werner (Werner Koch)Administrator
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (192 w, 3 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner committed rG63ed2054a1f3: kbx: Better error message in case of a crippled Libgcrypt. (authored by werner).
kbx: Better error message in case of a crippled Libgcrypt.
Wed, Dec 2, 11:15 AM
werner committed rGacafa695e1e7: kbx: Better error message in case of a crippled Libgcrypt. (authored by werner).
kbx: Better error message in case of a crippled Libgcrypt.
Wed, Dec 2, 11:14 AM
werner added a reviewer for D512: Adds Microsoft Edge (Chromium) browser support: aheinecke.
Wed, Dec 2, 9:07 AM
werner added a comment to D513: Support macOS build with SIP by using posix_spawn in tests/random.

Given that this is limited to macOS I have neither objections for 1.8 nor for master

Wed, Dec 2, 9:04 AM
werner added a comment to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card.

You better wipe ecc_d_padded or use xtrymalloc_secure.

Wed, Dec 2, 8:45 AM · backport, gnupg, scd, Bug Report

Tue, Dec 1

werner added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

Put

extern char **environ;

after the the include directives.

Tue, Dec 1, 8:51 PM · Testing, MacOS, libgcrypt, Bug Report
werner added projects to T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card: Bug Report, scd, gnupg (gpg22).
Tue, Dec 1, 8:49 PM · backport, gnupg, scd, Bug Report
werner committed rG4f9ac5dac093: doc: Add parameters for batch generation of ECC keys. (authored by Jens Meißner <meissner@b1-systems.de>).
doc: Add parameters for batch generation of ECC keys.
Tue, Dec 1, 10:02 AM
werner committed rGa3f95a29b97d: doc: Add parameters for batch generation of ECC keys. (authored by Jens Meißner <meissner@b1-systems.de>).
doc: Add parameters for batch generation of ECC keys.
Tue, Dec 1, 9:59 AM
werner created T5162: Import problem due to disabled brainpool curves.
Tue, Dec 1, 9:35 AM · Bug Report, libgcrypt, gnupg (gpg22)
werner added a comment to T5141: GnuPG: Make quick-gen-key work for keys on PIV cards.

Go ahead (but w/o the /*if (keytime*)*/ line ;-)

Tue, Dec 1, 9:11 AM · gnupg (gpg23)
werner added a comment to T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.

The problem is that posix_spawn is not portable enough for libgcrypt. It is really time that we move the spawn functions from gnupg to gpgrt so that we can use them also in Libgcrypt.

Tue, Dec 1, 9:08 AM · Testing, MacOS, libgcrypt, Bug Report

Mon, Nov 30

werner updated subscribers of T5141: GnuPG: Make quick-gen-key work for keys on PIV cards.
Mon, Nov 30, 3:31 PM · gnupg (gpg23)
werner added a comment to T5141: GnuPG: Make quick-gen-key work for keys on PIV cards.

The error comes form using READKEY which is processed by gpg-agent. At this time the agent does not yet know the stub key and thus returns ENOENT. At the places before we used "SCD READKEY" which works directly with scdameon and does not need a stub file. We need to review the new(?) way of creating stub files, describe that and then fix this by either making sure tha the stub key is created first or that we use SCD READKEY there too.

Mon, Nov 30, 3:30 PM · gnupg (gpg23)
werner committed rG806547d9d243: scd:nks: Minor additions to the basic IDLM application support. (authored by werner).
scd:nks: Minor additions to the basic IDLM application support.
Mon, Nov 30, 10:19 AM
werner added a subtask for T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac: T5157: libgcrypt: ARM64 Builds on macOS fail.
Mon, Nov 30, 8:47 AM · Testing, MacOS, libgcrypt, Bug Report
werner added a parent task for T5157: libgcrypt: ARM64 Builds on macOS fail: T5159: make check fails for libgcrypt on Apple Silicon / ARM Mac.
Mon, Nov 30, 8:47 AM · toolchain, MacOS, libgcrypt, Bug Report
werner added a comment to E828: Weekly Standup.
  • Shall we support macOS on ARM in Libgcrypt 1.8?
  • What are the important task for gpgme/Python?
  • Problems with gcry_pk_testkey
Mon, Nov 30, 8:40 AM
werner added a comment to E828: Weekly Standup.

