Page MenuHome GnuPG

gpgmeProject
ActivePublic

Milestones

Details

Description

GnuPG Made Easy (GPGME) is a C language library that allows to add support for cryptography to a program. It is designed to make access to public key crypto engines like GnuPG or GpgSM easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification and key management.

GPGME comes with language bindings for Common Lisp, C++, QT, Python2 and Python 3.

GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the Cryptographic Message Syntax (CMS).

Recent Activity

Yesterday

werner added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

gpg --list-packets shows this:

Tue, Feb 20, 2:03 PM · gpgme, Bug Report
Karam added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

Tue, Feb 20, 12:33 PM · gpgme, Bug Report
ikloecker added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.
In T6977#183049, @Karam wrote:

Uploaded the corrupted file.

Tue, Feb 20, 9:44 AM · gpgme, Bug Report
Karam added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

Uploaded the corrupted file.

Tue, Feb 20, 9:12 AM · gpgme, Bug Report

Fri, Feb 16

ikloecker added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

Can you make this corrupted file available to us?

Fri, Feb 16, 6:05 PM · gpgme, Bug Report
Karam added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

Hello,
So after testing on gpgme-1.17.1, with run-verify under tests as you mentioned, with corrupted file it hangs forever.
Now we can say it's a bug in gpgme_op_verify.

Fri, Feb 16, 3:28 PM · gpgme, Bug Report

Thu, Feb 15

TobiasFella moved T6880: GPGME (++/qt): Add support for --quick-add-adsk from Backlog to WiP on the vsd33 board.
Thu, Feb 15, 8:56 AM · gpgme, vsd33, Restricted Project

Thu, Feb 8

ikloecker added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

We provide the examples for a reason. Actually, two reasons: To test our changes ourselves. And to provide working examples for others. If your code doesn't work then you'll have to figure out where the example and your code differ. If the example doesn't work then we'll have a look.

Thu, Feb 8, 7:07 PM · gpgme, Bug Report
werner added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

@Karam, please test as suggested by @ikloecker.

Thu, Feb 8, 3:23 PM · gpgme, Bug Report
Karam added a comment to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature.

@werner I 'm not passing nullptr to gpgme_data_release.
@ikloecker Honestly I didn't test it.
Is there anything wrong with code ? have anyone encountered such behavior ?
I was trying adding a timeout as a workaround for gpgme_op_verify to avoid hanging but it depends on the file size and how much it will take to verify it signature...

Thu, Feb 8, 3:04 PM · gpgme, Bug Report

Wed, Feb 7

werner removed a project from T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature: C++.

Oh well, it does not use the c++ binding .

Wed, Feb 7, 9:25 AM · gpgme, Bug Report
werner triaged T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature as Normal priority.
Wed, Feb 7, 9:22 AM · gpgme, Bug Report
werner added projects to T6977: gpgme_op_verify from libgpgme hang without returning anything when verifying corrupted file signature: gpgme, C++.
Wed, Feb 7, 9:20 AM · gpgme, Bug Report
aheinecke triaged T6971: Kleopatra: "General Error" is given instead of "Wrong PIN" as Normal priority.

Yes that probably gets lost along the way, where we communicate with scdaemon to generate the key. Needs to be tracked down. Such things can be very confusing to users. Especially if that increases the PIN Retry counter!

Wed, Feb 7, 9:14 AM · gpgme, kleopatra, Restricted Project

Wed, Jan 31

ebo created T6971: Kleopatra: "General Error" is given instead of "Wrong PIN".
Wed, Jan 31, 3:37 PM · gpgme, kleopatra, Restricted Project

Wed, Jan 24

werner raised the priority of T6620: Add a way to extract ECC key parameters from a public key from Normal to High.

Just a reminder, this is important for 384 bit keys (see T6379).

Wed, Jan 24, 4:26 PM · Restricted Project, kleopatra, Feature Request, gpgme

Jan 18 2024

ebo closed T6736: Year 2038 issue for key validity date, a subtask of T4195: Fix time API in gpgme, as Resolved.
Jan 18 2024, 11:43 AM · gnupg, kleopatra, Restricted Project, gpgme, Feature Request

Jan 15 2024

aheinecke lowered the priority of T6922: GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename from Normal to Low.
Jan 15 2024, 10:50 AM · gpgme, Restricted Project
aheinecke closed T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry as Resolved.

