Page MenuHome GnuPG

S/MIMEProject
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Wed, Dec 11

aheinecke merged T3793: Speed up Keylistings in GPG(SM) into T6206: Kleopatra: Listing certificates initially just takes too long..
Wed, Dec 11, 6:58 AM · S/MIME, gnupg, kleopatra

Oct 29 2024

werner edited projects for T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", added: gnupg26; removed gnupg24.
Oct 29 2024, 1:23 PM · gnupg26, S/MIME, Feature Request
werner edited projects for T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy, added: gnupg26; removed gnupg24.
Oct 29 2024, 1:21 PM · gnupg26, S/MIME, Restricted Project

Oct 4 2024

werner added a comment to T7308: Speed up the X.509 key listings.

Test on a dedicated Windows box (T 460, i5-6300U@2.40GHz, harddisk):

VSD Versiongpg versionLoad time
3.1.262.2.411:59
3.2.4 beta-22.2.45 beta 250:46
Oct 4 2024, 3:03 PM · S/MIME, Feature Request, gnupg
werner edited projects for T4537: gpgsm support for timestamp signatures, added: gnupg26; removed gnupg24.
Oct 4 2024, 12:14 PM · gnupg26, S/MIME, Feature Request
werner claimed T7319: gpgsm/dirmngr: Improve forward path-building via http AIA extension in x.509 certificates.
Oct 4 2024, 12:10 PM · S/MIME, gnupg26, Feature Request
werner added a comment to T7308: Speed up the X.509 key listings.

Overall effect of these changes tested on a small Windows VM is only 47 -> 26 seconds. Did also tests with --kbx-buffer-size but that does not make it better than the default, either.

Oct 4 2024, 12:05 PM · S/MIME, Feature Request, gnupg

Oct 1 2024

ebo moved T6807: Kleo shows 3 certs in a chain while there are only two from Restricted Project Column to Restricted Project Column on the Restricted Project board.

works, the Root-CA of the above example is only shown once any more. Gpg4win-Beta-50

Oct 1 2024, 4:38 PM · vsd33, Restricted Project, S/MIME, Bug Report, kleopatra
ebo moved T6807: Kleo shows 3 certs in a chain while there are only two from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Oct 1 2024, 3:56 PM · vsd33, Restricted Project, S/MIME, Bug Report, kleopatra

Sep 30 2024

werner closed T7308: Speed up the X.509 key listings as Resolved.

Will be available in 2.2.45 and 2.5.2

Sep 30 2024, 7:08 PM · S/MIME, Feature Request, gnupg
werner added a comment to T7308: Speed up the X.509 key listings.

Now we are at 4 seconds. Available in master and 2.2.

Sep 30 2024, 6:49 PM · S/MIME, Feature Request, gnupg

Sep 27 2024

werner added a comment to T7308: Speed up the X.509 key listings.

With that patch we are down to about 6 seconds.

Sep 27 2024, 3:49 PM · S/MIME, Feature Request, gnupg
werner triaged T7308: Speed up the X.509 key listings as High priority.
Sep 27 2024, 3:47 PM · S/MIME, Feature Request, gnupg

Aug 14 2024

ebo moved T7213: PKCS #12 import fails on broken P12 files which MS accepts from QA to gnupg-2.2.44 on the gnupg22 board.
Aug 14 2024, 12:47 PM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project
ebo closed T7213: PKCS #12 import fails on broken P12 files which MS accepts as Resolved.

Did a quick manual test import and encryption/decryption with VS-Desktop-3.2.93.1-Beta with the relevant test-X509 certificate.
Works as expected.

Aug 14 2024, 12:47 PM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project

Aug 13 2024

zablockil added a comment to T4537: gpgsm support for timestamp signatures.

I made a ticket on bugzilla with ready-made tests for S/MIME, but on close inspection a different structure appears for S/MIME and another for qualified signature (openssl could not verify token extracted from CAdES-BASELINE-T signature). However, these tests can be very useful.

Aug 13 2024, 5:10 PM · gnupg26, S/MIME, Feature Request

Aug 7 2024

werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

FWIW, I received that mail but I hope that this bug is at least fixed with today's fix for T7213. Thus not re-opening.

Aug 7 2024, 11:47 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T7213: PKCS #12 import fails on broken P12 files which MS accepts.

This patch has a new fix for T5793 which is now only used where needed.

Aug 7 2024, 11:38 AM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project
werner moved T7213: PKCS #12 import fails on broken P12 files which MS accepts from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Aug 7 2024, 11:26 AM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project
werner changed the status of T7213: PKCS #12 import fails on broken P12 files which MS accepts from Open to Testing.

I don't think that we can do much manual testing here because we have all test cases anyway in the regression test suite and our local non-public regression tests (which has the p12 files we are not allowed to publish)

Aug 7 2024, 11:26 AM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project

Aug 6 2024

werner added a comment to T7213: PKCS #12 import fails on broken P12 files which MS accepts.

Alright. Done for master; backport will come soon.

Aug 6 2024, 5:53 PM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project

Jul 31 2024

werner added a comment to T7213: PKCS #12 import fails on broken P12 files which MS accepts.

The garbled data might be due to a bug in dumpasn1 (version 2021-02-12).