Last week:

  • 2.2.25 release
  • smartcard testing
  • Tweaks for some cards
Mon, Nov 30, 8:36 AM
werner is attending E828: Weekly Standup.
Mon, Nov 30, 8:31 AM
werner cancelled E826: Weekly Standup.
Mon, Nov 30, 8:31 AM
werner cancelled E825: Weekly Standup.
Mon, Nov 30, 8:31 AM
werner cancelled E823: Weekly Standup.
Mon, Nov 30, 8:31 AM
werner cancelled E822: Weekly Standup.
Mon, Nov 30, 8:31 AM
werner cancelled E831: Weekly Standup.
Mon, Nov 30, 8:31 AM

Sun, Nov 29

werner added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.

Why the hell do they that? The standard compiler on a system is called cc which may translated to whatever the system installs for it. gcc is a specific implementation with certain properties. Di you try CC=clang to override this?

Sun, Nov 29, 4:41 PM · toolchain, MacOS, libgcrypt, Bug Report
werner added a comment to T5157: libgcrypt: ARM64 Builds on macOS fail.

You say that you build using clang but the log shows that you invoke gcc.

Sun, Nov 29, 1:22 PM · toolchain, MacOS, libgcrypt, Bug Report
werner added projects to T5157: libgcrypt: ARM64 Builds on macOS fail: libgcrypt, MacOS, toolchain.
Sun, Nov 29, 1:21 PM · toolchain, MacOS, libgcrypt, Bug Report
werner closed T5158: E-Mails will not be decrypted as Resolved.
Sun, Nov 29, 1:19 PM · Support

Fri, Nov 27

werner closed T4427: Windows 10 update KB4489899 stops gpg-agent launching as Resolved.

No more problems reported, so I assume like @aheinecke that it has been resolved in Windows.

Fri, Nov 27, 6:36 PM · Info Needed, Windows, gpgagent, Bug Report
werner claimed T4398: Rework Console and command line handling on Windows.
Fri, Nov 27, 6:33 PM · Feature Request, gnupg (gpg23)
werner closed T5038: UTF-8 handling in the command line, a subtask of T4398: Rework Console and command line handling on Windows, as Resolved.
Fri, Nov 27, 6:33 PM · Feature Request, gnupg (gpg23)
werner closed T5038: UTF-8 handling in the command line as Resolved.

This has been fixed for Unix on 2.2 and 2.3. The command line fix for Windows is a larger thing already tracked by T4398.

Fri, Nov 27, 6:33 PM · gnupg
werner closed T5038: UTF-8 handling in the command line, a subtask of T1514: charset weirdness with non-ascii User IDs under non-UTF-8 locales, as Resolved.
Fri, Nov 27, 6:33 PM · Bug Report, gnupg
werner renamed T4398: Rework Console and command line handling on Windows from Rework Console handling on Windows to Rework Console and command line handling on Windows.
Fri, Nov 27, 6:31 PM · Feature Request, gnupg (gpg23)
werner closed T1514: charset weirdness with non-ascii User IDs under non-UTF-8 locales as Resolved.

We changed the fallback to utf-8 in 2.2 and 2.3 and thus this bug can be closed. On Windows there is still the problem with the command line. However, this is better tracked with T5038 and its related tasks.

Fri, Nov 27, 6:30 PM · Bug Report, gnupg
werner added a parent task for T5038: UTF-8 handling in the command line: T4398: Rework Console and command line handling on Windows.
Fri, Nov 27, 6:26 PM · gnupg
werner added a subtask for T4398: Rework Console and command line handling on Windows: T5038: UTF-8 handling in the command line.
Fri, Nov 27, 6:26 PM · Feature Request, gnupg (gpg23)
werner removed a project from T5038: UTF-8 handling in the command line: backport.
Fri, Nov 27, 6:23 PM · gnupg
werner added a comment to T5150: scd: For NetKey cards READKEY with keygrip fails.

