werner (Werner Koch)Administrator
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (171 w, 4 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner added a comment to T4991: gpgme: Fails to build with latest gpg-2.2.21 update.

Pretty please write a useful bug report; we need information on versions, OSes, compilers, any special environment, and all the steps you did to get the build failure. The configure run already prints a lot of useful information; you may want to extract them or provide a complete build log.

Fri, Jul 10, 8:57 PM · gpgme, Bug Report
werner added a comment to T4951: Support point compression in Libgcrypt.

Creating is not that useful - we prefer modern curves anyway.

Fri, Jul 10, 9:21 AM · Feature Request, libgcrypt
werner added a comment to T4951: Support point compression in Libgcrypt.

I think that retrieving a parameter in compressed format is all what we need as per API.

Fri, Jul 10, 9:20 AM · Feature Request, libgcrypt

Thu, Jul 9

werner added a comment to T4933: Incorrect expiration time of created subkey.

Because a few minutes don't matter. If you have the time to figure the reason out, please go ahead. It might be that we take the timestamp in the addkey case earlier and only set the expiration date after the key has been created.

Thu, Jul 9, 7:31 PM · gnupg (gpg22), Bug Report
werner added a comment to T4988: Kleopatra key generation does not use default algorithms 3072 but 2048.

The default for GnuPG 2.2 is still 2048 (Debian changed that in their distributed version). The reason for this is that we don't want to generate such keys but move on to Curve25519 for the new defaults.

Thu, Jul 9, 3:55 PM · kleopatra
werner committed rGb4501fc82625: doc: Add news entries from the latest 2.2 releases. (authored by werner).
doc: Add news entries from the latest 2.2 releases.
Thu, Jul 9, 2:47 PM
werner committed rDf06a29dccd90: web: Link release infos of GnuPG 2.2.21 and Libgcrypt 1.8.6. (authored by werner).
web: Link release infos of GnuPG 2.2.21 and Libgcrypt 1.8.6.
Thu, Jul 9, 2:29 PM
werner closed T2103: Improve the pinentry password quality indication as Resolved.
Thu, Jul 9, 1:16 PM · gnupg (gpg23), Feature Request
werner closed T4908: ECDH with AES-128 decryption failure when fully padded as Resolved.
Thu, Jul 9, 1:16 PM · Testing, gnupg (gpg22), Bug Report
werner closed T4856: GPG: Key Exchange Put public OpenPGP key into signature as Resolved.
Thu, Jul 9, 1:15 PM · Feature Request, gpgol, Keyserver, gnupg
werner committed rDf5b6fe90d09f: swdb: Release GnuPG 2.2.21 (authored by werner).
swdb: Release GnuPG 2.2.21
Thu, Jul 9, 1:15 PM
werner closed T4897: Release GnuPG 2.2.21 as Resolved.
Thu, Jul 9, 1:13 PM · gnupg (gpg22), Release Info
werner committed rG68dd4f43988b: Post release updates (authored by werner).
Post release updates
Thu, Jul 9, 1:06 PM
werner committed rGbe6fc39ed9b4: Release 2.2.21 (authored by werner).
Release 2.2.21
Thu, Jul 9, 1:06 PM
werner committed rG211465ed63b8: po: Auto update (authored by werner).
po: Auto update
Thu, Jul 9, 1:06 PM
werner committed rGca9eb912d6aa: po: Minor update to the Hungarian translation (authored by Nagy Ferenc László <nfl@nfllab.com>).
po: Minor update to the Hungarian translation
Thu, Jul 9, 1:06 PM
werner committed rG3a6eaf89e02f: po: Update the German translation (authored by werner).
po: Update the German translation
Thu, Jul 9, 1:06 PM
werner edited subtasks for T4989: Gpg4win-4.0.0, added: T4702: Release GnuPG 2.3.0; removed: T4990: Release GnuPG 2.3.0.
Thu, Jul 9, 12:23 PM · gpg4win, Release Info
werner added a parent task for T4702: Release GnuPG 2.3.0: T4989: Gpg4win-4.0.0.
Thu, Jul 9, 12:23 PM · Release Info, gpg4win, gnupg
werner removed a parent task for T4990: Release GnuPG 2.3.0: T4989: Gpg4win-4.0.0.
Thu, Jul 9, 12:23 PM · gnupg (gpg23), Release Info
werner closed T4990: Release GnuPG 2.3.0 as Spite.

