Page MenuHome GnuPG

backportTag
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Apr 13 2023

gniibe closed T5891: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgcrypt-1.10.0 as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:47 AM · backport, libgcrypt, Bug Report
gniibe closed T5973: libgcrypt: Minor test issues reported by coverity as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:47 AM · backport, patch, libgcrypt, Bug Report
gniibe closed T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd') as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:46 AM · backport, hppa, libgcrypt, Gentoo, Bug Report
gniibe closed T5980: compilation error libgcrypt 1.10.1 as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:46 AM · backport, ppc, AIX, libgcrypt, Bug Report
gniibe closed T6066: gcry_pk_hash_verify() does not work with explicitly specified hash algorithm as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:39 AM · backport, libgcrypt, Bug Report
gniibe closed T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF as Resolved.
Apr 13 2023, 3:31 AM · backport, libgcrypt, FIPS
gniibe closed T5975: Allow signature verification using specific RSA keys <2k in FIPS mode as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:20 AM · backport, patch, libgcrypt, FIPS, Feature Request
gniibe closed T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:20 AM · backport, FIPS, libgcrypt
gniibe closed T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime" as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:19 AM · backport, FIPS, libgcrypt, Bug Report
gniibe closed T5918: Disable RSA PKCS #1.5 encryption in FIPS mode as Resolved.
Apr 13 2023, 3:12 AM · backport, libgcrypt, FIPS, Bug Report
gniibe closed T5970: gcry_mpi_invm producing wrong result as Resolved.

Fixed in 1.10.2.

Apr 13 2023, 3:11 AM · backport, libgcrypt, Bug Report

Apr 5 2023

ebo moved T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 3:13 PM · backport, gnupg (gpg22), Bug Report, Restricted Project

Jan 19 2023

werner removed a project from T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO: gnupg (gpg23).
Jan 19 2023, 4:45 PM · gnupg24, scd
werner edited projects for T4921: Support import of PKCS#12 encoded ECC private keys., added: gnupg22; removed gnupg (gpg22).
Jan 19 2023, 4:42 PM · gnupg22, backport, Feature Request, S/MIME
werner closed T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address as Resolved.
Jan 19 2023, 4:41 PM · backport, gnupg (gpg22), Bug Report, Restricted Project

Dec 12 2022

werner claimed T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address.
Dec 12 2022, 11:46 AM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner moved T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Dec 12 2022, 11:45 AM · backport, gnupg (gpg22), Bug Report, Restricted Project

Nov 29 2022

werner closed T5826: Improve detached signing and verification speed as Resolved.

Done (STABLE-BRANCH-2-2.40 for now)

Nov 29 2022, 12:23 PM · gnupg
werner reopened T5826: Improve detached signing and verification speed as "Open".
Nov 29 2022, 9:56 AM · gnupg

Nov 18 2022

gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

Let me describe the changes recorded in this task.

Nov 18 2022, 2:02 AM · backport, libgcrypt, FIPS

Nov 14 2022

spelissier updated the task description for T5977: Smartcard PIN stays in clear in memory.
Nov 14 2022, 1:18 PM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report
spelissier updated the task description for T5977: Smartcard PIN stays in clear in memory.
Nov 14 2022, 1:17 PM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report

Oct 28 2022

werner changed the status of T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address from Open to Testing.
Oct 28 2022, 3:44 PM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner lowered the priority of T4921: Support import of PKCS#12 encoded ECC private keys. from High to Normal.

Shall we really backport this to 2.2 given that ECC for S/MIME is in most cases a smartcard thing?

Oct 28 2022, 3:38 PM · gnupg22, backport, Feature Request, S/MIME

Oct 20 2022

Jakuje added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

In regards to this issue, we were also notified that the MD API using gcry_md_setkey() can be used to calculate HMACs and it does not have the needed input key length limitation. From the discussion here I read that we would like to keep the internal usage still available so my proposal would be to to add similar check as in gcry_mac_setkey() into the above function. Together with the revert, it is available in the following merge request:

Oct 20 2022, 6:33 PM · backport, libgcrypt, FIPS
Jakuje added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

I read the document (SP 800-131Ar2) again. I think that it would be irrelevant for PKDF2, because it's password KDF, not deriving additional keys from a Cryptographic Key.

Oct 20 2022, 11:12 AM · backport, libgcrypt, FIPS
gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

I read the document (SP 800-131Ar2) again. I think that it would be irrelevant for PKDF2, because it's password KDF, not deriving additional keys from a Cryptographic Key.