Regarding a backport I think that I will eventually backport all app-*c to stable by source copying them. We have a quite stable internal API and thus it is easier to keep at least the card specific code in sync. I did some local work in this directory some time ago.

Fri, Nov 27, 5:54 PM · backport, gnupg (gpg23), scd
werner committed rG7d7a50ba7231: common: Fix fallback handling to utf-8. (authored by gniibe).
common: Fix fallback handling to utf-8.
Fri, Nov 27, 5:49 PM
werner added a commit to T5038: UTF-8 handling in the command line: rG7d7a50ba7231: common: Fix fallback handling to utf-8..
Fri, Nov 27, 5:49 PM · gnupg
werner lowered the priority of T3392: keyserver default should include pool onionbalance hkp://jirk5u4osbsr34t5.onion from Normal to Wishlist.
Fri, Nov 27, 5:39 PM · Keyserver, Feature Request, dirmngr
werner committed rGad469609b101: card: Let the APDU command prints a description of the status word. (authored by werner).
card: Let the APDU command prints a description of the status word.
Fri, Nov 27, 11:28 AM
werner committed rG0e34683a6c4b: scd: New getinfo sub-command apdu_strerror. (authored by werner).
scd: New getinfo sub-command apdu_strerror.
Fri, Nov 27, 11:28 AM
werner committed rG5804db1a13d2: card: Netkey improvement for passwd. (authored by werner).
card: Netkey improvement for passwd.
Fri, Nov 27, 10:01 AM
werner added a project to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds: backport.
Fri, Nov 27, 7:58 AM · backport, Testing, scd, gnupg

Thu, Nov 26

werner added a comment to T5155: GPGol: Will work for one user and not another on the same machine. Windows 10 Outlook 2016 GPGOL 2.4.8 (gpg4win-3.1.14).

Recall that each user has their own keys and configuration. This seems to be a general question on how to use GpgOL. Please use the help resources listed at gpg4win.org instead of this bug tracker.

Thu, Nov 26, 9:13 PM · Bug Report
werner reopened T4004: Curve25519 for Zeitcontrol card as "Open".
Thu, Nov 26, 5:08 PM · Feature Request, scd
werner added a comment to T4004: Curve25519 for Zeitcontrol card.

You are right, the new 3.4 cards support brainpool curves in addition to the nist curves.

Thu, Nov 26, 5:08 PM · Feature Request, scd
werner created T5156: Automatically dismiss the popup 'please insert card with S/N...'.
Thu, Nov 26, 5:04 PM · scd, gnupg
werner added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

Sorry, I realized this myself this morning and did couple of fixes. rG7113263a00d8 does this all however I forgot to mention the bug number.

Thu, Nov 26, 4:55 PM · Testing, gnupg, scd, yubikey, kleopatra
werner committed rG7113263a00d8: agent: Fix YK s/n and prettify the request card prompt for Yubikeys (authored by werner).
agent: Fix YK s/n and prettify the request card prompt for Yubikeys
Thu, Nov 26, 3:58 PM
werner committed rG764c69a841ab: scd: Add special serialno compare for OpenPGP cards. (authored by werner).
scd: Add special serialno compare for OpenPGP cards.
Thu, Nov 26, 12:18 PM
werner committed rGd784e763495c: scd: Do not try to use a non-enabled app after card switching. (authored by werner).
scd: Do not try to use a non-enabled app after card switching.
Thu, Nov 26, 12:18 PM
werner added a project to T5150: scd: For NetKey cards READKEY with keygrip fails: backport.
Thu, Nov 26, 7:55 AM · backport, gnupg (gpg23), scd