I think this is resolved now.

Jan 15 2024, 10:46 AM · Feature Request, gpgme

Jan 11 2024

ikloecker changed the status of T6351: Kleopatra: Performance problems when encrypting large files from Open to Testing.

The problem has been addressed for all OpenPGP crypto operations on files.

Jan 11 2024, 9:35 AM · gpgme, Restricted Project, kleopatra
ikloecker updated the task description for T6351: Kleopatra: Performance problems when encrypting large files.
Jan 11 2024, 9:34 AM · gpgme, Restricted Project, kleopatra
ikloecker edited parent tasks for T6922: GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename, added: T6928: Kleopatra: Speed up S/MIME crypto operations for large files (on Windows); removed: T6351: Kleopatra: Performance problems when encrypting large files.
Jan 11 2024, 9:30 AM · gpgme, Restricted Project
ikloecker removed a subtask for T6351: Kleopatra: Performance problems when encrypting large files: T6922: GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename.
Jan 11 2024, 9:30 AM · gpgme, Restricted Project, kleopatra
ikloecker placed T6922: GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename up for grabs.

This is currently not possible (blocked by T6927: gpgsm: Accept file names for input and output in server mode).

Jan 11 2024, 9:26 AM · gpgme, Restricted Project

Jan 8 2024

ikloecker triaged T6922: GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename as Normal priority.
Jan 8 2024, 11:02 AM · gpgme, Restricted Project

Jan 5 2024

ikloecker moved T6550: GpgME / QGpgME Extend non-archive jobs to accept input / output from a filename from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Jan 5 2024, 1:59 PM · gpgme, Restricted Project, kleopatra
ikloecker closed T6550: GpgME / QGpgME Extend non-archive jobs to accept input / output from a filename, a subtask of T6351: Kleopatra: Performance problems when encrypting large files, as Resolved.
Jan 5 2024, 1:59 PM · gpgme, Restricted Project, kleopatra
ikloecker closed T6550: GpgME / QGpgME Extend non-archive jobs to accept input / output from a filename as Resolved.

All non-archive jobs have been extended to allow reading the input directly from files and to allow writing the output. directly to files.

Jan 5 2024, 1:59 PM · gpgme, Restricted Project, kleopatra
werner added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

gpg 2.4 now returns ERROR status lines for failed --quick-add-subkey and --quick-add-adsk.

Jan 5 2024, 11:34 AM · gpgme, vsd33, Restricted Project

Jan 4 2024

ikloecker claimed T6351: Kleopatra: Performance problems when encrypting large files.
Jan 4 2024, 9:51 AM · gpgme, Restricted Project, kleopatra
aheinecke changed the status of T6876: GPGME(++) Add "include-key-block" and "auto-key-import" to context flags from Duplicate to Resolved.

I did not relaize that when we originally implemented that feature we already exposed it through GPGME. So this has been fixed since 2020.

Jan 4 2024, 8:51 AM · Restricted Project, gpgme, vsd33
aheinecke merged task T6876: GPGME(++) Add "include-key-block" and "auto-key-import" to context flags into T4856: GPG: Key Exchange Put public OpenPGP key into signature.
Jan 4 2024, 8:50 AM · Restricted Project, gpgme, vsd33

Dec 22 2023

ikloecker changed the status of T6907: gpgme: Explicitly tell gpg that we want to verify signed data from Open to Testing.

Done. I have verified with the test runner run-verifyopaquejob that verification still works and that the warning is gone.

