gnupgProject
ActivePublic

Milestones

Subprojects

Members

  • This project does not have any members.

Recent Activity

Wed, Jun 3

werner closed T4947: Build of documentation from tarball not deterministic as Resolved.

Done.

Wed, Jun 3, 5:17 PM · gnupg, Documentation, Bug Report
werner added a commit to T4947: Build of documentation from tarball not deterministic: rG5ade2b68db23: doc: Minor enhancement for reproducibility..
Wed, Jun 3, 5:17 PM · gnupg, Documentation, Bug Report
werner added a commit to T4947: Build of documentation from tarball not deterministic: rG074ab108e768: doc: Minor enhancement for reproducibility..
Wed, Jun 3, 5:16 PM · gnupg, Documentation, Bug Report
werner added a commit to T4965: GnuPG dependency of libgpg-error and GPG_ERR_WRONG_NAME: rG381c54179c2a: common: Add missing error code GPG_ERR_WRONG_NAME..
Wed, Jun 3, 10:33 AM · gnupg, Bug Report
werner closed T4965: GnuPG dependency of libgpg-error and GPG_ERR_WRONG_NAME as Resolved.

I bumped up the requirement to 1.25 because we also use error codes defined there. To be on the safe side with older distros I defined the missing error code instead of requiring 1.27.

Wed, Jun 3, 10:33 AM · gnupg, Bug Report

Tue, Jun 2

gniibe added a comment to T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.

Change of gpg-agent for ECC-SOS

Tue, Jun 2, 8:05 AM · libgcrypt, gpgagent, gnupg
Angel created T4965: GnuPG dependency of libgpg-error and GPG_ERR_WRONG_NAME.
Tue, Jun 2, 3:22 AM · gnupg, Bug Report

Thu, May 28

PWRzTOtacorTPq7KNW4oFec8F added a comment to T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).

Is there a blogpost or similar where the use of several smartcards following this improvement is explained to n00bs like me? :) For now all I find is this thread and some SE answers saying it does not work yet (https://security.stackexchange.com/questions/154702/gpg-encryption-subkey-on-multiple-smart-cards-issue) . If somebody could post a new answer on SE / write a small blog post or similar that would be great. Useful would be to have 1) from which versions and over is that available 2) how this works / how to use.

Thu, May 28, 10:18 PM · Testing, gnupg, Feature Request
bernhard created T4958: Document different use of pubring.gpg in newer versions.
Thu, May 28, 12:45 PM · gnupg (gpg22), Documentation

Wed, May 27

gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In the SOS branch, rG1c4291c3951d: ecc-sos: Add special leading zero octet removal. should be reverted.
Instead, the S_KEY should be fixed up in read_key_file in findkey.c,
and merge_lists in protect.c.
(Then, no need to be fixed up in extract_private_key.)

Wed, May 27, 11:57 AM · OpenPGP, gnupg
gniibe updated the task description for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:09 AM · libgcrypt, gpgagent, gnupg
gniibe edited projects for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned, added: gpgagent, libgcrypt; removed OpenPGP.
Wed, May 27, 3:08 AM · libgcrypt, gpgagent, gnupg
gniibe added a comment to T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.

Exactly same problem is there in libgcrypt.
In the definitions of curves, it uses negative constant internally in some specific places, but for other parts, we have same problems.

Wed, May 27, 3:08 AM · libgcrypt, gpgagent, gnupg
gniibe updated the task description for T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:03 AM · libgcrypt, gpgagent, gnupg
gniibe created T4956: agent: Disrepancy of handling MPI for the interpretation of signed and unsigned.
Wed, May 27, 3:03 AM · libgcrypt, gpgagent, gnupg

Tue, May 26

gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

I should concentrate the case of ECC, in particular, ECC with modern curves.
Removing leading zero from RSA/ECC/ELGamal assuming unsigned integer would result more work.

Tue, May 26, 8:23 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

In libgcrypt, we have another problem of GCRYSEXP_FMT_ADVANCED formatting, which is used by gpg-agent of GnuPG 2.3 with name-value list.

