Page MenuHome GnuPG

werner (Werner Koch)
EngineeringAdministrator

Projects

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (267 w, 6 d)
Roles
Administrator
Availability
Available

Recent Activity

Fri, May 13

werner closed T5597: First 8 bytes of cache item left in clear in memory after decryption. as Resolved.
Fri, May 13, 4:10 PM · libgcrypt, symmetric, Bug Report
werner closed T5592: AppImage of Kleopatra as Resolved.

We meanwhile released two versions to our clients and are looking on how we can make it available to the community.

Fri, May 13, 4:09 PM · Restricted Project, kleopatra, Feature Request
werner closed T5598: AppImage of gpg, a subtask of T5592: AppImage of Kleopatra, as Resolved.
Fri, May 13, 4:08 PM · Restricted Project, kleopatra, Feature Request
werner closed T5598: AppImage of gpg as Resolved.

We have everything ready for a GnuPG Desktop Appimage but we first need a business case to maintain it.

Fri, May 13, 4:08 PM · AppImage, gnupg, Restricted Project, Feature Request
werner lowered the priority of T5478: Kleopatra: Performance problems decrypting and encrypting large Archives from High to Normal.

We have a workaround by using a recent version of gpgtar directly. Thus lowering priority.

Fri, May 13, 4:01 PM · Restricted Project, gpgme, kleopatra
werner renamed T5574: Doubled characters in Windows console output from GPG Portable on USB-Stick - Problems with GnuPG 2.2.30 to Doubled characters in Windows console output.
Fri, May 13, 3:58 PM · gnupg, Windows, gpgrt, Bug Report
werner edited projects for T5574: Doubled characters in Windows console output, added: gpgrt, Windows; removed Info Needed.
Fri, May 13, 3:56 PM · gnupg, Windows, gpgrt, Bug Report
werner closed T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared as Resolved.
Fri, May 13, 3:48 PM · toolchain, libksba, Bug Report
werner triaged T5712: Yubikey 5 NFC only recognized immediately after it is inserted as Normal priority.
Fri, May 13, 3:46 PM · Documentation, Bug Report
werner triaged T5803: outlook restarts on adding a address to a new email as Normal priority.

Please disable all other Add-Ins as well as extra security tools running on that machine to see whether there is some interference with them.

Fri, May 13, 3:45 PM · gpgol, Bug Report, gpg4win
werner triaged T5518: "Direct Action" to E-Mail not stable as Normal priority.
Fri, May 13, 3:42 PM · gpgol, Bug Report, gpg4win
werner renamed T5950: Allow viewing expired certificates more easily from can not encrypt for others to Allow viewing expired certificates more easily.
Fri, May 13, 3:40 PM · Restricted Project, kleopatra, Feature Request
werner triaged T5950: Allow viewing expired certificates more easily as Normal priority.
Fri, May 13, 3:38 PM · Restricted Project, kleopatra, Feature Request
werner added a comment to T5950: Allow viewing expired certificates more easily.

But only with an option - in general showing expired keys is annoying. For revoked keys the situation is different in case of a compromise - but many users revoke old keys anyway and we don't make use of the revocation reason. If we would consider the latter the UI/Support would be more complicated than useful.

Fri, May 13, 2:49 PM · Restricted Project, kleopatra, Feature Request
werner added projects to T3391: cannot import subkey that was once marked to be on a card: scd, gpgagent.
Fri, May 13, 2:43 PM · gpgagent, scd, gnupg, OpenPGP, Bug Report
werner triaged T5977: Smartcard PIN stays in clear in memory as High priority.
Fri, May 13, 2:40 PM · pinentry, scd, gnupg (gpg22), Bug Report
werner triaged T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s) as High priority.

Thanks for opening a ticket.

