Not A BugCommunication
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Thu, Jun 18

werner closed T4976: Revocation Date after importing a Rev-Cert as Resolved.
Thu, Jun 18, 10:33 AM · gnupg, Not A Bug

May 8 2020

aheinecke closed T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 as Resolved.

Thanks for the patch, applied!
You are correct the NEWS file states that this was added in 1.9.0

May 8 2020, 12:35 PM · patch, Not A Bug, gpgme, Documentation
aheinecke added a commit to T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 : rM49c13854f3bf: GPGME_CREATE_NOEXPIRE is only available since 1.9.0.
May 8 2020, 12:34 PM · patch, Not A Bug, gpgme, Documentation

May 5 2020

bernhard added a comment to T4935: online libgcrypt manual 1.8.5 2020-05-04 has false UPDATED date.

Taking a look at other GNU manuals, both GNU make and GNU Bison have a better phrasing,
so I suggest the Bison way (https://www.gnu.org/software/bison/manual/html_node/index.html):

This manual (7 December 2019) is for GNU Bison (version 3.5), the GNU parser generator.

May 5 2020, 12:31 PM · Not A Bug, libgcrypt
bernhard added a comment to T4935: online libgcrypt manual 1.8.5 2020-05-04 has false UPDATED date.

Ah, okay, then the phrasing is missleading, the sentence looks like libgcrypt was released on this date and not the manual.

May 5 2020, 9:01 AM · Not A Bug, libgcrypt

May 4 2020

werner closed T4935: online libgcrypt manual 1.8.5 2020-05-04 has false UPDATED date as Resolved.

Nope, that is correct, the last update of the manual was

May 4 2020, 7:14 PM · Not A Bug, libgcrypt

Apr 25 2020

dup edited projects for T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 , added: Not A Bug, patch; removed Bug Report.
Apr 25 2020, 10:39 PM · patch, Not A Bug, gpgme, Documentation

Mar 24 2020

werner closed T4887: GPG is throwing error while doing (encryption+sign) or Decryption as Invalid.

@sarman: Your question is actually a support question and not a bug report. Please read the documentation, use the public help channels (so that other can also learn from the issue), or get in touch with a commercial support provider.

Mar 24 2020, 10:48 AM · Not A Bug, Solaris, gnupg, Documentation

Mar 20 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

That option does the same as --disable-dirmngr which in trun has the same effect as disable-crl-checks

Mar 20 2020, 4:49 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

@werner wrote:

Mar 20 2020, 4:45 PM · Not A Bug, S/MIME, gpgme
aheinecke added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

Sample how GpgOL handles this: https://dev.gnupg.org/source/gpgol/browse/master/src/keycache.cpp;6f5f48c3d60e0af52f1a9f0e51f60ee653eeeb31$269

Mar 20 2020, 11:03 AM · Not A Bug, S/MIME, gpgme
aheinecke added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I think what you're saying that there is *no way* to use GPGME in offline mode to validate x.509 certificates, and this is by design. Am I understanding that right?

Mar 20 2020, 11:00 AM · Not A Bug, S/MIME, gpgme
werner added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

After disabling the CRL check again in gpgsm.conf

Mar 20 2020, 8:56 AM · Not A Bug, S/MIME, gpgme

Mar 19 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I see no difference between the last two example stanzas that show you running ../run-verify. Are they supposed to have different output?

Mar 19 2020, 10:58 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

I'm aware of the metadata leakage risks of OCSP, and i share your concerns about them.

Mar 19 2020, 10:14 PM · Not A Bug, gnupg (gpg22), S/MIME
werner added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

OCSP can't be the default because it enables a web bug. The responder immediately sees when a signature is verified or a data is encrypted to a certificate.

Mar 19 2020, 7:00 PM · Not A Bug, gnupg (gpg22), S/MIME
dkg added a comment to T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs..

If CRLs or OCSP are a MUST in a given profile, and the cert chain has OCSP but no CRL, it seems like that profile should then try OCSP, rather than failing.

Mar 19 2020, 6:53 PM · Not A Bug, gnupg (gpg22), S/MIME
werner added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

That option does the same as --disable-dirmngr which in trun has the same effect as disable-crl-checks; see gnupg/sm/server.c#option_handler. If you want to check the validity of the cert you check the TRUST status lines. This is what gpgme does for you. An example is gpgme.tests/gpgsm/t-verify. You can run the tests also manually, I do this as follows:

Mar 19 2020, 6:25 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I think what you're saying that there is *no way* to use GPGME in offline mode to validate x.509 certificates, and this is by design. Am I understanding that right?

