libksbaProject
ActivePublic

Members

  • This project does not have any members.

Recent Activity

Tue, May 19

werner updated the task description for T4943: Release LibKSBA 1.4.0.
Tue, May 19, 4:49 PM · libksba, Release Info
werner closed T4920: Support ECDH in Libksba as Resolved.
Tue, May 19, 4:49 PM · libksba, Feature Request, S/MIME
werner updated the task description for T4943: Release LibKSBA 1.4.0.
Tue, May 19, 4:47 PM · libksba, Release Info
werner closed T4943: Release LibKSBA 1.4.0 as Resolved.
Tue, May 19, 4:28 PM · libksba, Release Info
werner updated the task description for T4943: Release LibKSBA 1.4.0.
Tue, May 19, 3:44 PM · libksba, Release Info
werner updated the task description for T4943: Release LibKSBA 1.4.0.
Tue, May 19, 3:43 PM · libksba, Release Info
werner updated the task description for T4943: Release LibKSBA 1.4.0.
Tue, May 19, 3:42 PM · libksba, Release Info
werner added a comment to T4943: Release LibKSBA 1.4.0.
Tue, May 19, 3:41 PM · libksba, Release Info
werner changed the status of T4104: gpgsm/ksba removes leading zeros from signature byte array from Open to Testing.

Seems to be fixed now.

Tue, May 19, 3:13 PM · Testing, libksba, S/MIME, Bug Report
werner lowered the priority of T4896: ksba: Ed25519 support from High to Normal.

Parsing and creating of certs does now work. I was not able to find sample CMS objects so this part is not yet finished.

Tue, May 19, 3:12 PM · Info Needed, libksba, Feature Request, S/MIME

Thu, May 14

werner created T4943: Release LibKSBA 1.4.0.
Thu, May 14, 12:36 PM · libksba, Release Info
werner closed T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing as Wontfix.

Won't fix because there is no need for it. ASN.1 modules are the formal description of a protocol and as such not copyrightable.

Thu, May 14, 9:45 AM · libksba, Feature Request
werner closed T4801: libksba reproducible builds as Resolved.

Thanks. Applied. Will go into 1.4.0

Thu, May 14, 9:38 AM · libksba, Bug Report
werner added a commit to T4801: libksba reproducible builds: rKcdbced98819d: Fix qsort handler to reproducible sort the string table..
Thu, May 14, 9:37 AM · libksba, Bug Report

Tue, May 12

werner added a commit to T4896: ksba: Ed25519 support: rK60943d9f1816: Allow parsing of EdDSA certificates..
Tue, May 12, 12:04 PM · Info Needed, libksba, Feature Request, S/MIME

Mon, May 11

werner claimed T4896: ksba: Ed25519 support.
Mon, May 11, 7:50 PM · Info Needed, libksba, Feature Request, S/MIME
werner added a commit to T4920: Support ECDH in Libksba: rKcda81bec2e14: Support creation of ECDSA signed data..
Mon, May 11, 6:23 PM · libksba, Feature Request, S/MIME

May 4 2020

werner changed the status of T4920: Support ECDH in Libksba from Open to Testing.

It works for me(tm).

May 4 2020, 3:05 PM · libksba, Feature Request, S/MIME
werner added a commit to T4920: Support ECDH in Libksba: rK8ade151b1048: Support creation of ECDH enveloped data object (part 2 of 2).
May 4 2020, 2:55 PM · libksba, Feature Request, S/MIME

May 1 2020

werner added a commit to T4920: Support ECDH in Libksba: rK0ddfbb464e0a: Support creation of ECDH enveloped data object (part 1).
May 1 2020, 5:17 PM · libksba, Feature Request, S/MIME

Apr 21 2020

werner added a commit to T4920: Support ECDH in Libksba: rK401dc58d3d55: Support parsing of the CMS KeyAgreeRecipientInfo..
Apr 21 2020, 2:50 PM · libksba, Feature Request, S/MIME
werner created T4920: Support ECDH in Libksba.
Apr 21 2020, 2:33 PM · libksba, Feature Request, S/MIME

Apr 15 2020

werner added a commit to T4538: Support PSS signed CRLs: rG24d563749f50: sm: Support rsaPSS verification also for CMS signatures..
Apr 15 2020, 3:48 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rGddc74f50d423: sm,dirmngr: Restrict allowed parameters used with rsaPSS..
Apr 15 2020, 3:48 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rG0626cc8fed34: sm,dirmngr: Support rsaPSS signature verification..
Apr 15 2020, 3:48 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rG8bf17eb94d0d: dirmngr: Support rsaPSS also in the general validate module..
Apr 15 2020, 3:48 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rGc0d5c673542b: sm,dirmngr: Restrict allowed parameters used with rsaPSS..
Apr 15 2020, 11:11 AM · dirmngr, S/MIME, libksba

Apr 14 2020

werner added a commit to T4538: Support PSS signed CRLs: rKe6e9858970ed: Support rsaPSS also for CRLs..
Apr 14 2020, 4:53 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rK17a09f41fc4b: Allow for Null hash algo parameters on rsaPSS and add pss flag..
Apr 14 2020, 4:53 PM · dirmngr, S/MIME, libksba
werner closed T4538: Support PSS signed CRLs as Resolved.