Fri, May 13, 2:36 PM · gnupg (gpg22), scd, patch
werner committed rD8fef33473764: ids: Submitted draft-koch-openpgp-webkey-service-14 (authored by werner).
ids: Submitted draft-koch-openpgp-webkey-service-14
Fri, May 13, 9:45 AM
werner committed rD7c7c49427dcc: ids: Update draft-koch-openpgp-webkey-service (authored by werner).
ids: Update draft-koch-openpgp-webkey-service
Fri, May 13, 9:45 AM
werner committed rDba0fc860c0fe: ids: Prepare draft-koch-openpgp-webkey-service-14 (authored by werner).
ids: Prepare draft-koch-openpgp-webkey-service-14
Fri, May 13, 9:45 AM
werner committed rD18471d838791: swdb: New w3 build for gnupg 2.2 (authored by werner).
swdb: New w3 build for gnupg 2.2
Fri, May 13, 9:45 AM
werner triaged T5973: libgcrypt: Minor test issues reported by coverity as Normal priority.

Thanks. Should be applied.

Fri, May 13, 8:16 AM · patch, libgcrypt, Bug Report
werner added a project to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd'): hppa.
Fri, May 13, 8:06 AM · hppa, libgcrypt, Gentoo, Bug Report
werner triaged T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd') as Normal priority.
Fri, May 13, 8:06 AM · hppa, libgcrypt, Gentoo, Bug Report
werner created hppa.
Fri, May 13, 8:05 AM
werner triaged T5975: Allow signature verification using specific RSA keys <2k in FIPS mode as Normal priority.

I can imagine thar there are use cases for this. Thus I see no problems for the first part.

Fri, May 13, 8:00 AM · patch, libgcrypt, FIPS, Feature Request

Wed, May 11

werner triaged T5972: Can't insert charaters in a magic-wand generated password as Normal priority.
Wed, May 11, 5:18 PM · Testing, Restricted Project, gnupg (gpg22), gpgagent, pinentry
werner added a comment to T5950: Allow viewing expired certificates more easily.

Please check the 2020 certificate by using the details dialog. Has it a valid encryption subkey?

Wed, May 11, 8:59 AM · Restricted Project, kleopatra, Feature Request
werner triaged T5816: gcrypt mailing list is down as High priority.
Wed, May 11, 8:09 AM · gpgweb, Bug Report
werner added a comment to T5816: gcrypt mailing list is down.

it was noted that this also affects other ML hosted there like those of freie-software.org

Wed, May 11, 8:09 AM · gpgweb, Bug Report

Tue, May 10

werner committed rG5e5df82b5f28: scd:openpgp: New card vendor. (authored by werner).
scd:openpgp: New card vendor.
Tue, May 10, 4:21 PM

Mon, May 9

werner added a project to T5966: keyboxd issue building gnupg-2.3.6 (almost identical toT5406): gnupg (gpg23).
Mon, May 9, 7:18 AM · Testing, gnupg (gpg23), Bug Report

Fri, May 6

werner committed rG3d7d7e8bfd12: scd:p15: Improve the displayed S/N for Technology Nexus cards. (authored by werner).
scd:p15: Improve the displayed S/N for Technology Nexus cards.
Fri, May 6, 11:46 AM
werner committed rG6f612fd5f6d8: scd:p15: Fix the the sanity check of the displayed S/N. (authored by werner).
scd:p15: Fix the the sanity check of the displayed S/N.
Fri, May 6, 11:46 AM
werner committed rG91acbdc93c8a: scd:p15: Improve the displayed S/N for Technology Nexus cards. (authored by werner).
scd:p15: Improve the displayed S/N for Technology Nexus cards.
Fri, May 6, 11:38 AM
werner committed rG8efe738c4a09: scd:p15: Fix the the sanity check of the displayed S/N. (authored by werner).
scd:p15: Fix the the sanity check of the displayed S/N.
Fri, May 6, 11:38 AM
werner added a comment to T5965: gpgme: Inconsistent secret subkey flag when listing keys with different modes.

No sure, you could also consider the is_cardkey flag to mean that a secret key might be available. FWIW, GPA sets it internal secret key flag based on the type of listing done; thus I see no problem if you want to change the behaviour.