Tue, May 26, 7:07 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Confusingly, in the SSH specification, it is signed MPI.

Tue, May 26, 3:59 AM · OpenPGP, gnupg

Mon, May 25

gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

There are more places for clean up in GnuPG.
While "MPI" in OpenPGP specification is based on unsigned integer, the default "MPI" handling of GnuPG/Libgcrypt is signed. This difference matters internally.
Formatting by "%m" with libgcrypt, it may result prefixed by 0x00 (so that it represents unsigned value, even if scanned as signed).
And because of this, existing private keys in private-keys-v1.d may have this leading zero-byte.
But the counting bits don't count this byte.

Mon, May 25, 7:27 AM · OpenPGP, gnupg

Thu, May 21

gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

OpenPGP implementations are expected to accept:

Thu, May 21, 7:01 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

Better to paste directly:

# SOS representation
#
# Initially, it was intended as "Simply, Octet String", but 
# it is actually "Strange" Octet String.
#
Thu, May 21, 6:52 AM · OpenPGP, gnupg
gniibe added a comment to T4954: SOS representation and improvements in GnuPG.

I wrote this:

Thu, May 21, 6:51 AM · OpenPGP, gnupg
gniibe created T4954: SOS representation and improvements in GnuPG.
Thu, May 21, 6:50 AM · OpenPGP, gnupg

Mon, May 18

werner added a comment to T4947: Build of documentation from tarball not deterministic.

Okay, makes sense.

Mon, May 18, 8:32 AM · gnupg, Documentation, Bug Report
wamserma added a comment to T4947: Build of documentation from tarball not deterministic.

No, it is widely understood as a means for reproducible builds and specified at: https://reproducible-builds.org/docs/source-date-epoch/

Mon, May 18, 8:16 AM · gnupg, Documentation, Bug Report
werner added a comment to T4947: Build of documentation from tarball not deterministic.

SOURCE_DATE_EPOCH is NixOS specific?

Mon, May 18, 7:46 AM · gnupg, Documentation, Bug Report

Sun, May 17

wamserma added a comment to T4947: Build of documentation from tarball not deterministic.

Well, I had simply accepted that the rule for defsincdate is always triggered. I looked a bit more into it, and the cause for triggering is that Nixpkgs patches dirmngr.texi, hence defsincdate is cleared by the rule above and the fallback behaviour is triggered.
But this also means my suggested patch wouldn't help here as the modification date of dirmngr.texi would be picked up.

Sun, May 17, 10:11 PM · gnupg, Documentation, Bug Report
werner added a comment to T4947: Build of documentation from tarball not deterministic.

Looking at the rules I do not understand why we have a problem here, the rule

Sun, May 17, 5:47 PM · gnupg, Documentation, Bug Report
werner claimed T4947: Build of documentation from tarball not deterministic.

I think an option to ignore certain files is a better way to do this. I'll give it a try.

Sun, May 17, 5:22 PM · gnupg, Documentation, Bug Report

Thu, May 7

aheinecke added a commit to T4745: GnuPG, Kleopatra: Remove Name length limitation for new keys: rKLEOPATRA79a672ab2ebb: Reduce minimal name length to 3.
Thu, May 7, 11:01 AM · kleopatra, gnupg
aheinecke closed T4745: GnuPG, Kleopatra: Remove Name length limitation for new keys as Resolved.

Your guess is correct, but as this hole "Wizard" thing uses Qt Regular expressions its not super quick fix without having to introduce new strings etc.
So I just reduced the length. The new key generation in Kleopatra is pending a rewrite anyway. Requires way too many clicks ATM.

Thu, May 7, 10:25 AM · kleopatra, gnupg

May 4 2020

werner claimed T4936: Fixes for multiple issues found in Coverity scan of gnupg-2.2.20.

Thanks

May 4 2020, 7:17 PM · gnupg, Bug Report

Apr 30 2020

werner added a comment to T4931: gnupg unusable with a long path to $HOME.

Yes, with current gnupg it works w/o problems. Well, unless systemd decided to remove the directory. There is a loginctl(1) way to avoid this.

