werner (Werner Koch)Administrator
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (200 w, 2 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner changed the "Can Bulk Edit Tasks" policy for application Maniphest from "Administrators" to "Members of Project: Restricted Project".
Wed, Jan 27, 12:33 PM
werner changed the "Can Bulk Edit Tasks" policy for application Maniphest from "All Users" to "Administrators".
Wed, Jan 27, 12:23 PM
werner committed rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm. (authored by werner).
gpg: Fix ugly error message for an unknown symkey algorithm.
Wed, Jan 27, 11:49 AM
werner committed rGfb84674d6c64: scd:p15: Factor the commonObjectAttributes parser out. (authored by werner).
scd:p15: Factor the commonObjectAttributes parser out.
Wed, Jan 27, 11:49 AM
werner committed rGfc287c0552b0: scd:p15: First step towards real CardOS 5 support. (authored by werner).
scd:p15: First step towards real CardOS 5 support.
Wed, Jan 27, 11:49 AM
werner committed rG9037be5f40da: gpg: Fix ugly error message for an unknown symkey algorithm. (authored by werner).
gpg: Fix ugly error message for an unknown symkey algorithm.
Wed, Jan 27, 11:48 AM

Tue, Jan 26

werner added a comment to T3891: kdf-setup does not set admin and user PIN codes.

T4702 is our release info task for 2.3.0

Tue, Jan 26, 4:42 PM · Testing, scd, Bug Report
werner added a comment to T5266: gnupg: checked HTTP links in source code.

Sorry, we won't apply such changes. A couple of years we did this and all we earned were a few extra bugs aqnd useless diffs. Further many of those changes are in files which will be updated from upstream time to time and your chnages would be lost.

Tue, Jan 26, 4:38 PM · Documentation, gnupg
werner triaged T5266: gnupg: checked HTTP links in source code as Low priority.

Thanks. However, we need to go over the list one by one to decide this. For example
"http://gnupg.org/.well-known/openpgpkey/hu/12345678" is actually expected to return a 404 and test code may very well use http:

Tue, Jan 26, 8:15 AM · Documentation, gnupg

Mon, Jan 25

werner committed rG224e26cf7b67: agent: Support ssh-agent extensions for environment variables. (authored by werner).
agent: Support ssh-agent extensions for environment variables.
Mon, Jan 25, 10:53 AM
werner committed rG60499d98940d: scd:p15: Show the ATR as part of the TokenInfo diagnostics. (authored by werner).
scd:p15: Show the ATR as part of the TokenInfo diagnostics.
Mon, Jan 25, 10:53 AM
werner committed rG9500432b7ae1: Require Libgcrypt 1.9 (authored by werner).
Require Libgcrypt 1.9
Mon, Jan 25, 10:53 AM
werner added a comment to E844: Weekly Standup.

Last week:

  • Released Libgcrypt 1.9.0
  • Looked at CardOS support for scd
  • Hacked OpenSSH to get rid of the need for updatestartuptty.
Mon, Jan 25, 10:46 AM
werner is attending E844: Weekly Standup.
Mon, Jan 25, 10:43 AM
werner added a comment to T4659: Release Pinentry-1.1.1.
  • Please see T5262 if you want to build with Qt4.
Mon, Jan 25, 10:43 AM · pinentry, Release Info

Fri, Jan 22

werner added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.

Should we add this to the hints in the README? After all this does not seem to be the standard system compiler or it has not been properly setup as replacement.

Fri, Jan 22, 5:47 PM · asm, libgcrypt, clang, Bug Report
werner raised the priority of T3211: [website] Atom/RSS feed for releases, news and/or blog from Wishlist to Normal.
Fri, Jan 22, 12:04 PM · Feature Request
werner committed rDab5d0860f4a9: swdb: Pinentry 1.1.1 (authored by werner).
swdb: Pinentry 1.1.1
Fri, Jan 22, 8:16 AM

Thu, Jan 21

werner changed the status of T5257: 32 bit cross build fails on asm code in gcrypt 1.9.0 from Open to Testing.
Thu, Jan 21, 10:32 AM · Bug Report, Cross-Compiler, libgcrypt
werner committed rC269250870a48: Merge branch 'LIBGCRYPT-1.9-BRANCH' (authored by werner).
Merge branch 'LIBGCRYPT-1.9-BRANCH'
Thu, Jan 21, 8:37 AM

Wed, Jan 20

werner added a comment to T4550: Test certificates with valid CA.