Fri, May 6, 8:33 AM · gpgme, Restricted Project

Thu, May 5

werner committed rG36a5509e11c8: gpg: Minor robustness fix. (authored by werner).
gpg: Minor robustness fix.
Thu, May 5, 2:13 PM
werner committed rGd60f930d9b00: scd: New debug flags "card". (authored by werner).
scd: New debug flags "card".
Thu, May 5, 2:13 PM
werner committed rG7f029eef6ce1: scd:p15: Fix reading certificates without length info. (authored by werner).
scd:p15: Fix reading certificates without length info.
Thu, May 5, 2:13 PM
werner committed rGbbcca7357b01: scd:p15: Fix reading certificates without length info. (authored by werner).
scd:p15: Fix reading certificates without length info.
Thu, May 5, 1:46 PM
werner committed rG7dc569392622: scd: New debug flags "card". (authored by werner).
scd: New debug flags "card".
Thu, May 5, 1:46 PM
werner added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

Ours are even newer (5.4.3). Did you the Yubico tools to switch to curve443?
In any case, is it possible that you apply my fix and test again?

Thu, May 5, 10:06 AM · Testing, backport, yubikey, scd, segv, Bug Report
werner committed rG385f4841330e: scd:openpgp: Fix a segv for cards supporting unknown curves. (authored by werner).
scd:openpgp: Fix a segv for cards supporting unknown curves.
Thu, May 5, 9:55 AM
werner added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

Your Yubikey's firmware version is 5.2.7 - let me see what versions we have in stock to test my fix.

Thu, May 5, 9:51 AM · Testing, backport, yubikey, scd, segv, Bug Report
werner triaged T5952: Can't uninstall gpg4win with Ansible as Normal priority.
Thu, May 5, 8:41 AM · Support, gpg4win
werner triaged T5964: gnupg should use the KDFs implemented in libgcrypt as Normal priority.

When we implemented this first, Libgcrypt had no appropriate KDF support. I recall that I considered to change this but it turned out the for 2.2 the changes are too large. For 2.3 we will consider such a change.

Thu, May 5, 8:40 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request

Wed, May 4

werner updated subscribers of T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

I am not sure about the crash but the unknown curve is
1.3.6.1.4.1.11591.15.1.2 which seems to be a GNU OID for curve448

Wed, May 4, 2:38 PM · Testing, backport, yubikey, scd, segv, Bug Report
werner added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

What I would do in this case is to stop the gnupg daemon amd anything whiuch might start them and run scdaemon under valgrind.

Wed, May 4, 10:13 AM · Testing, backport, yubikey, scd, segv, Bug Report

Tue, May 3

werner committed rW8d5439e75dca: Update binary version of GnuPG with Authenticode signed builds. (authored by werner).
Update binary version of GnuPG with Authenticode signed builds.
Tue, May 3, 12:18 PM
werner committed rWa7e52329f0e5: Fix quoting in AUTHENTICODE_sign make template (authored by werner).
Fix quoting in AUTHENTICODE_sign make template
Tue, May 3, 12:18 PM
werner committed rW032b1776dc8a: Fix use of osslsigncode along with stow (authored by werner).
Fix use of osslsigncode along with stow
Tue, May 3, 12:18 PM
werner committed rW356765895426: appimage: Micro fix (authored by werner).
appimage: Micro fix
Tue, May 3, 12:18 PM
werner added a project to T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime": backport.
Tue, May 3, 11:21 AM · backport, Testing, FIPS, libgcrypt, Bug Report
werner added a project to T5918: Disable RSA PKCS #1.5 encryption in FIPS mode: backport.
Tue, May 3, 11:17 AM · backport, Testing, libgcrypt, FIPS, Bug Report

Mon, May 2

werner added a project to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com: workaround.
Mon, May 2, 10:19 AM · workaround, Testing, gnupg (gpg23), ssh, Bug Report, scd
werner added a comment to rG4fe8859541d0: gpgscm: Fix handling an error for chdir..

FWIW, the original idea with gpgscm was to provide code which does no rely on any gpg stuff so it can be merged back into upstream. I am not sure whether this still makes sense.