Oct 20 2022, 2:15 AM · backport, libgcrypt, FIPS

Oct 14 2022

gniibe removed 8 auditor(s) for rG8046fcac63db: po: Update Czech translation.: !assert, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_187, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_186, _Frosty_, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_1, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_10, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_100, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_101.
Oct 14 2022, 2:47 AM
canti59 added 4 auditor(s) for rG8046fcac63db: po: Update Czech translation.: _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_1, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_10, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_100, _YOU_HAVE_BEEN_HACKED_HAHAHAHA_HACKED_BY_HMEI7_101.
Oct 14 2022, 2:08 AM

Sep 22 2022

werner changed the status of T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance from Open to Testing.
Sep 22 2022, 11:02 AM · backport, FIPS, libgcrypt
werner changed the status of T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime" from Open to Testing.
Sep 22 2022, 11:02 AM · backport, FIPS, libgcrypt, Bug Report
werner changed the status of T5891: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgcrypt-1.10.0 from Open to Testing.
Sep 22 2022, 11:02 AM · backport, libgcrypt, Bug Report
werner changed the status of T5918: Disable RSA PKCS #1.5 encryption in FIPS mode from Open to Testing.
Sep 22 2022, 11:01 AM · backport, libgcrypt, FIPS, Bug Report
werner changed the status of T5973: libgcrypt: Minor test issues reported by coverity from Open to Testing.
Sep 22 2022, 11:01 AM · backport, patch, libgcrypt, Bug Report
werner changed the status of T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd') from Open to Testing.
Sep 22 2022, 11:00 AM · backport, hppa, libgcrypt, Gentoo, Bug Report
werner changed the status of T5970: gcry_mpi_invm producing wrong result from Open to Testing.
Sep 22 2022, 10:56 AM · backport, libgcrypt, Bug Report
werner changed the status of T5975: Allow signature verification using specific RSA keys <2k in FIPS mode from Open to Testing.
Sep 22 2022, 10:56 AM · backport, patch, libgcrypt, FIPS, Feature Request
werner changed the status of T5980: compilation error libgcrypt 1.10.1 from Open to Testing.
Sep 22 2022, 10:55 AM · backport, ppc, AIX, libgcrypt, Bug Report
werner changed the status of T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF from Open to Testing.
Sep 22 2022, 10:54 AM · backport, libgcrypt, FIPS
werner changed the status of T6066: gcry_pk_hash_verify() does not work with explicitly specified hash algorithm from Open to Testing.
Sep 22 2022, 10:52 AM · backport, libgcrypt, Bug Report

Sep 2 2022

werner removed a project from T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO: Restricted Project.
Sep 2 2022, 3:08 PM · gnupg24, scd

Aug 30 2022

gniibe moved T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF from Next to Ready for release on the FIPS board.
Aug 30 2022, 7:33 AM · backport, libgcrypt, FIPS

Aug 24 2022

werner added projects to T6135: Agent, P15: Insert Smartcard query uses serial number instead of $DISPSERIALNO: backport, gnupg (gpg23).

Needs to be forward ported to master

Aug 24 2022, 5:26 PM · gnupg24, scd

Aug 22 2022

tigernero added a comment to T6070: Yubikey 5C 'not available: card error' regression.

exact v.2.3.8 is expected, generally I don't import Key on yubico I generate them directly from yubico itself in order to have the private Key created directly on yubico and not exportable.

Aug 22 2022, 9:47 PM · gnupg (gpg23), scd, Bug Report
acerbisgianluca added a comment to T6070: Yubikey 5C 'not available: card error' regression.

Hi! I would like to add my experience about this issue.

Aug 22 2022, 6:42 PM · gnupg (gpg23), scd, Bug Report

Aug 21 2022

tigernero added a comment to T6070: Yubikey 5C 'not available: card error' regression.

what's new for a possible gnupg 2.3.8 or gpg4win 4.0.4 release?

Aug 21 2022, 2:30 PM · gnupg (gpg23), scd, Bug Report

Aug 9 2022

werner added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

Should go into 1.10 too

Aug 9 2022, 11:12 AM · backport, libgcrypt, FIPS
werner added a project to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF: backport.
Aug 9 2022, 11:11 AM · backport, libgcrypt, FIPS

Aug 4 2022

sylvain-spryker added a comment to T6070: Yubikey 5C 'not available: card error' regression.

@gniibe Perfect, I got the update during the night actually. Thanks a lot for your work 🙏 .

Aug 4 2022, 7:02 AM · gnupg (gpg23), scd, Bug Report
gniibe added a comment to T6070: Yubikey 5C 'not available: card error' regression.

For the firmware 5.4.3, I confirmed that it works well with the changes:
https://dev.gnupg.org/T6070#160150

Aug 4 2022, 1:40 AM · gnupg (gpg23), scd, Bug Report