g10Project
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Details

Description

This subproject allows committers to use "g10: <TITLE>" in commit messages.

Recent Activity

Apr 20 2018

gniibe added a comment to T3781: ECC encryption key on-card generation broken.

@nitroalex Perhaps, creating new ticker is better for this topic.
In the current OpenPGP card specification, there is no way for an application (except having a list of card implementation information) to know wich algo and which curve is supported or not.
So, what an application does is try and error.
I don't like this situation, but I don't know how we can modify the specification.

Apr 20 2018, 10:10 AM · g10, scd, Bug Report

Apr 19 2018

nitroalex added a comment to T3781: ECC encryption key on-card generation broken.

Well, I surely would agree (and this is only a proposal anyway), but my point here is, that OpenPGP Card does not support Curve 25519, so that one *have to* choose between those other two. Considering me a tinfoil hat person, I would rather not choose NIST, as many others wouldn't too.

Apr 19 2018, 2:27 PM · g10, scd, Bug Report

Apr 13 2018

werner added a comment to T3781: ECC encryption key on-card generation broken.

Neither Brainpool nor NIST curves make any sense unless there is an organizational policy requirement. Thus the --expert requirement is the Right Thing (tm).

Apr 13 2018, 12:53 PM · g10, scd, Bug Report

Apr 12 2018

nitroalex added a comment to T3781: ECC encryption key on-card generation broken.

works just fine, thx!

Apr 12 2018, 3:30 PM · g10, scd, Bug Report

Apr 11 2018

gniibe closed T3781: ECC encryption key on-card generation broken as Resolved.

Fixed in 2.2.6.

Apr 11 2018, 1:58 AM · g10, scd, Bug Report

Mar 30 2018

gniibe changed the status of T3781: ECC encryption key on-card generation broken from Open to Testing.
Mar 30 2018, 4:52 AM · g10, scd, Bug Report
gniibe added a comment to T3781: ECC encryption key on-card generation broken.

Furthermore, I changed to have an explicit command: key-attr

Mar 30 2018, 4:52 AM · g10, scd, Bug Report
gniibe added a commit to T3781: ECC encryption key on-card generation broken: rG820380335a20: g10: Add "key-attr" command for --card-edit..
Mar 30 2018, 4:04 AM · g10, scd, Bug Report

Mar 29 2018

gniibe triaged T3781: ECC encryption key on-card generation broken as Normal priority.

I changed the interaction so that user can specify RSA or ECC, then when it's for ECC, specifying curve.

Mar 29 2018, 6:10 AM · g10, scd, Bug Report
gniibe added a commit to T3781: ECC encryption key on-card generation broken: rGa1515b3bbc10: g10: Support key attribute change at --card-edit/generate..
Mar 29 2018, 5:06 AM · g10, scd, Bug Report

Mar 5 2018

Arnaud added a comment to T3781: ECC encryption key on-card generation broken.

This would be a good solution.

Mar 5 2018, 11:05 AM · g10, scd, Bug Report
werner added a comment to T3781: ECC encryption key on-card generation broken.

This has also the advantage that we could list the possible curves and let the user select them.

Mar 5 2018, 9:40 AM · g10, scd, Bug Report
werner added a comment to T3781: ECC encryption key on-card generation broken.

So should we revert this patch and replace it by an explicit command to switch the card to ECC?

Mar 5 2018, 9:39 AM · g10, scd, Bug Report

Feb 16 2018

jfe closed T3770: heap buffer overflow in iobuf.c as Resolved.
Feb 16 2018, 7:33 PM · g10, Bug Report
jfe added a comment to T3770: heap buffer overflow in iobuf.c.

This handles the problem, thanks.

Feb 16 2018, 7:32 PM · g10, Bug Report

Feb 15 2018

werner added a comment to T3770: heap buffer overflow in iobuf.c.

Does this patch help? My artificial test confirmed that this does the Right Thing.

Feb 15 2018, 11:49 AM · g10, Bug Report
werner added a commit to T3770: heap buffer overflow in iobuf.c: rG5e3679ae395e: kbx: Fix detection of corrupted keyblocks on 32 bit systems..
Feb 15 2018, 11:47 AM · g10, Bug Report
werner claimed T3770: heap buffer overflow in iobuf.c.
Feb 15 2018, 11:24 AM · g10, Bug Report
jfe added a comment to T3770: heap buffer overflow in iobuf.c.

Yes, that is correct.

Feb 15 2018, 10:34 AM · g10, Bug Report
gniibe added a comment to T3770: heap buffer overflow in iobuf.c.

I guess that you are running on 32-bit architecture where the function keybox_get_keyblock uses 32-bit signed size_t for image_off and image_len.

Feb 15 2018, 7:37 AM · g10, Bug Report

Feb 14 2018

jfe added a comment to T3770: heap buffer overflow in iobuf.c.

That's weird, I can reproduce it with a fresh pull from dev.gnupg.org (I can't clone it because it keeps giving me an error like "no rule to make target audit-events.h) by configuring with CFLAGS set to -fsantize=address -ldl and LDFLAGS set to -lasan. I added the -ldl because of a linking error with symbol dlsym (only when -fsantize=address is present). It more specifically complains about a READ access of size 1 and heap-buffer-overflow on address 0xb30037b0. It also mentions that this address is a wild pointer. The call tree looks as follows:
iobuf_temp_with_content
keybox_get_keyblock
keydb_get_keyblock
do_export_stream
do_export
export_pubkeys
main

Feb 14 2018, 9:44 PM · g10, Bug Report
werner added a comment to T3770: heap buffer overflow in iobuf.c.

Can't replicate this with gcc's address sanitizer. I found a bug in kbxutil, though.
Can you post a bit more info than just line 1275?

Feb 14 2018, 4:54 PM · g10, Bug Report

Feb 13 2018

gniibe claimed T3781: ECC encryption key on-card generation broken.
Feb 13 2018, 5:33 AM · g10, scd, Bug Report

Feb 6 2018

jfe added a comment to T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.

Great, thanks for the quick response!

Feb 6 2018, 6:25 PM · g10, Bug Report
Arnaud updated the task description for T3781: ECC encryption key on-card generation broken.
Feb 6 2018, 6:12 PM · g10, scd, Bug Report
Arnaud updated the task description for T3781: ECC encryption key on-card generation broken.
Feb 6 2018, 6:11 PM · g10, scd, Bug Report
Arnaud created T3781: ECC encryption key on-card generation broken.
Feb 6 2018, 6:10 PM · g10, scd, Bug Report
werner added a commit to T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c: rG8305739fe857: gpg: Fix packet length checking in symkeyenc parser..
Feb 6 2018, 6:01 PM · g10, Bug Report
werner closed T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c as Resolved.

Thanks for testing. I recall that I wanted to update the checking but a phonecall disturbed my hacking sequence; should have used DND.

Feb 6 2018, 5:47 PM · g10, Bug Report
jfe updated the task description for T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.
Feb 6 2018, 1:12 PM · g10, Bug Report
jfe created T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.
Feb 6 2018, 1:10 PM · g10, Bug Report

Feb 3 2018

werner triaged T3770: heap buffer overflow in iobuf.c as Unbreak Now! priority.
Feb 3 2018, 1:30 AM · g10, Bug Report

Feb 2 2018

jfe created T3770: heap buffer overflow in iobuf.c.
Feb 2 2018, 4:28 PM · g10, Bug Report

Apr 11 2017

marcus created g10.
Apr 11 2017, 5:50 PM