Mar 19 2020, 5:25 PM · Not A Bug, S/MIME, gpgme
werner edited projects for T4881: "User ID" (Subject, subjectAltName) validity is inaccurate in gpgsm with sample certs., added: Not A Bug; removed Bug Report.
Mar 19 2020, 1:07 PM · Not A Bug, gnupg (gpg22), S/MIME
werner edited projects for T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set, added: Not A Bug; removed Bug Report.

I can see no bug here. See my comment over at T4881.

Mar 19 2020, 1:06 PM · Not A Bug, S/MIME, gpgme

Jan 11 2020

werner closed T4806: File decrypts without password as Resolved.

It is a feature not a bug. For symmetric encryption the gpg-agent remembers the passphrase used for the encryption and thus for some time or until /gpgconf --reload gpg-agent/ it tries that passphrase for decryption.

Jan 11 2020, 10:19 AM · Not A Bug

Sep 6 2019

werner closed T2203: gpgconf fail to start gpg-agent as Invalid.

This seems to be closely related to T4319 and due to to some, ahem, interesting configuration.

Sep 6 2019, 5:25 PM · Not A Bug

Jun 25 2019

werner closed T4579: RSA CRT decryption occasional failure as Invalid.
Jun 25 2019, 1:28 PM · OpenPGP, Not A Bug
Anthony added a comment to T4579: RSA CRT decryption occasional failure.

I see. Thanks for your explanation.

Jun 25 2019, 12:07 PM · OpenPGP, Not A Bug

Jun 24 2019

werner edited projects for T4579: RSA CRT decryption occasional failure, added: Not A Bug, OpenPGP; removed Bug Report.

I see. Thus the problem is that IPWorksOpenPGP does not create proper OpenPGP private keys. I guess they use OpenSSL with their different CRT parameter style and do not convert them correctly. RFC-4880 says this in 5.5.3:

The secret key is this series of multiprecision integers:
o  MPI of RSA secret exponent d;
o  MPI of RSA secret prime value p;
o  MPI of RSA secret prime value q (p < q);
o  MPI of u, the multiplicative inverse of p, mod q.
Jun 24 2019, 2:37 PM · OpenPGP, Not A Bug

Jun 4 2019

gniibe closed T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0 as Resolved.
Jun 4 2019, 1:52 AM · Not A Bug, gnupg, gpgme, Bug Report

May 31 2019

gniibe added a comment to T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.

FYI, pEp annoyance was addressed and handled here: https://bugs.debian.org/891882
By this patch: https://sources.debian.org/src/enigmail/2:2.0.11+ds1-1/debian/patches/0002-Avoid-auto-download-of-pEpEngine-Closes-891882.patch/

May 31 2019, 7:57 AM · Not A Bug, gnupg, gpgme, Bug Report

May 30 2019

ideaantenna added a comment to T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.

Thank you for your response.

May 30 2019, 9:44 PM · Not A Bug, gnupg, gpgme, Bug Report
gniibe claimed T4546: make check error on gnupg-2.2.15 and gpgme-1.13.0.

For GnuPG, the error is: you don't have run-able libntbtls.so in your environment (because of your wrong configuration, perhaps) but you have it to link.
For GPGME, the error is: your linked libgpg-error.so.0 and the one which runs are different (because of your wrong configuration, perhaps).

May 30 2019, 4:25 AM · Not A Bug, gnupg, gpgme, Bug Report

May 22 2019

werner closed T4533: Could not decrypt the data: Data is not integrity protected. Decrypting it could be a security problem. (no MDC) as Resolved.

You need to update the public key and convey it to the sender. This will solve the problems. You should also ask the sender to update their software so that an MDC is always used regardless of the flag.

May 22 2019, 7:24 PM · Not A Bug, gpg4win

May 17 2019

werner closed T4519: file decryption not happening with passphrase from webmethods as Invalid.

I can't see any bug here so I will close this bug now.

May 17 2019, 8:34 AM · gnupg, Not A Bug

May 16 2019

hari added a comment to T4519: file decryption not happening with passphrase from webmethods .