Do you mean self-signed certs or what kind of certs do not work?

Wed, Jan 20, 7:31 PM · Testing
werner updated the task description for T4294: Release Libgcrypt 1.9.0.
Wed, Jan 20, 2:51 PM · Release Info, libgcrypt
werner created T5259: Release Libgcrypt 1.9.1.
Wed, Jan 20, 2:50 PM · Release Info, libgcrypt
werner added a comment to T5254: libgcrypt 1.9.0 fails make check.

Sure. Thanks for testing. The problem with new versions is that ppl don't like to test release candidates and thus we need do real releases and wait for the outfall. ;-)

Wed, Jan 20, 2:43 PM · patch, libgcrypt, Bug Report
werner merged T5258: KeePassXC fails to start after upgrade to libgcrypt 1.9.0 into T5254: libgcrypt 1.9.0 fails make check.
Wed, Jan 20, 2:42 PM · patch, libgcrypt, Bug Report
werner merged task T5258: KeePassXC fails to start after upgrade to libgcrypt 1.9.0 into T5254: libgcrypt 1.9.0 fails make check.
Wed, Jan 20, 2:42 PM · libgcrypt, Bug Report
werner triaged T5256: libgcrypt, convert Intel syntax x86_64 assembly files to AT&T syntax as Normal priority.
Wed, Jan 20, 2:11 PM · asm, clang, libgcrypt
werner created T5257: 32 bit cross build fails on asm code in gcrypt 1.9.0.
Wed, Jan 20, 1:30 PM · Bug Report, Cross-Compiler, libgcrypt
werner committed rC880aa91cfb64: doc: Fix wrong CVE id in NEWS (authored by werner).
doc: Fix wrong CVE id in NEWS
Wed, Jan 20, 12:53 PM
werner updated the task description for T4294: Release Libgcrypt 1.9.0.
Wed, Jan 20, 12:53 PM · Release Info, libgcrypt
werner triaged T5254: libgcrypt 1.9.0 fails make check as High priority.
Wed, Jan 20, 9:34 AM · patch, libgcrypt, Bug Report
werner triaged T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO as Normal priority.
Wed, Jan 20, 9:33 AM · asm, libgcrypt, clang, Bug Report
werner triaged T5253: expiration changes during interactive expire date verification as Low priority.

Thanks for the reports. IIRC, we had similar reports in the past either here or on a ML.

Wed, Jan 20, 9:32 AM · gnupg (gpg23), Bug Report
werner triaged T5252: bad expiration value when using --batch Creation-Date/Expire-Date as Low priority.
Wed, Jan 20, 9:29 AM · gnupg, Bug Report
werner triaged T5251: Compile error on ARMv7 for libgcrypt as Normal priority.
Wed, Jan 20, 9:28 AM · asm, libgcrypt, Bug Report
werner added a comment to T4294: Release Libgcrypt 1.9.0.
  • For build problems on Raspberry PI see T5251 for a patch
Wed, Jan 20, 9:26 AM · Release Info, libgcrypt
werner added a comment to T5251: Compile error on ARMv7 for libgcrypt .

FWIW, after the release I had some time and after some trouble with my Pi4B I ran into the same problem.

Wed, Jan 20, 9:23 AM · asm, libgcrypt, Bug Report
werner updated the task description for T5251: Compile error on ARMv7 for libgcrypt .
Wed, Jan 20, 9:22 AM · asm, libgcrypt, Bug Report
werner added a comment to T5255: libgcrypt: build "error: invalid operand for instruction" when compiling with Clang & LTO.

So is this about 1.8.7 or 1.9.0 (as shown in the Version field)?

