59 PM
werner renamed Spammer-TomDavise from TomDavise to Spammer-TomDavise.
Wed, May 24, 4:19 PM
werner committed rG000b82ade7ad: gpg: Return ERROR status for --quick-sign-key. (authored by werner).
gpg: Return ERROR status for --quick-sign-key.
Wed, May 24, 4:05 PM
werner committed rG8295fb3f0b4f: w32: Add missing supportedOS Ids for Windows-10 (authored by werner).
w32: Add missing supportedOS Ids for Windows-10
Wed, May 24, 2:17 PM
werner moved T6503: Do not make use of the VirtualStore under Windows from Backlog to QA on the gnupg24 board.
Wed, May 24, 1:47 PM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner committed rG3a438a1cc350: w32: Add missing manifests and set a requestedExecutionLevel. (authored by werner).
w32: Add missing manifests and set a requestedExecutionLevel.
Wed, May 24, 12:18 PM
werner committed rG42bea7de16e9: common,w32: Set a proper error code when creating an output file. (authored by werner).
common,w32: Set a proper error code when creating an output file.
Wed, May 24, 12:18 PM
werner committed rG7e681da1b217: sm: Emit STATUS_FAILURE for non-implemented commands. (authored by werner).
sm: Emit STATUS_FAILURE for non-implemented commands.
Wed, May 24, 12:18 PM
werner committed rG097701e69835: gpgtar: Emit FAILURE status line. (authored by werner).
gpgtar: Emit FAILURE status line.
Wed, May 24, 12:18 PM
werner committed rGfaf0a97b2e0b: gpg: Improve error code for file already exists. (authored by werner).
gpg: Improve error code for file already exists.
Wed, May 24, 12:18 PM

Tue, May 23

werner closed T6501: Check use of write in gpgme's Python bindings as Resolved.

Should be fixed now; see commit above.

Tue, May 23, 4:45 PM · Python, Bug Report, gpgme
werner committed rM36a68bc5308c: python: Fix wrong use of write. (authored by werner).
python: Fix wrong use of write.
Tue, May 23, 4:32 PM
werner added a comment to T6501: Check use of write in gpgme's Python bindings.

FWIW: WriteFile and write are more different than in using a HANDLE vs. a libc file descriptor. Despite that a HANDLE might be a 64 bit pointer, it is guaranteed that the value fits into a 32 bit variable. But they still index different objects. The return code and error values are also different.

Tue, May 23, 3:59 PM · Python, Bug Report, gpgme
werner added a comment to T6501: Check use of write in gpgme's Python bindings.

Much simpler: write is only used in the callbacks and over there gpgme_io_writen[n] shall be used anyway.

Tue, May 23, 3:53 PM · Python, Bug Report, gpgme
werner updated the task description for T6504: Adding an ADSK to several keys may fail with Wrong Key Usage..
Tue, May 23, 3:18 PM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner triaged T6504: Adding an ADSK to several keys may fail with Wrong Key Usage. as High priority.
Tue, May 23, 3:18 PM · gnupg24 (gnupg-2.4.2), OpenPGP, Bug Report
werner added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Hmm, for the latter this:

Tue, May 23, 3:03 PM · Emacs, gnupg, Bug Report
werner updated the task description for T6488: Kleopatra: moving decrypted Folder to USB device fails.
Tue, May 23, 1:25 PM · kleopatra, Restricted Project
werner updated the task description for T6488: Kleopatra: moving decrypted Folder to USB device fails.
Tue, May 23, 1:25 PM · kleopatra, Restricted Project
werner added a comment to T6503: Do not make use of the VirtualStore under Windows.

Kleopatra test case (similar to gpg):

Tue, May 23, 1:22 PM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner renamed T6499: Kleopatra: no error if trying to write decrypted file to write-protected folder from Do not make use of the VirtualStore under Windows. to Kleopatra: no error if trying to write decrypted file to write-protected folder.
Tue, May 23, 1:17 PM · kleopatra, Restricted Project
werner triaged T6503: Do not make use of the VirtualStore under Windows as High priority.
Tue, May 23, 1:15 PM · gnupg24 (gnupg-2.4.2), Bug Report, kleopatra, gnupg22
werner renamed T6499: Kleopatra: no error if trying to write decrypted file to write-protected folder from Kleopatra: no error if trying to write decrypted file to write-protected folder to Do not make use of the VirtualStore under Windows..
Tue, May 23, 12:44 PM · kleopatra, Restricted Project
werner triaged T6499: Kleopatra: no error if trying to write decrypted file to write-protected folder as High priority.
Tue, May 23, 12:43 PM · kleopatra, Restricted Project
werner added a comment to T6499: Kleopatra: no error if trying to write decrypted file to write-protected folder.
Tue, May 23, 12:42 PM · kleopatra, Restricted Project

Mon, May 22

werner committed rD66d4623e5861: ids: Add published draft-koch-openpgp-webkey-service-16.txt (authored by werner).
ids: Add published draft-koch-openpgp-webkey-service-16.txt
Mon, May 22, 5:14 PM
werner committed rD87110c5ddfb8: web: Improve CSS for footnotes. (authored by werner).
web: Improve CSS for footnotes.
Mon, May 22, 5:14 PM
werner committed rDe5174f234f90: ids: Prepare draft-koch-openpgp-webkey-service-16 (authored by werner).
ids: Prepare draft-koch-openpgp-webkey-service-16
Mon, May 22, 5:14 PM
werner added a project to T6501: Check use of write in gpgme's Python bindings: Python.
Mon, May 22, 10:38 AM · Python, Bug Report, gpgme
werner triaged T6501: Check use of write in gpgme's Python bindings as High priority.
Mon, May 22, 10:37 AM · Python, Bug Report, gpgme
werner added projects to T6500: Keyserver access via http-proxy isn't attempted when using standard-resolver: gnupg24, dns.

Seems it gets a record but is not able to parse it (gnupg/dirmngr/dns-stuff.c:getsrv-standard) in your setup. Not sure why it loops - need to debug it.

Mon, May 22, 9:25 AM · dns, gnupg24, Bug Report

Fri, May 19

werner moved T6497: gpgtar does not return failure code to gpgme from Backlog to WiP on the gnupg22 board.
Fri, May 19, 1:08 PM · gnupg24 (gnupg-2.4.2), Bug Report, gnupg22, Restricted Project
werner moved T6497: gpgtar does not return failure code to gpgme from Backlog to QA on the gnupg24 board.
Fri, May 19, 1:07 PM · gnupg24 (gnupg-2.4.2), Bug Report, gnupg22, Restricted Project
werner triaged T6497: gpgtar does not return failure code to gpgme as Normal priority.

Fixed in 2.4

Fri, May 19, 1:07 PM · gnupg24 (gnupg-2.4.2), Bug Report, gnupg22, Restricted Project