Dec 22 2023, 2:31 PM · gpgme, Restricted Project
ikloecker moved T6907: gpgme: Explicitly tell gpg that we want to verify signed data from Backlog to WiP on the gpgme board.
Dec 22 2023, 2:25 PM · gpgme, Restricted Project
ikloecker claimed T6907: gpgme: Explicitly tell gpg that we want to verify signed data.
Dec 22 2023, 2:25 PM · gpgme, Restricted Project
ikloecker triaged T6907: gpgme: Explicitly tell gpg that we want to verify signed data as Normal priority.
Dec 22 2023, 2:25 PM · gpgme, Restricted Project
werner added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

I would use ALGO of gpgme_createsubkey to pass the fingerprint of the ADSK. This can be justified because the algorithm is an implict property of the fingerprint. Obviously we also nee a new flag to do switch to this behaviour. A new GPGME_CREATE_ADSK comes to mind.

Dec 22 2023, 2:12 PM · gpgme, vsd33, Restricted Project
ikloecker added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

In the C++/Qt parts:
I think we then don't really *need* anything, since we can just set the fingerprint in the context for the job, but it would make sense to introduce a function that wraps this into a nice API.

Dec 22 2023, 12:29 PM · gpgme, vsd33, Restricted Project
TobiasFella added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

My concept would be to:

  • add a GENKEY_EXTRAFLAG_ADDADSK for _gpgme_engine_op_genkey and gpg_genkey (or do that more implicitely, e.g., by detecting !USERID && KEY && PUBKEY) and pass the subkey fingerprint in pubkey
  • use gpgme_op_createsubkey; pass the adsk fingerprint in a new variable in context
Dec 22 2023, 12:01 PM · gpgme, vsd33, Restricted Project
ikloecker added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

For the similar task to add an existing subkey to a key we have GpgAddExistingSubkeyEditInteractor. This uses the much more complicated gpg --edit-key interface. Maybe we want to avoid this.

Dec 22 2023, 9:31 AM · gpgme, vsd33, Restricted Project

Dec 21 2023

werner added a comment to T6880: GPGME (++/qt): Add support for --quick-add-adsk.

Before adding code please first come up with a description of the planned API extension.

Dec 21 2023, 7:22 PM · gpgme, vsd33, Restricted Project
TobiasFella moved T6880: GPGME (++/qt): Add support for --quick-add-adsk from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Dec 21 2023, 12:20 PM · gpgme, vsd33, Restricted Project

Dec 14 2023

ikloecker added a comment to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry.

Werner and Tobias are both correct. If a new subkey is generated from scratch then gpg uses the current time as key creation time and sets the expiration date (in the internal in-memory representation of a public key) to the key creation time plus the expiration value.

Dec 14 2023, 2:01 PM · Feature Request, gpgme
TobiasFella added a comment to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry.

Sorry, I should have been more precise in my description of the problem. Specifically with --quick-addkey, gpg's behavior seems to be that the expiration, when given using seconds=... is treated as seconds from now.

Dec 14 2023, 9:25 AM · Feature Request, gpgme

Dec 13 2023

werner added a comment to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry.

FWIW, when updating the expiration time gpg does this:

Dec 13 2023, 7:19 PM · Feature Request, gpgme
TobiasFella added a comment to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry.

My explanation of gpgme's behavior was not quite correct: Specifically in the QGpgMEQuickJobs for creating (sub)keys, the API uses QDateTimes, which are then converted to seconds since epoch.

Dec 13 2023, 7:14 PM · Feature Request, gpgme
werner added a comment to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry.

That's both not correct. gpg takes the expiration time in seconds since creation time. For a new key this is close to the corrent time but not really. For an prolonging an expiration, this is of course different - the creation time of the key needs to be taken in account. I recall that we once had a discussion and agreed to keep it at time after the creation of the key. This avoids problems with the expiration going negative.

Dec 13 2023, 7:06 PM · Feature Request, gpgme
werner added projects to T6889: gpgme: QGpgMEQuickJob creates keys with wrong expiry: gpgme, Feature Request.
Dec 13 2023, 6:52 PM · Feature Request, gpgme
ikloecker moved T6550: GpgME / QGpgME Extend non-archive jobs to accept input / output from a filename from Backlog to WiP on the gpgme board.
Dec 13 2023, 10:11 AM · gpgme, Restricted Project, kleopatra
ikloecker claimed T6550: GpgME / QGpgME Extend non-archive jobs to accept input / output from a filename.
Dec 13 2023, 10:11 AM · gpgme, Restricted Project, kleopatra