Wed, Jan 20, 9:21 AM · asm, libgcrypt, clang, Bug Report

Tue, Jan 19

werner added a comment to T5250: macOS: gpgconf SIGSEGV when run via gpgme from the GUI application.

Reading the bugzilla report it seems that TB is loading gpgme at runtime. In particular the hints on using externally build stuff (Homebrew) is worrying. Someone(tm) needs to check how gpgme is used by TB and that it is properly initialized. GPGME is actually not designed to be loaded at runtime but should be used as standard shared object or static library.

Tue, Jan 19, 5:40 PM · gpgme, MacOS, Bug Report
werner committed rD313f206677df: web: Release announcement for Libgcrypt 1.9 (authored by werner).
web: Release announcement for Libgcrypt 1.9
Tue, Jan 19, 5:33 PM
werner added a comment to T5247: Update pypi entry to current version for discovery of python3-gpg module (Python Bindings).

Dependency hell - ask your favorite distribution

Tue, Jan 19, 4:46 PM · Python
werner triaged T5250: macOS: gpgconf SIGSEGV when run via gpgme from the GUI application as Low priority.

Sure that TB uses GPGME - they claimed they won't use it due to license incompatibility (LGPL). I assumed they use gpgme-json via naticve messaging. Regarding the error - I have no idea.

Tue, Jan 19, 4:45 PM · gpgme, MacOS, Bug Report
werner moved T4702: Release GnuPG 2.3.0 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Tue, Jan 19, 1:55 PM · Restricted Project, Release Info, gpg4win, gnupg
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4068: libgcrypt 1.8.3 make check errors, as Resolved.
Tue, Jan 19, 1:54 PM · Documentation, libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4243: Test failure in libgcrypt-1.8.4, as Resolved.
Tue, Jan 19, 1:54 PM · Documentation, Tests, libgcrypt, Bug Report
werner closed T4294: Release Libgcrypt 1.9.0 as Resolved.
Tue, Jan 19, 1:54 PM · Release Info, libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T5243: libgcrypt "check if fips_is_operational and error return if not" patch for FIPS 140, as Resolved.
Tue, Jan 19, 1:54 PM · libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4288: Add getrandom support for the BSDs, as Resolved.
Tue, Jan 19, 1:54 PM · libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4869: constant-time mpi_invm, as Resolved.
Tue, Jan 19, 1:54 PM · libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T5182: libgcrypt self tests for FIPS 140, as Resolved.
Tue, Jan 19, 1:54 PM · Testing, libgcrypt
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4274: Fail selftests when checksum file is missing in FIPS mode only, as Resolved.
Tue, Jan 19, 1:54 PM · Testing, libgcrypt, Bug Report
werner closed T4294: Release Libgcrypt 1.9.0, a subtask of T4293: Add dedicated X25519 function to Libcgrypt , as Resolved.
Tue, Jan 19, 1:54 PM · Testing, libgcrypt
werner committed rDd87d6843e5a4: swdb: Libgcrypt 1.9.0 (authored by werner).
swdb: Libgcrypt 1.9.0
Tue, Jan 19, 1:52 PM
werner committed rC0dc49af9b537: Release 1.9.0 (authored by werner).
Release 1.9.0
Tue, Jan 19, 1:50 PM
werner committed rC6e1169003796: Post release updates (authored by werner).
Post release updates
Tue, Jan 19, 1:50 PM
werner committed rC9ff0ab3761a3: Merge branch 'master' into LIBGCRYPT-1.9-BRANCH (authored by werner).
Merge branch 'master' into LIBGCRYPT-1.9-BRANCH
Tue, Jan 19, 1:50 PM
werner committed rDa515c40ecdc0: web: Add address to the SEPA page (authored by werner).
web: Add address to the SEPA page
Tue, Jan 19, 12:00 PM
werner set Version to 1.9.0 on T4294: Release Libgcrypt 1.9.0.
Tue, Jan 19, 10:17 AM · Release Info, libgcrypt
werner removed a subtask for T5244: libgcrypt: Restrict message digest use: T4294: Release Libgcrypt 1.9.0.
Tue, Jan 19, 10:11 AM · libgcrypt
werner removed a parent task for T4294: Release Libgcrypt 1.9.0: T5244: libgcrypt: Restrict message digest use.
Tue, Jan 19, 10:11 AM · Release Info, libgcrypt
werner moved T5244: libgcrypt: Restrict message digest use from Backlog to For 1.10 on the libgcrypt board.