Apr 30 2020, 12:22 PM · FAQ, gnupg
t8m added a comment to T4931: gnupg unusable with a long path to $HOME.

Also I suppose the 2.1.20 version above is typo and 2.2.20 is actually meant.

Apr 30 2020, 11:04 AM · FAQ, gnupg
t8m added a comment to T4931: gnupg unusable with a long path to $HOME.

Can you please clarify? Let's assume I am using current gnupg version (2.2.20) and /run/user/$UID exists. Everything should work seamlessly, should it?

Apr 30 2020, 11:03 AM · FAQ, gnupg
werner triaged T4931: gnupg unusable with a long path to $HOME as Normal priority.

You are still using the old way of having the sockets in ${GNUPGHOME:-~/.gnupg}. Since 2.2.13 we use

Apr 30 2020, 9:32 AM · FAQ, gnupg

Apr 29 2020

t8m created T4931: gnupg unusable with a long path to $HOME in the S1 Public space.
Apr 29 2020, 4:03 PM · FAQ, gnupg

Apr 16 2020

werner added a commit to T4856: GPG: Key Exchange Put public OpenPGP key into signature: rG7dbfd92b3e23: gpg: Add missing options --no-include-key-block..
Apr 16 2020, 12:10 PM · Feature Request, gpgol, Keyserver, gnupg

Apr 13 2020

gniibe added a comment to T4669: Key expiration time sometimes improperly interpreted as a signed 32-bit value.

I can't find any places where it is interpreted as signed integer.

Apr 13 2020, 4:16 AM · OpenPGP, gnupg, Bug Report

Apr 9 2020

Moonchild added a comment to T4249: No connection to Keyserver possible.

I'm honestly surprised this isn't being given any sort of priority.
gnupg for windows is simply broken. Even Kleopatra, its supplied and designated key management application doesn't work re: keyserver communication.

Apr 9 2020, 11:16 PM · gnupg, dirmngr, Bug Report, gpg4win

Apr 3 2020

gniibe changed the status of T4843: REGEXP support for all systems from Open to Testing.

Pushed the changes.

Apr 3 2020, 8:50 AM · Testing, gnupg
gniibe added a commit to T4843: REGEXP support for all systems: rGba247a114c75: gpg: Add regular expression support..
Apr 3 2020, 8:38 AM · Testing, gnupg

Apr 2 2020

JW added a comment to T4907: Spurious warning: ignoring return value of ‘write’ ....

There is nothing spiteful about this other than your actions.

Apr 2 2020, 12:11 PM · gnupg
werner closed T4907: Spurious warning: ignoring return value of ‘write’ ... as Spite.

Please stop this and use the mailing list for such ramblings. Usually only one developer reads a bug report and thus you can't participate from the experience of others - use mailing lists - please.

Apr 2 2020, 12:05 PM · gnupg
JW created T4907: Spurious warning: ignoring return value of ‘write’ ... in the S1 Public space.
Apr 2 2020, 12:01 PM · gnupg
JW added a comment to T4903: Github sources are difficult to test.
We do not use Github.
Apr 2 2020, 12:12 AM · gnupg, Bug Report

Apr 1 2020

werner closed T4901: Libgcrypt-error 1.38 is missing from https://gnupg.org/ftp/gcrypt/libgpg-error as Invalid.

That are all development versions and they may require the latest changes from the repo of other libraries.

Apr 1 2020, 8:49 PM · gnupg, Bug Report
werner closed T4903: Github sources are difficult to test as Invalid.

Sorry, if you use your own copy of GnuPG on GitHub, it is all up to you. We do not use Github.

Apr 1 2020, 8:45 PM · gnupg, Bug Report
JW added a comment to T4903: Github sources are difficult to test.

Also see Issue #10, Add Travis testing in the GnuPG GitHub. The PR adds Travis testing to the entire GnuPG suite.

Apr 1 2020, 5:00 PM · gnupg, Bug Report
JW updated the task description for T4903: Github sources are difficult to test.
Apr 1 2020, 3:48 PM · gnupg, Bug Report