Mon, May 2, 9:54 AM

Fri, Apr 29

werner committed rW499a8e7ad93a: appimage: Minor fix (authored by werner).
appimage: Minor fix
Fri, Apr 29, 2:58 PM
werner triaged T5955: pinentry-efl sends warnings to stderr, does not close windows during getpin as Normal priority.
Fri, Apr 29, 9:46 AM · efl, pinentry, Bug Report
werner created efl.
Fri, Apr 29, 9:45 AM

Thu, Apr 28

werner triaged T5575: Supplying more than one passphrase or PIN using passphrase-fd as Low priority.
Thu, Apr 28, 9:12 AM · gnupg, yubikey, Feature Request
werner closed T5513: Outlook download external content crash as Resolved.

Please try a decent version of Gpg4win - we have fixed dozens of bugs in the mean time If the problems persists, please re-open this bug.

Thu, Apr 28, 9:05 AM · Too Old, gpgol, Bug Report, gpg4win
werner triaged T5798: Empty emails in Outlook - conflict between gpgOl & ESET (antivirus add-in) as Low priority.

Conflicts between Add-Ins are often unavoidable. We have a list of known issues at:
https://wiki.gnupg.org/GpgOL/IncompatibleAddons
If you have more information on that ESET thingy please enter it into the above wiki or leave some description here.

Thu, Apr 28, 9:04 AM · Add-In-conflict, gpgol, gpg4win
werner created Add-In-conflict.
Thu, Apr 28, 9:00 AM
werner lowered the priority of T5931: OpenSSH 8.9 and 9.0 can't authenticate with gpg-agent and usb token from High to Normal.
Thu, Apr 28, 8:55 AM · Testing, gnupg (gpg23), ssh, gpgagent
werner closed T5801: Kleopatra: Add support for the new dirmngr/ldapserver option to configure X.509 servers as Resolved.
Thu, Apr 28, 8:53 AM · Restricted Project, kleopatra
werner closed T5793: gpgsm: Wrong length when parsing octetstring in constructed encoding + definite length as Resolved.
Thu, Apr 28, 8:52 AM · Testing, S/MIME, gnupg (gpg22)
werner closed T5856: Forcing aead when creating sign & encrypted files creates inconsistent results as Resolved.
Thu, Apr 28, 8:52 AM · gnupg (gpg23), Bug Report
werner closed T5751: Please remove pgp.surf.nl from default dirmngr config as Resolved.
Thu, Apr 28, 8:50 AM · dirmngr, Keyserver
werner closed T5940: crash importing truncated subkeys as Resolved.
Thu, Apr 28, 8:49 AM · Bug Report, gnupg
werner closed T5941: gnupg 2.3.5 hangs on key import as Resolved.
Thu, Apr 28, 8:49 AM · Testing, gnupg (gpg23), Bug Report
werner closed T5821: gpgsm "certificate not found" error handling should use gpg_err_code() instead of -1 as Resolved.
Thu, Apr 28, 8:48 AM · Testing, gnupg (gpg23), Bug Report
werner triaged T5942: scdaemon is blocking system shutdown as Low priority.
Thu, Apr 28, 8:48 AM · Support, scd, gpgagent
werner edited projects for T5952: Can't uninstall gpg4win with Ansible, added: Support; removed Bug Report.
Thu, Apr 28, 8:47 AM · Support, gpg4win
werner closed T5954: Building for windows requires gpgrt (libgpg-error) 1.45, but configure.ac claims 1.27 as Wontfix.

Use our build system and things work. In particular you need to use the software versions as listed at versions.gnupg.org and available via the build-auch/getswdb.sh. Even better use the speedo build system for Windows. Everything else is not a supported build configuration.

Thu, Apr 28, 8:45 AM · gnupg (gpg22), Bug Report

Wed, Apr 27

werner committed rW2ec8836b7de4: appimage: Update /etc/gnupg-vsd (authored by werner).
appimage: Update /etc/gnupg-vsd
Wed, Apr 27, 2:40 PM
werner awarded T5948: Flaky test (<keyboxd>tests/openpgp/use-exact-key.scm) failure with gnupg 2.3.5, 2.3.6 a Cup of Joe token.
Wed, Apr 27, 8:34 AM · Testing, gnupg (gpg23), Bug Report

