Today
I disabled this for offline keys because I erroneously assumed that one would need the primary key for changing the password. We can simply replace the check for the primary secret key with a check for any secret subkey that's stored on disk.
Yesterday
Along with the monitor we should also implement a domain selection feature.
Wed, Apr 24
Tue, Apr 23
Another important use-case is to provide a way to migrate to a newer smartcard.
Mon, Apr 22
Wed, Apr 17
Of course, it should be possible to toggle "disabled" in Kleopatra.
A (context) menu entry "disable certificate" (or "enable certificate") should be sufficient.
Tue, Apr 16
Mon, Apr 15
Thu, Apr 11
I had wrong interpretation about symmetric cipher algorithm identifier in the draft. It specifies symmetric cipher for the following Symmetrically Encrypted Data Packet (I was wrongly interpret as if it were specifying algo for AES keywrap).
Wed, Apr 10
"Today" was already removed together with other changes for T6621: Kleopatra: Remove "in n days/weeks/months/years" input from Change Validity Period dialog.
I merged the change by Werner to get the value from frontend.
Tue, Apr 9
In the current code, just for testing against the test vector in m https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-pqc-02, there are specific value in the key combiner KDF.
Namely, the value 105 for fixedInfo is defined in the draft (and it will be changed).
Fri, Apr 5
I created a pubkey (actually a subkey) for your above test keys:
I use this for testing:
Wed, Apr 3
With Gpg4win-4.3.1 I consider this solved:
Mar 26 2024
Mar 25 2024
On March 11 and 18, the private key file DE1AB1D22899CEC7DBB1A7863F34E6E92BFB7756.key was wrong.
I updated on March 25. Now, the endian is GnuPG (d is big endian).
Mar 18 2024
Thank you!
See T7046 for the release info. Note that the mentioned fix for kwallet already landed.
I extracted data from https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-pqc-02 and compose x25519 key and MLKEM768 key. Here they are.
x25519 :
MLKEM768 :
Mar 15 2024
Mar 14 2024
Mar 11 2024
Mar 8 2024
I still need to land the fix for the kwallet problem, but that can be done first thing monday so nothing that really blocks a release
I had a look at the open tasks for pinentry(-qt) and didn't see anything that we should address before doing a release. @werner?
Mar 7 2024
I should say: I can ship a snapshot in Gentoo if that's okay, but I'd prefer not to.
As a first experiment, let us use CIPHERTEXT in the format of (enc-val(ecdh(s%m)(e%m)(k%m))) (s: encrypted-session-key, e: ecc ephemeral key, k: kyber ephemeral key).