Duplicate - see T4702 instead

Thu, Jul 9, 12:23 PM · gnupg (gpg23), Release Info
werner closed T4990: Release GnuPG 2.3.0, a subtask of T4989: Gpg4win-4.0.0, as Spite.
Thu, Jul 9, 12:23 PM · gpg4win, Release Info
werner changed Due Date from Dec 20 2019, 12:00 AM to Sep 30 2020, 12:00 AM on T4702: Release GnuPG 2.3.0.
Thu, Jul 9, 12:21 PM · Release Info, gpg4win, gnupg
werner created T4990: Release GnuPG 2.3.0.
Thu, Jul 9, 12:19 PM · gnupg (gpg23), Release Info
werner closed T4959: confusing output when running `gpg --delete-secrete-keys` without name as Resolved.
Thu, Jul 9, 11:28 AM · gnupg (gpg22), Bug Report
werner committed rG5cb0156504df: gpg: Print a note if no args are given to --delete-key (authored by werner).
gpg: Print a note if no args are given to --delete-key
Thu, Jul 9, 11:26 AM
werner added a commit to T4959: confusing output when running `gpg --delete-secrete-keys` without name: rG5cb0156504df: gpg: Print a note if no args are given to --delete-key.
Thu, Jul 9, 11:26 AM · gnupg (gpg22), Bug Report
werner committed rG212f9b20b5f7: gpg: Print a note if no args are given to --delete-key (authored by werner).
gpg: Print a note if no args are given to --delete-key
Thu, Jul 9, 11:25 AM
werner added a commit to T4959: confusing output when running `gpg --delete-secrete-keys` without name: rG212f9b20b5f7: gpg: Print a note if no args are given to --delete-key.
Thu, Jul 9, 11:25 AM · gnupg (gpg22), Bug Report
werner closed T4825: gpg --weak-digest SHA1 incurs a serious performance cost for `--check-trustdb` as Invalid.
Thu, Jul 9, 11:02 AM · gnupg (gpg22), Bug Report
werner closed T4933: Incorrect expiration time of created subkey as Wontfix.

I won't fix it. In fact it can't anyway be completely fixed because gpg has code to make sure that a new key is at least one second newer than the previous generated.

Thu, Jul 9, 11:00 AM · gnupg (gpg22), Bug Report
werner closed T4971: Pass setrepeat to pinentry for symmetric encryption, too as Resolved.

It has now been implemented for all types of symmetric encryption (not just -cs). To go into 2.2.21

Thu, Jul 9, 10:54 AM · gnupg (gpg22)
werner added a comment to T4246: GnuPG master does not allow decryption with bad usage flags (regression).

The first, I guess. The problem is that you are technical capable of _decryption_ but gpg does not allow this because for some reasons the key is arbitrary limited to signing. A warning message should be printed in thus a case but decryption should succeed.

Thu, Jul 9, 10:41 AM · Testing, Bug Report, gnupg (gpg23)

Wed, Jul 8

werner committed rGb451c4f5ea67: Do not use the pinentry's qualitybar (authored by werner).
Do not use the pinentry's qualitybar
Wed, Jul 8, 4:21 PM
werner committed rGd9e2dfa4c585: agent: New option --newsymkey for GET_PASSPHRASE (authored by werner).
agent: New option --newsymkey for GET_PASSPHRASE
Wed, Jul 8, 4:21 PM
werner committed rGae8b88c63542: gpg: Use integrated passphrase repeat entry also for -c. (authored by werner).
gpg: Use integrated passphrase repeat entry also for -c.
Wed, Jul 8, 4:21 PM
werner committed rG7b6071a45fbf: gpg: Fix flaw in symmetric algorithm selection in mixed mode. (authored by werner).
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
Wed, Jul 8, 4:21 PM
werner added a comment to T2103: Improve the pinentry password quality indication.

The qualitybar has now been removed from 2.2 and master.