Tue, Apr 26

werner committed rWa9049746f861: Fix quoting of the osslsigncode options. (authored by werner).
Fix quoting of the osslsigncode options.
Tue, Apr 26, 6:00 PM
werner committed rW12a2b4ddd67c: Fix GnuPG 2.2 download directory. (authored by werner).
Fix GnuPG 2.2 download directory.
Tue, Apr 26, 4:53 PM
werner committed rW99278e8a105f: Use script to get rid of M4 fun. (authored by werner).
Use script to get rid of M4 fun.
Tue, Apr 26, 4:52 PM
werner triaged T5948: Flaky test (<keyboxd>tests/openpgp/use-exact-key.scm) failure with gnupg 2.3.5, 2.3.6 as Normal priority.
Tue, Apr 26, 8:38 AM · Testing, gnupg (gpg23), Bug Report

Mon, Apr 25

werner committed rW4f78bdca8ebc: Update to GnuPG 2.2.35 (authored by werner).
Update to GnuPG 2.2.35
Mon, Apr 25, 7:18 PM
werner closed T5928: Release GnuPG 2.2.35 as Resolved.
Mon, Apr 25, 7:12 PM · Release Info, gnupg (gpg22)
werner added a project to T5948: Flaky test (<keyboxd>tests/openpgp/use-exact-key.scm) failure with gnupg 2.3.5, 2.3.6: gnupg (gpg23).
Mon, Apr 25, 7:10 PM · Testing, gnupg (gpg23), Bug Report
werner committed rD3d2543843f4e: swdb: GnuPG 2.2.35 (authored by werner).
swdb: GnuPG 2.2.35
Mon, Apr 25, 7:09 PM
werner committed rG740c02f33aa2: Post release updates (authored by werner).
Post release updates
Mon, Apr 25, 7:05 PM
werner committed rGfd93b1a48f6c: po: Auto update (authored by werner).
po: Auto update
Mon, Apr 25, 7:05 PM
werner committed rG47ee0101ddfd: po: Fix a fuzzy in the German translation (authored by werner).
po: Fix a fuzzy in the German translation
Mon, Apr 25, 7:05 PM
werner committed rGf7bc6f50496b: Release 2.2.35 (authored by werner).
Release 2.2.35
Mon, Apr 25, 7:05 PM
werner triaged T5949: Release GnuPG 2.2.36 as Low priority.
Mon, Apr 25, 6:20 PM · gnupg (gpg22), Release Info
werner committed rD9c45ec252ad0: swdb: GnuPG 2.3.6 (authored by werner).
swdb: GnuPG 2.3.6
Mon, Apr 25, 5:02 PM
werner committed rWef0d98d81372: Update to GnuPG 2.3.6 (authored by werner).
Update to GnuPG 2.3.6
Mon, Apr 25, 4:56 PM
werner closed T4729: WKD via http_proxy does not work if DNS is broken/unavailable as Resolved.

Was fixed in 2.3.5

Mon, Apr 25, 4:53 PM · gnupg (gpg22), Restricted Project, dns, dirmngr
werner committed rG3a8164e69c3e: Release 2.3.6 (authored by werner).
Release 2.3.6
Mon, Apr 25, 4:38 PM
werner committed rG73ef575fe1e1: Post release updates (authored by werner).
Post release updates
Mon, Apr 25, 4:38 PM
werner committed rG638354b1179d: po: Auto update (authored by werner).
po: Auto update
Mon, Apr 25, 4:38 PM
werner committed rGd0a0c3f47908: po: Fixed two fuzzies in the Japanese translation (authored by werner).
po: Fixed two fuzzies in the Japanese translation
Mon, Apr 25, 4:38 PM
werner committed rG12b3666ebd6c: po: Update German translation (authored by werner).
po: Update German translation
Mon, Apr 25, 4:38 PM
werner updated the task description for T5937: Release GnuPG 2.3.6.
Mon, Apr 25, 4:37 PM · Release Info, gnupg (gpg23)
werner triaged T5947: Release GnuPG 2.3.7 as Low priority.
Mon, Apr 25, 4:35 PM · Release Info, gnupg (gpg23)