Jul 31 2024, 3:51 PM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project

Jul 25 2024

werner edited projects for T7213: PKCS #12 import fails on broken P12 files which MS accepts, added: gnupg22, Bug Report, S/MIME; removed gnupg22 (gnupg-2.2.44).
Jul 25 2024, 10:57 AM · gnupg22 (gnupg-2.2.44), S/MIME, Bug Report, Restricted Project

Jun 20 2024

werner renamed T7171: Allow for empty Subject in X.509 from Allow for empty Subject in X.508 to Allow for empty Subject in X.509.
Jun 20 2024, 3:27 PM · libksba, Bug Report, gnupg, S/MIME
werner triaged T7171: Allow for empty Subject in X.509 as Normal priority.
Jun 20 2024, 3:12 PM · libksba, Bug Report, gnupg, S/MIME

Jun 6 2024

werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key, a subtask of T6752: New minip12 does not import from Firefox anymore, as Resolved.
Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key as Resolved.

Can't find a mail - closing the ticket. Feel free to reopen or send me a mail to werner dot koch at gnupg.org but replace the org by com.

Jun 6 2024, 12:06 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a project to T7101: Automagically create a PGP key from a X.509 cert: Restricted Project.
Jun 6 2024, 11:59 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg
werner raised the priority of T7101: Automagically create a PGP key from a X.509 cert from Normal to High.
Jun 6 2024, 11:36 AM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg

May 13 2024

werner triaged T7115: gpgsm: support for importing x25519 and ed25519 private keys from .p12 files as Normal priority.
May 13 2024, 8:32 AM · S/MIME, gnupg26, Feature Request

May 12 2024

werner edited projects for T7115: gpgsm: support for importing x25519 and ed25519 private keys from .p12 files, added: Feature Request, gnupg26, S/MIME; removed Bug Report.

Yes, I think we should support this. Also X448. Thanks for the report and the samples.

May 12 2024, 10:42 PM · S/MIME, gnupg26, Feature Request

May 7 2024

ikloecker moved T6807: Kleo shows 3 certs in a chain while there are only two from Backlog to WiP on the vsd33 board.
May 7 2024, 10:15 AM · vsd33, Restricted Project, S/MIME, Bug Report, kleopatra
ikloecker added a project to T6807: Kleo shows 3 certs in a chain while there are only two: vsd33.
May 7 2024, 10:14 AM · vsd33, Restricted Project, S/MIME, Bug Report, kleopatra

Apr 24 2024

werner triaged T7101: Automagically create a PGP key from a X.509 cert as Normal priority.
Apr 24 2024, 3:03 PM · Restricted Project, Feature Request, S/MIME, OpenPGP, gnupg

Apr 2 2024

Mnaisoa added a comment to T3907: Internal error when encrypting to cacert certificate.
Apr 2 2024, 9:27 AM · Bug Report, S/MIME, gpg4win

Mar 12 2024

ikloecker placed T7015: gpgsm: Add status messages reporting imported certificates on --learn-card up for grabs.

Right. I think this task inherited the assignee from its parent task.

Mar 12 2024, 10:41 AM · S/MIME, gnupg, Restricted Project
aheinecke added projects to T7015: gpgsm: Add status messages reporting imported certificates on --learn-card: gnupg, S/MIME.
Mar 12 2024, 9:17 AM · S/MIME, gnupg, Restricted Project

Mar 6 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

I've sent you an email about it. It might have html elements due to markdown-here.

Mar 6 2024, 5:02 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Sorry, for not following up earlier. Can you please do me a favor and run the last tests again, this time adding -v and --debug 1 to the invocation? Feel free to forward the output to my private address is that is easier (wk at gnupg.org).

Mar 6 2024, 12:19 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 27 2024

werner added a project to T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy: gnupg24.
Feb 27 2024, 3:55 PM · gnupg26, S/MIME, Restricted Project
werner added a project to T6677: GPGSM: Add support for cert extension 2.5.29.36 Policy Constraints: gnupg24.
Feb 27 2024, 3:54 PM · gnupg24, S/MIME, Restricted Project

Feb 21 2024

werner closed T3907: Internal error when encrypting to cacert certificate as Wontfix.

Way to old. Does anyone still uses CAcert?

Feb 21 2024, 5:32 PM · Bug Report, S/MIME, gpg4win

Feb 7 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

The additional debug info are:

gpgsm: DBG: p12_parse:1998: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2006: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2021: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2054: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2061: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2069: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: DBG: p12_parse:2081: err=0 prk=0x0000000000000000,0x0000000000000000
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 4
gpgsm:              unchanged: 4
Feb 7 2024, 6:32 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Feb 7 2024, 9:09 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 6 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Could you write a quick patch file for that? (I don't have a working source build, I am using the Fedora spec file + patches)

Feb 6 2024, 5:18 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

The old debug output is in genral okay but what I would do is to add a couple of log_debug calls like

Feb 6 2024, 5:16 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

@werner I managed to recover the old .p12 that has the error. And this is still replicable. Is there a debug flag that would be useful or can we setup some private live-debugging for this?

Feb 6 2024, 12:18 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 5 2024

werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

I would have expected an error message right after

Feb 5 2024, 8:09 AM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report

Feb 2 2024

lecris added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Unfortunately I have deleted the .p12 with the CA chain, and I don't know how I've generated it. It also contained my production certificates so, kinda sensitive to upload here.

Feb 2 2024, 5:49 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report
werner added a comment to T6757: gpgsm 2.4 Fails to import P12 certificate/key.

Okay, I push the change for the extended salt size. Regarding the import of CA certificates, I have not seen any problems. In fact it is pretty common. Did you test with with 2.4.4. A test file would be helpful.

Feb 2 2024, 5:33 PM · gnupg24 (gnupg-2.4.4), S/MIME, Bug Report