Wed, Jul 8, 4:18 PM · gnupg (gpg23), Feature Request
werner committed rG999d25d47d45: Do not use the pinentry's qualitybar (authored by werner).
Do not use the pinentry's qualitybar
Wed, Jul 8, 2:54 PM
werner committed rGeace4bbe1ded: agent: New option --newsymkey for GET_PASSPHRASE (authored by werner).
agent: New option --newsymkey for GET_PASSPHRASE
Wed, Jul 8, 2:45 PM
werner committed rGa6a4bbf6debd: gpg: Use integrated passphrase repeat entry also for -c. (authored by werner).
gpg: Use integrated passphrase repeat entry also for -c.
Wed, Jul 8, 2:45 PM
werner committed rG9ee975d588ee: gpgsm: Replace all assert calls by log_assert. (authored by werner).
gpgsm: Replace all assert calls by log_assert.
Wed, Jul 8, 2:45 PM

Tue, Jul 7

werner committed rG6864bba78e76: gpg: Fix flaw in symmetric algorithm selection in mixed mode. (authored by werner).
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
Tue, Jul 7, 1:00 PM

Mon, Jul 6

werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000445.html on T4985: Release Libgcrypt 1.8.6.
Mon, Jul 6, 6:46 PM · libgcrypt, Release Info
werner committed rD77bb6be9879a: swdb: libgcrypt 1.8.6 (authored by werner).
swdb: libgcrypt 1.8.6
Mon, Jul 6, 6:42 PM
werner added a project to T4985: Release Libgcrypt 1.8.6: libgcrypt.
Mon, Jul 6, 4:10 PM · libgcrypt, Release Info
werner closed T4869: constant-time mpi_invm as Resolved.
Mon, Jul 6, 4:10 PM · libgcrypt
werner closed T4818: libgcrypt build failures on several platforms as Resolved.
Mon, Jul 6, 4:09 PM · Solaris, libgcrypt, Bug Report
werner closed T4985: Release Libgcrypt 1.8.6 as Resolved.
Mon, Jul 6, 4:09 PM · libgcrypt, Release Info
werner committed rC31bb4f3210df: mpi: Consider +0 and -0 the same in mpi_cmp. (authored by werner).
mpi: Consider +0 and -0 the same in mpi_cmp.
Mon, Jul 6, 3:57 PM
werner committed rCc917ebb48d1b: Post release updates (authored by werner).
Post release updates
Mon, Jul 6, 3:57 PM
werner committed rCcfdc44bf08a3: Release 1.8.6 (authored by werner).
Release 1.8.6
Mon, Jul 6, 3:57 PM
werner committed rC1f3a92e103d4: mpi: Consider +0 and -0 the same in mpi_cmp. (authored by werner).
mpi: Consider +0 and -0 the same in mpi_cmp.
Mon, Jul 6, 12:50 PM
werner created T4986: Libgcrypt bug in GCM for arm64 troubles OMEMO.
Mon, Jul 6, 11:10 AM
werner created T4985: Release Libgcrypt 1.8.6.
Mon, Jul 6, 10:58 AM · libgcrypt, Release Info
werner closed T4833: libgcrypt: bug in _gcry_poly1305_armv7_neon_init_ext as Resolved.
Mon, Jul 6, 10:54 AM · libgcrypt, Bug Report
werner added a comment to T4951: Support point compression in Libgcrypt.

We will need this for 1.9

Mon, Jul 6, 10:49 AM · Feature Request, libgcrypt
werner added a comment to T4966: Jitter entropy RNG disable on non-x86?.

Yes please.

Mon, Jul 6, 10:45 AM · libgcrypt, Bug Report
werner added a comment to E664: Weekly Standup.

Last week:

  • Improved parts of our S/MIME support
  • Briefly looked at PDF signatures
Mon, Jul 6, 9:31 AM
werner added a comment to T4694: manage first-party attestations.

Yes, its on my agenda.

Mon, Jul 6, 9:13 AM · Feature Request

Fri, Jul 3

werner committed rG4a36adaa6431: sm: Exclude rsaPSS from de-vs compliance mode. (authored by werner).
sm: Exclude rsaPSS from de-vs compliance mode.
Fri, Jul 3, 5:11 PM
werner committed rG969abcf40cdf: sm: Exclude rsaPSS from de-vs compliance mode. (authored by werner).
sm: Exclude rsaPSS from de-vs compliance mode.
Fri, Jul 3, 4:18 PM

Thu, Jul 2

werner added a comment to T4981: internationalization (support UNICODE/UTF-8 character set).

Your welcome.

Thu, Jul 2, 9:19 PM · i18n, FreeBSD, Feature Request
werner committed rGc1663c690b29: scd:nks: Implement writecert for the Signature card v2. (authored by werner).
scd:nks: Implement writecert for the Signature card v2.
Thu, Jul 2, 6:36 PM
werner committed rGdaca1a011b0e: dirmngr: Silence annoying warning for missing default ldap server file. (authored by werner).
dirmngr: Silence annoying warning for missing default ldap server file.
Thu, Jul 2, 4:22 PM
werner committed rGf55a05a69ba0: dirmngr: Silence annoying warning for missing default ldap server file. (authored by werner).
dirmngr: Silence annoying warning for missing default ldap server file.
Thu, Jul 2, 4:19 PM
werner closed T4758: gnupg-2.2.18/dirmngr/ldap-parse-uri.c:57:27: style: Same expression on both sides of '||'. as Resolved.