We plan this for 1.10 but it may also go into one of the next 1.9.x releases

Tue, Jan 19, 10:09 AM · libgcrypt
werner closed T4293: Add dedicated X25519 function to Libcgrypt as Resolved.

Docs done.

Tue, Jan 19, 10:07 AM · Testing, libgcrypt
werner assigned T5247: Update pypi entry to current version for discovery of python3-gpg module (Python Bindings) to bernhard.

Typo, sorry. I have no access to pypi and won't apply for an account due to general concerns about those platforms. Thus I can't change that page. Let me assign you this issue ;-)

Tue, Jan 19, 10:06 AM · Python

Mon, Jan 18

werner moved T5182: libgcrypt self tests for FIPS 140 from For 1.9 to For 1.10 on the libgcrypt board.
Mon, Jan 18, 7:08 PM · Testing, libgcrypt
werner moved T5195: Incorrect HWCAP2 check for AArch32 from For 1.9 to For 1.8 on the libgcrypt board.
Mon, Jan 18, 7:08 PM · libgcrypt, backport, Bug Report
werner added a project to T5195: Incorrect HWCAP2 check for AArch32: libgcrypt.
Mon, Jan 18, 7:08 PM · libgcrypt, backport, Bug Report
werner removed a project from T5195: Incorrect HWCAP2 check for AArch32: libgcrypt.
Mon, Jan 18, 7:07 PM · libgcrypt, backport, Bug Report
werner added a project to T5195: Incorrect HWCAP2 check for AArch32: backport.
Mon, Jan 18, 7:06 PM · libgcrypt, backport, Bug Report
werner moved T4951: Support point compression in Libgcrypt from For 1.9 to For 1.10 on the libgcrypt board.
Mon, Jan 18, 7:05 PM · Feature Request, libgcrypt
werner moved T4873: Enable AES GCM in FIPS mode from FIPS to For 1.10 on the libgcrypt board.
Mon, Jan 18, 7:04 PM · libgcrypt, Feature Request
werner removed a parent task for T4294: Release Libgcrypt 1.9.0: T1303: Please support GCRYSEXP_FMT_BASE64.
Mon, Jan 18, 7:02 PM · Release Info, libgcrypt
werner removed a subtask for T1303: Please support GCRYSEXP_FMT_BASE64: T4294: Release Libgcrypt 1.9.0.
Mon, Jan 18, 7:02 PM · Feature Request, libgcrypt
werner committed rCf26e3a1449ee: doc: Add NEWS items for 1.9.0 (authored by werner).
doc: Add NEWS items for 1.9.0
Mon, Jan 18, 6:45 PM
werner committed rCca5a90bf7059: ecc: Change an error code of gcry_ecc_mul_point. (authored by werner).
ecc: Change an error code of gcry_ecc_mul_point.
Mon, Jan 18, 6:45 PM
werner committed rC04c50901a2f2: doc: Add NEWS from the latest 1.8 releases (authored by werner).
doc: Add NEWS from the latest 1.8 releases
Mon, Jan 18, 6:45 PM
werner added a comment to T5247: Update pypi entry to current version for discovery of python3-gpg module (Python Bindings).

No, this is a fork and we consider the use of a PyPy for GPGME a Bad Thing because it does not guarantee a stable ABI and we accept bugs files against this version.

Mon, Jan 18, 6:40 PM · Python
werner added a project to T5246: Failing at authenticating key: kleopatra.

Please let us know your gpg4win version.