Wed, Nov 25

werner committed rG00037f499db8: scd:p15: Print the internal card type. (authored by werner).
scd:p15: Print the internal card type.
Wed, Nov 25, 3:51 PM
werner committed rGc7b9a4ee439e: scd:p15: Improve support for some CardOS based cards. (authored by werner).
scd:p15: Improve support for some CardOS based cards.
Wed, Nov 25, 3:30 PM
werner committed rG60e1ce66120b: g13: Add missing header (authored by werner).
g13: Add missing header
Wed, Nov 25, 10:24 AM
werner committed rG3a8250c02031: scd: Rework the handling of the displayed serial number. (authored by werner).
scd: Rework the handling of the displayed serial number.
Wed, Nov 25, 10:24 AM
werner added a commit to T5100: OpenPGP app overwrites Yubikey serial number: rG3a8250c02031: scd: Rework the handling of the displayed serial number..
Wed, Nov 25, 10:24 AM · Testing, gnupg, scd, yubikey, kleopatra

Tue, Nov 24

werner added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

Okay, I now got such a patch:

Tue, Nov 24, 6:04 PM · Testing, gnupg, scd, yubikey, kleopatra
werner added a comment to T5100: OpenPGP app overwrites Yubikey serial number.

I found a good enough solution: I changed the code to compute the OpenPGP s/n from the Yubikey s/n right after a Yubikey has been detected. Later, and if OpenPGP enabled on the YK, the S/N is already there but we use the S/N from the 0x4f DO. That is needed because we can't compute the OpenPGP version number ahead and use 0.0 in the S/N.

Tue, Nov 24, 4:24 PM · Testing, gnupg, scd, yubikey, kleopatra

Mon, Nov 23

werner closed T5039: 2.2.22 regression: Nitrokey Pro 2 is no longer recognized automatically, requires --card-status as Resolved.
Mon, Nov 23, 7:59 PM · Testing, gnupg (gpg22), Bug Report
werner closed T5140: Release GnuPG 2.2.25 as Resolved.
Mon, Nov 23, 7:59 PM · gnupg (gpg22), Release Info
werner closed T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2) as Resolved.
Mon, Nov 23, 7:59 PM · Testing, gnupg (gpg22), scd, Bug Report
werner closed T5143: YubiKey 5 Nano GPG --card-edit verify command causes a segfault as Resolved.
Mon, Nov 23, 7:59 PM · gnupg (gpg22), Bug Report
werner committed rD07745dddbd4d: swdb: GnuPG 2.2.25 (authored by werner).
swdb: GnuPG 2.2.25
Mon, Nov 23, 6:54 PM
werner committed rGabd9aeecfb57: Post release updates (authored by werner).
Post release updates
Mon, Nov 23, 6:41 PM
werner committed rG40f75823d255: Release 2.2.25 (authored by werner).
Release 2.2.25
Mon, Nov 23, 6:41 PM
werner created T5153: Release GnuPG 2.2.26.
Mon, Nov 23, 6:40 PM · Release Info, gnupg (gpg22)
werner closed T5146: Release Libksba 1.5.0 as Resolved.

Released on 2020-11-18

Mon, Nov 23, 2:17 PM · Release Info, libksba
werner set Version to 2.2.25 on T5140: Release GnuPG 2.2.25.
Mon, Nov 23, 2:16 PM · gnupg (gpg22), Release Info
werner lowered the priority of T5120: Incompatible Ed25519 secret key (no-encryption) from High to Normal.
Mon, Nov 23, 1:54 PM · gnupg (gpg22), Bug Report
werner closed T5052: Release GnuPG 2.2.24 as Resolved.

Note that if you run into problems with a smartcard you should run "gpg --card-status" once. GUI frontends usually do that and this is the reason why this regression was not detected. Will be fixed in 2.2.25 (T5140).

Mon, Nov 23, 1:52 PM · Release Info, gnupg (gpg22)
werner moved T5140: Release GnuPG 2.2.25 from Backlog to Ready for release on the gnupg (gpg22) board.
Mon, Nov 23, 1:49 PM · gnupg (gpg22), Release Info
werner added a project to T5069: Concurrent auto-start of gpg-agent by multiple gpg instances.: Info Needed.
Mon, Nov 23, 1:48 PM · Info Needed, gnupg (gpg22), Windows, Bug Report
werner closed T5080: Gpg-agent gets confused when a homedir is moved as Wontfix.
Mon, Nov 23, 1:46 PM · gnupg (gpg22), Bug Report
werner moved T5039: 2.2.22 regression: Nitrokey Pro 2 is no longer recognized automatically, requires --card-status from Backlog to Ready for release on the gnupg (gpg22) board.
Mon, Nov 23, 1:46 PM · Testing, gnupg (gpg22), Bug Report
werner moved T5065: scdaemon doesn't detect card removal after boot/resume (Identiv SPR332v2) from Backlog to Ready for release on the gnupg (gpg22) board.
Mon, Nov 23, 1:45 PM · Testing, gnupg (gpg22), scd, Bug Report
werner edited projects for T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey, added: gnupg; removed gnupg (gpg22).