Fixed; In master the code already uses our generic scheme parser.

Thu, Jul 2, 4:10 PM · LDAP, dirmngr, Bug Report
werner committed rG0795ab1c8f95: dirmngr: Fix case handling of "ldapi" scheme. (authored by werner).
dirmngr: Fix case handling of "ldapi" scheme.
Thu, Jul 2, 4:07 PM
werner added a commit to T4758: gnupg-2.2.18/dirmngr/ldap-parse-uri.c:57:27: style: Same expression on both sides of '||'.: rG0795ab1c8f95: dirmngr: Fix case handling of "ldapi" scheme..
Thu, Jul 2, 4:07 PM · LDAP, dirmngr, Bug Report
werner committed rGd70b8769c888: Support a history file in gpg-card and gpg-connect-agent. (authored by werner).
Support a history file in gpg-card and gpg-connect-agent.
Thu, Jul 2, 3:54 PM

Wed, Jul 1

werner closed T4618: DANE OpenPGP certificate retrieval does not verify DNSSEC signatures as Wontfix.
Wed, Jul 1, 2:10 PM · dns, dirmngr
werner added a comment to T4618: DANE OpenPGP certificate retrieval does not verify DNSSEC signatures.

DANE for OpenPGP is an experimental RFC (RFC-7929) and it is likely that we will remove the support because it is too hard for most users to add keys to a zone. Further a validating resolver on the desktop is too hard to maintain and the cause of too many other failures. And no, unbound etc is not an option because it is not usable by the majority of GnuPG users.

Wed, Jul 1, 2:10 PM · dns, dirmngr

Tue, Jun 30

werner committed rG07aef873ebc7: scd:nks: Fix certificate read problem with TCOS signature card v2. (authored by werner).
scd:nks: Fix certificate read problem with TCOS signature card v2.
Tue, Jun 30, 2:42 PM
werner committed rGfb10b6cba43f: card: Better detect removed cards. Add TCOS PIN menu. (authored by werner).
card: Better detect removed cards. Add TCOS PIN menu.
Tue, Jun 30, 2:42 PM
werner committed rG58b091df831f: scd: Change how the removed card flag is set. (authored by werner).
scd: Change how the removed card flag is set.
Tue, Jun 30, 2:42 PM

Mon, Jun 29

werner renamed T4982: [PATCH] qt libraries should be linked with -fPIC instead of -fpic from [PATCH] qt libraries should be linked with -fPIC instead of -fPIC to [PATCH] qt libraries should be linked with -fPIC instead of -fpic.
Mon, Jun 29, 7:53 PM · gpgme, Info Needed, Bug Report
werner committed rG4f1c257c0366: sm: Fix regression in Friday's commit (authored by werner).
sm: Fix regression in Friday's commit
Mon, Jun 29, 3:06 PM
werner committed rG9b6f57492854: scd: Shorten cardio debug output for all zeroes. (authored by werner).
scd: Shorten cardio debug output for all zeroes.
Mon, Jun 29, 3:06 PM
werner added projects to T4981: internationalization (support UNICODE/UTF-8 character set): FreeBSD, i18n.
Mon, Jun 29, 1:27 PM · i18n, FreeBSD, Feature Request
werner added a comment to T4981: internationalization (support UNICODE/UTF-8 character set).

My FreeBSD box is currently not up, so I can't test right now. You may want to look into gnupg/common/utf8conv.c and there set_native_charset(). For historical reasons we start off with latin-1 but then swicth to the selected charset and intialize iconv accordingly. In the case of an error we sometimes fallback to utf-8. You may want to add some debug code (log_debug ("foo bar string=%s\n", some_string);)

Mon, Jun 29, 1:25 PM · i18n, FreeBSD, Feature Request
werner added projects to T4967: Right Click for encryption on file doesn't work : gpg4win, gpgex.
Mon, Jun 29, 9:25 AM · gpgex, gpg4win, Bug Report
werner added a comment to E663: Weekly Standup.