Mon, Jan 18, 2:52 PM · kleopatra, Bug Report, gpg4win
werner closed T5207: Pinentry won't show up as Resolved.
Mon, Jan 18, 12:26 PM · No Response, symmetric, pinentry, gnupg (gpg22)
werner moved T4702: Release GnuPG 2.3.0 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mon, Jan 18, 11:04 AM · Restricted Project, Release Info, gpg4win, gnupg
werner reassigned T4659: Release Pinentry-1.1.1 from werner to gouttegd.
Mon, Jan 18, 10:55 AM · pinentry, Release Info
werner added a comment to T5244: libgcrypt: Restrict message digest use.

I am not sure. MD5 is still important for some applications, say CRAM-MD5. IIRC, back in 2008 we dis-allowed RMD160 and added separate RMD160 code directly to gpg to fulfill FIPS requirements.

Mon, Jan 18, 8:32 AM · libgcrypt
werner added a comment to T5243: libgcrypt "check if fips_is_operational and error return if not" patch for FIPS 140.

Okay for 1.9.

Mon, Jan 18, 8:29 AM · libgcrypt
werner is attending E843: Weekly Standup.
Mon, Jan 18, 8:26 AM

Thu, Jan 14

werner added projects to T5237: GPGOL loaded but doesn't open Mails in Outlook 2016: gpgol, gpg4win.
Thu, Jan 14, 1:39 PM · gpg4win, gpgol

Tue, Jan 12

werner added a comment to T4818: libgcrypt build failures on several platforms.

Note: The commit in master (1.9) is rCe0898d0628789414

Tue, Jan 12, 12:40 PM · Solaris, libgcrypt, Bug Report
werner added a comment to T4833: libgcrypt: bug in _gcry_poly1305_armv7_neon_init_ext.

The commit which fixes this is rC761a1a0d30

Tue, Jan 12, 12:29 PM · libgcrypt, Bug Report
werner added a project to T4505: SM, W32: GPGSM hangs up the GnuPG System: Restricted Project.
Tue, Jan 12, 12:18 PM · Restricted Project, kleopatra, gpgol, S/MIME, gpg4win, Windows
werner moved T5236: Gpgwin-3.1.15 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Tue, Jan 12, 11:05 AM · gpg4win, Release Info, Restricted Project
werner moved T4584: --quick-sign-key offers no way to override a current certification from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Tue, Jan 12, 11:05 AM · Restricted Project, gnupg (gpg22), Feature Request
werner committed rG93d5d7ea2a8b: tools: Add option --clock to watchgnupg (authored by werner).
tools: Add option --clock to watchgnupg
Tue, Jan 12, 9:31 AM
werner raised the priority of T4659: Release Pinentry-1.1.1 from Normal to High.
Tue, Jan 12, 9:08 AM · pinentry, Release Info
werner added a project to T4584: --quick-sign-key offers no way to override a current certification: Restricted Project.
Tue, Jan 12, 8:05 AM · Restricted Project, gnupg (gpg22), Feature Request
werner raised the priority of T4584: --quick-sign-key offers no way to override a current certification from Normal to High.
Tue, Jan 12, 8:04 AM · Restricted Project, gnupg (gpg22), Feature Request

Mon, Jan 11

werner created T5235: Delays in dirmngr http connections on Windows.
Mon, Jan 11, 8:52 PM · dirmngr, ntbtls, Windows, gnupg (gpg22)
werner closed T5234: Release GnuPG 2.2.27 as Resolved.
Mon, Jan 11, 8:48 PM · Release Info, gnupg (gpg22)
werner closed T5221: gpgconf: auto-key-import and include-key-block dont have proper values as Resolved.
Mon, Jan 11, 8:36 PM · gnupg
werner closed T5230: Delete file failure during CRL update as Resolved.
Mon, Jan 11, 8:35 PM · gnupg (gpg22)
werner triaged T5219: scd: Generating CSR for SigG NetKey card key fails as Low priority.

Lowered priority because in reality it is not possible to get a certificate for an arbitrary SigG key on the card. Only accredited CAs may issue certs and they want to keep full control over the key generation.

Mon, Jan 11, 8:35 PM · scd
werner committed rD7da27041da50: swdb: GnuPG 2.2.27 (authored by werner).
swdb: GnuPG 2.2.27
Mon, Jan 11, 8:06 PM