Data (ie.e CMS) signatures do now also work.

Apr 14 2020, 4:26 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rG6c28d9343ea6: sm: Support rsaPSS verification also for CMS signatures..
Apr 14 2020, 3:51 PM · dirmngr, S/MIME, libksba

Apr 9 2020

werner added a comment to T4538: Support PSS signed CRLs.

Okay certificate and CRL checking does now work with rsaPSS. Need to work on data signatures and check the compliance modes.

Apr 9 2020, 1:09 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rGba34f1415366: dirmngr: Support rsaPSS also in the general validate module..
Apr 9 2020, 1:07 PM · dirmngr, S/MIME, libksba
werner added a commit to T4538: Support PSS signed CRLs: rGb45ab0ca08f8: sm,dirmngr: Support rsaPSS signature verification..
Apr 9 2020, 12:24 PM · dirmngr, S/MIME, libksba

Apr 8 2020

werner added a commit to T4538: Support PSS signed CRLs: rKf5695be600ab: Add read-only support for rsaPSS..
Apr 8 2020, 8:52 PM · dirmngr, S/MIME, libksba
werner claimed T4538: Support PSS signed CRLs.

I started to work on it so that I can actually use the certificates on my new D-Trust card. This will be a verify-only implementation.

Apr 8 2020, 8:37 PM · dirmngr, S/MIME, libksba

Mar 31 2020

gniibe added a commit to T4896: ksba: Ed25519 support: rK2625e13bc9d5: ecc: Add Ed25519 and Ed448 public key support..
Mar 31 2020, 9:00 AM · Info Needed, libksba, Feature Request, S/MIME
gniibe added a comment to T4896: ksba: Ed25519 support.

For public key, it's done.

Mar 31 2020, 8:59 AM · Info Needed, libksba, Feature Request, S/MIME

Mar 30 2020

gniibe added a project to T4896: ksba: Ed25519 support: libksba.
Mar 30 2020, 7:55 AM · Info Needed, libksba, Feature Request, S/MIME

Mar 24 2020

gniibe changed the status of T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix from Open to Testing.

This should work well with libksba master and gnupg/sm master.

Mar 24 2020, 3:35 AM · Testing, S/MIME, Feature Request, libksba

Mar 5 2020

werner lowered the priority of T4538: Support PSS signed CRLs from Normal to Low.

It is actually questionable whether PSS is a better padding scheme than PKCS#1, see
https://www.metzdowd.com/pipermail/cryptography/2019-November/035449.html . PSS seems indeed be rarely used; quoting Peter from a followup on his writeup: “If I get time over the weekend, and I can find a CMS message signed with RSA-PSS, I'll create a forgery using xor256.”

Mar 5 2020, 10:27 AM · dirmngr, S/MIME, libksba

Mar 4 2020

aheinecke added a comment to T4538: Support PSS signed CRLs.

To summarize: The DGN CRL uses a the RSA-PSS Padding / Signature Scheme. ( https://de.wikipedia.org/wiki/Probabilistic_Signature_Scheme )

Mar 4 2020, 3:17 PM · dirmngr, S/MIME, libksba

Jan 8 2020

hudson added a comment to T4801: libksba reproducible builds.

Sorting the table is a good idea for reproducibility, since otherwise the tree depends on the order of the arguments to asn1-gentables, which are generated with a wildcard expansion that might be shell or file system dependent.

Jan 8 2020, 1:45 PM · libksba, Bug Report
werner triaged T4801: libksba reproducible builds as Normal priority.

Frankly, I am not sure why we sort that table at all. Your patch does not harm, though.

Jan 8 2020, 1:26 PM · libksba, Bug Report

Jun 1 2019

ametzler1 added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

gniibe wrote:

Jun 1 2019, 6:09 PM · libksba, Feature Request

May 31 2019

gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

RFC 5280 only addresses about BCP78 and not about TLP, while RFC 5652, RFC 5755, RFC 5911 and RFC 5912 address explicitly about TLP. In this situation, I wonder if it's better to take the definitions of Extensions, UniqueIdentifier, and GeneralNames from RFC 5280. To be conservative, I don't include them now.

May 31 2019, 7:32 AM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

I pushed more changes to include modules in RFC 5911 and RFC 5912.

May 31 2019, 5:50 AM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

Comparing old cms.asn and new cms.asn, now I understand how RFC 3370 matters. I added those things back from RFC 5911 (which cites RFC 3370) which comes with BSD license for code.

May 31 2019, 4:52 AM · libksba, Feature Request

May 30 2019

dkg added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

@gniibe thank you!

May 30 2019, 10:53 PM · libksba, Feature Request
gniibe added a comment to T4487: libksba: please refresh ASN.1 components from more recent RFCs with BSD licensing.

I did some work (since Debian is important for us).
Please have a look at my topic branch: gniibe/fix-4487
or:
https://dev.gnupg.org/source/libksba/history/gniibe%252Ffix-4487/
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=refs/heads/gniibe/fix-4487

May 30 2019, 10:18 AM · libksba, Feature Request