Last week:

  • Backported some of the TPM patches to master. Meanwhile James has adopted the remaining patches.
  • Worked on app-nks.c and gpg-card
Mon, Jun 29, 9:23 AM

Sun, Jun 28

werner added a comment to T4981: internationalization (support UNICODE/UTF-8 character set).

OpenPGP specifies the use of UTF-8 for all meta data (ie. everything except for the signed/encrypted data). GnuPG has always supported this. I don't known on which OS you are but some don't have UTF-8 support on the command line or tty so you need to tweak your environment first.

Sun, Jun 28, 4:30 PM · i18n, FreeBSD, Feature Request
werner closed T4980: Libgpg-Error compilation fails if grep_options are enabled as Wontfix.
Sun, Jun 28, 4:17 PM · toolchain, MacOS, Bug Report
werner added a comment to T4980: Libgpg-Error compilation fails if grep_options are enabled.

I don't know about macOS but the commonly used GNU tools state:

Sun, Jun 28, 4:15 PM · toolchain, MacOS, Bug Report

Fri, Jun 26

werner committed rE3413489d2557: estream: Add gpgrt_fcancel (authored by werner).
estream: Add gpgrt_fcancel
Fri, Jun 26, 4:25 PM
werner committed rGad6bf5d67f58: sm: Print the serial number of a cert also in decimal. (authored by werner).
sm: Print the serial number of a cert also in decimal.
Fri, Jun 26, 3:28 PM
werner committed rGccbb0cfeefed: sm: Try not to output a partial new message after an error. (authored by werner).
sm: Try not to output a partial new message after an error.
Fri, Jun 26, 3:26 PM
werner committed rG208a90197317: sm: Print the serial number of a cert also in decimal. (authored by werner).
sm: Print the serial number of a cert also in decimal.
Fri, Jun 26, 1:01 PM

Thu, Jun 25

werner committed rG28c069db3bb5: card: Add password change menu for NKS cards. (authored by werner).
card: Add password change menu for NKS cards.
Thu, Jun 25, 11:28 AM
werner committed rG2429e8559844: scd:nks: Fix remaining tries warning in --reset mode. (authored by werner).
scd:nks: Fix remaining tries warning in --reset mode.
Thu, Jun 25, 11:28 AM
werner committed rG17a25c14f1ed: sm: Fix support verification of nistp521 signatures. (authored by werner).
sm: Fix support verification of nistp521 signatures.
Thu, Jun 25, 9:50 AM

Wed, Jun 24

werner added a comment to T4980: Libgpg-Error compilation fails if grep_options are enabled.

What do you mean by grep_options?

Wed, Jun 24, 10:04 PM · toolchain, MacOS, Bug Report
werner committed rG2d8f060679ba: gpgconf: Fix regression in --launch and --kill from March (authored by werner).
gpgconf: Fix regression in --launch and --kill from March
Wed, Jun 24, 12:45 PM
werner committed rGf541e1d95a91: agent: separate out daemon handling infrastructure for reuse (authored by James Bottomley <James.Bottomley@HansenPartnership.com>).
agent: separate out daemon handling infrastructure for reuse
Wed, Jun 24, 12:45 PM
werner committed rG0e3b2955aee2: agent: expose shadow key type (authored by James Bottomley via Gnupg-devel <gnupg-devel@gnupg.org>).
agent: expose shadow key type
Wed, Jun 24, 10:13 AM
werner added a comment to T4979: enable-ssh-support in windows is broken..

estream_t does not necessary work with stdio or posix calls; that is an implementation detail. For example if you use the mode flag "nonblock" Read/WriteFile are used on Windows.

Wed, Jun 24, 10:02 AM · Bug Report

Mon, Jun 22

werner added a comment to T4978: On Windows 10, gpg-connect-agent needs 2 trials to launch gpg-agent.

You may start the gpg-agent by hand:

Mon, Jun 22, 10:19 PM · Bug Report
werner added a comment to T4977: dirmngr not working with linux kernel parameter ipv6.disable=1.

The problem is that I have not yet found a _portable_ way to detect proper working v6 or v4 networking without doing a test connection. For privacy reasons we don't want to do that.

Mon, Jun 22, 3:32 PM · gnupg (gpg22), dirmngr, Bug Report
werner added projects to T4977: dirmngr not working with linux kernel parameter ipv6.disable=1: dirmngr, gnupg (gpg22).
Mon, Jun 22, 3:20 PM · gnupg (gpg22), dirmngr, Bug Report