Removing 2.2 tag because it has been fixed in one of the last releases.

Mon, Nov 23, 1:44 PM · gnupg, ssh, Bug Report, gpg4win
werner edited projects for T5114: GnuPG fails to import back generated and exported EdDSA secret key., added: gnupg; removed gnupg (gpg22).

Its done for 2.2 thus changing the tag.

Mon, Nov 23, 1:43 PM · gnupg, Testing, gpgagent, Bug Report
werner moved T5143: YubiKey 5 Nano GPG --card-edit verify command causes a segfault from Backlog to Ready for release on the gnupg (gpg22) board.
Mon, Nov 23, 1:41 PM · gnupg (gpg22), Bug Report
werner triaged T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired as Low priority.
Mon, Nov 23, 1:39 PM · gnupg (gpg22), Bug Report
werner committed rG572bcacc287d: doc: Fix typos (authored by glr).
doc: Fix typos
Mon, Nov 23, 12:21 PM
werner committed rG563db31467b2: doc: Fix typos (authored by glr).
doc: Fix typos
Mon, Nov 23, 12:21 PM
werner added a commit to T5071: Doc fix: simple typos: rG572bcacc287d: doc: Fix typos.
Mon, Nov 23, 12:21 PM · Documentation, Bug Report
werner closed T3972: 100% CPU usage endles loop of gpg --list-keys as Resolved.

As @dkg noted T4592 is a duplicate of this and given that we have a mitigation in place we can also close this (older) bug.

Mon, Nov 23, 12:21 PM · gnupg (gpg22)
werner added a commit to T5071: Doc fix: simple typos: rG563db31467b2: doc: Fix typos.
Mon, Nov 23, 12:21 PM · Documentation, Bug Report
werner closed T5071: Doc fix: simple typos as Resolved.

Thanks.

Mon, Nov 23, 12:14 PM · Documentation, Bug Report
werner added a comment to T5080: Gpg-agent gets confused when a homedir is moved.

Before step 2.d you should stop gpg-agent and other daemon

Mon, Nov 23, 12:04 PM · gnupg (gpg22), Bug Report
werner closed T5115: OpenPGP card factory-reset and Kleopatra as Resolved.

This was fixed in 2.2.24 with commit rG7f765a98fd662

Mon, Nov 23, 11:56 AM · kleopatra, gnupg (gpg22), scd
werner added a comment to T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired.

If you want to debug this, I suggest to use a logging socket. Put into all gpg-agent.conf files these lines:

Mon, Nov 23, 11:54 AM · gnupg (gpg22), Bug Report
werner added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

I though about this too but we need to take care about the logging functions of Libgcrypt which are intertwined with nPth (clamp function of libgpg-error).

Mon, Nov 23, 9:01 AM · Feature Request, gpgagent
werner added a comment to E819: Weekly Standup.

Last week:

  • GnuPG 2.2.24 release and bug fixing
  • LDAP research
Mon, Nov 23, 8:45 AM
werner is attending E819: Weekly Standup.
Mon, Nov 23, 8:42 AM

Sun, Nov 22

werner triaged T5151: GPGME++ : bad passphrase problems as High priority.
Sun, Nov 22, 10:22 AM · segv, gpgme, Bug Report
werner set the color for !assert to Orange.
Sun, Nov 22, 10:22 AM
werner edited Description on segv.
Sun, Nov 22, 10:20 AM
werner set the color for segv to Red.
Sun, Nov 22, 10:18 AM