Hi Werner,

May 16 2019, 9:28 PM · gnupg, Not A Bug
werner edited projects for T4519: file decryption not happening with passphrase from webmethods , added: Not A Bug, gnupg; removed Bug Report.

Please use one of the mailing lists to solve your problem. 2.3 is a development version, so I wonder from where you got this version of GnuPG.

May 16 2019, 8:40 PM · gnupg, Not A Bug

Mar 6 2019

aheinecke closed T4391: GnuPG: Failure to import public key as Resolved.

Thank you very much for the analysis. I'll forward the info.

Mar 6 2019, 7:52 AM · Not A Bug, gnupg

Mar 5 2019

werner placed T4391: GnuPG: Failure to import public key up for grabs.

The creating software is broken in regard to non-ASCII characters in the UID:

Mar 5 2019, 8:13 PM · Not A Bug, gnupg
werner closed T4387: Export ssh key fails (brainpoolP256r1) as Resolved.

ssh does nut support brainpool curves and thus GnuPG does not know how to map its internal name of the curve to the name as specified by ssh. GnuPG supports these curves:

Mar 5 2019, 8:23 AM · ssh, Not A Bug

Jan 15 2019

Cocoanino added a comment to T2203: gpgconf fail to start gpg-agent.

So the output of this was

Jan 15 2019, 2:13 AM · Not A Bug

Jan 11 2019

Cocoanino added a comment to T2203: gpgconf fail to start gpg-agent.

Thanks @werner I will do tonight when connecting to my team mates PC.
Btw meanwhile I actually felt like I need to open next issue where I explain all my details

Jan 11 2019, 10:49 PM · Not A Bug
werner added a comment to T2203: gpgconf fail to start gpg-agent.

Your home is under /dev/ - really? Please run

Jan 11 2019, 4:45 PM · Not A Bug
Cocoanino reopened T2203: gpgconf fail to start gpg-agent as "Open".
Jan 11 2019, 3:50 AM · Not A Bug
Cocoanino added a comment to T2203: gpgconf fail to start gpg-agent.

Okay I think I got the root of the issue

Jan 11 2019, 3:11 AM · Not A Bug
Cocoanino added a comment to T2203: gpgconf fail to start gpg-agent.

When I did

brew reinstall gpg2

I saw this today

Jan 11 2019, 1:34 AM · Not A Bug

Jan 10 2019

Cocoanino added a comment to T2203: gpgconf fail to start gpg-agent.
In T2203#88661, @nuimk wrote:

/usr/local/bin/gpg-agent -v --daemon

Jan 10 2019, 3:30 PM · Not A Bug

Nov 20 2018

aheinecke closed T4247: GPG4WIN / Kleopatra (3.1.4) Encrypt file / Decryption fails on Network Associates PGP 6.5.8 as Invalid.

I'm closing this issues as "Invalid" because it is not an issue of Gpg4win. You can still comment and discuss here.

Nov 20 2018, 8:06 AM · gpg4win, Not A Bug

Nov 9 2018

aheinecke changed the status of T4247: GPG4WIN / Kleopatra (3.1.4) Encrypt file / Decryption fails on Network Associates PGP 6.5.8 from Open to Testing.

First let me say that it is never a good Idea to use outdated / unmaintained security software. PGP Messages are external input and you pass that to unmaintained software.

Nov 9 2018, 7:46 AM · gpg4win, Not A Bug

Nov 8 2018

Valodim added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

Fair enough. Let's wait and see what others think.

Nov 8 2018, 1:24 PM · Not A Bug, OpenPGP, gnupg
werner closed T4235: GnuPG doesn't respect key flags when decrypting as Resolved.

Also consider that it is possible to change the key usage flags. Thus it will never be clear whether one has a fixed or unfixed public key. I'd like to close this bug because it is currently also discussed in the IETF WG.

Nov 8 2018, 1:10 PM · Not A Bug, OpenPGP, gnupg

Nov 2 2018

WorriedlyObvious updated the task description for T4240: Broken URL on "Software list" page of gnupg.org.
Nov 2 2018, 2:50 PM · gpgweb, Bad link
WorriedlyObvious created T4240: Broken URL on "Software list" page of gnupg.org.
Nov 2 2018, 2:50 PM · gpgweb, Bad link