FAQCommunication
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Mon, Nov 5

werner edited projects for T3118: gpg --sign --local-user ... fails with smartcard, added: gnupg; removed gnupg (gpg22).
Mon, Nov 5, 9:39 AM · gnupg, Documentation, FAQ

Jun 6 2018

werner added a comment to T3714: Failing to decrypt due to missing MDC.

BTW, you now need to use --rfc2440 to create a non-mdc message for testing.

Jun 6 2018, 4:30 PM · gnupg, FAQ, kleopatra

Jun 1 2018

aheinecke added a commit to T3714: Failing to decrypt due to missing MDC: rO9f7ec6eb2962: Add distinct error for legacy nomdc.
Jun 1 2018, 3:00 PM · gnupg, FAQ, kleopatra
aheinecke added a comment to T3714: Failing to decrypt due to missing MDC.

It's nice. Although for now I've only added a message in the legacy_cipher_nomdc case:

Jun 1 2018, 2:57 PM · gnupg, FAQ, kleopatra
werner added a comment to T3714: Failing to decrypt due to missing MDC.

I justed commited some gadgets to gpgme which might be helpful But please show warnings etc before you use that new option.

Jun 1 2018, 1:51 AM · gnupg, FAQ, kleopatra

Apr 13 2018

aheinecke created T3903: Kleopatra: Use the term password instead of passphrase.
Apr 13 2018, 1:58 PM · FAQ, Documentation, gnupg (gpg23)
werner created T3902: Use the term password instead of passphrase.
Apr 13 2018, 1:55 PM · FAQ, Documentation, gnupg (gpg23)

Apr 11 2018

JJworx added a comment to T3893: Timeout for receive-keys.

You are right in that enigmail uses no-auto-check-trustdb

Apr 11 2018, 10:23 AM · Enigmail, FAQ, gnupg
JJworx added a comment to T3893: Timeout for receive-keys.

As far as I understand your comment there is already a timeout of 15s per connection. But as you wrote, it doesn't fit all cases. In my case, gpg.exe just stayed open indefinitely.

Apr 11 2018, 10:23 AM · Enigmail, FAQ, gnupg
werner triaged T3893: Timeout for receive-keys as Low priority.

man dirmngr

Apr 11 2018, 10:12 AM · Enigmail, FAQ, gnupg

Jan 19 2018

aheinecke added a comment to T3714: Failing to decrypt due to missing MDC.
I have not checked whether we make this available in the GPGME API
Jan 19 2018, 7:37 AM · gnupg, FAQ, kleopatra

Jan 18 2018

werner added a comment to T3714: Failing to decrypt due to missing MDC.

There can't be an MDC warning if MDC is not used ;-)

Jan 18 2018, 7:37 PM · gnupg, FAQ, kleopatra
aheinecke added a project to T3714: Failing to decrypt due to missing MDC: gnupg.

As far as I can see GnuPG does not emit appropriate status lines:

Jan 18 2018, 1:29 PM · gnupg, FAQ, kleopatra

Jan 8 2018

Lloyd added a comment to T3714: Failing to decrypt due to missing MDC.

In the folder %APPDATA%\gnupg create a file named gpg.conf (or edit it if it exists) and put the line "ignore-mdc-error" in there. This should globally set this option and gpgol will also respect this.

Jan 8 2018, 11:25 AM · gnupg, FAQ, kleopatra
aheinecke added a comment to T3714: Failing to decrypt due to missing MDC.
In T3714#109045, @Lloyd wrote:

I appreciate the dangers. Whilst I try and persuade the sender to deal with the issue at their end, is there anyway to include this option in GpgOL on a temporary basis?

Jan 8 2018, 8:06 AM · gnupg, FAQ, kleopatra

Jan 6 2018

werner renamed T3714: Failing to decrypt due to missing MDC from Failing to decrypt to Failing to decrypt due to missing MDC.
Jan 6 2018, 11:49 AM · gnupg, FAQ, kleopatra
werner assigned T3714: Failing to decrypt due to missing MDC to aheinecke.

Andre, I assign this to you. If you don't think that a better warning in Kleopatra is needed, please close the report.

Jan 6 2018, 11:47 AM · gnupg, FAQ, kleopatra

Jan 5 2018

Lloyd added a comment to T3714: Failing to decrypt due to missing MDC.

OK. Thank you for that.

Jan 5 2018, 5:17 PM · gnupg, FAQ, kleopatra
werner added a comment to T3714: Failing to decrypt due to missing MDC.

Thanks for asking. We may need to put this into the FAQ, so here is my answer:

Jan 5 2018, 4:56 PM · gnupg, FAQ, kleopatra
Lloyd added a comment to T3714: Failing to decrypt due to missing MDC.

Forgive me if I'm completely off the mark here. In no way do I claim to fully understand gpg etc.

Jan 5 2018, 2:04 PM · gnupg, FAQ, kleopatra
werner edited projects for T3714: Failing to decrypt due to missing MDC, added: kleopatra, FAQ; removed Bug Report, gpg4win.

The last line shows that gpg decided that to return a failure because the message does not use the MDC scheme. Since the introduction of modern algorithms with a _blocklength_ of 128 bit (e.g. AES) gpg always uses the MDC encryption system even if it is not announced by the respective key flags. The reason for theses algorithms are newer than the MDC system and thus we can expect that all applications supporting AES will also support MDC.

Jan 5 2018, 11:20 AM · gnupg, FAQ, kleopatra

Nov 13 2017

aheinecke closed T3485: --batch --passphrase throwing password prompt as of 3.0.0 as Resolved.

I've added a note about this in the wiki: https://wiki.gnupg.org/TroubleShooting#Passphrase_on_the_command_line

Nov 13 2017, 10:21 AM · FAQ, gpg4win

Nov 6 2017

skitron added a comment to T3485: --batch --passphrase throwing password prompt as of 3.0.0.

Thanks you very much for your quick reply. I added your code to my invocations for decryption and signing and all is well now. You probably saved me many hours of searching with your kind reply!

Nov 6 2017, 8:20 PM · FAQ, gpg4win
werner edited projects for T3485: --batch --passphrase throwing password prompt as of 3.0.0, added: gpg4win, FAQ; removed Bug Report.

However you can tell gpg-agent to let gpg ask for the passphrase. Add

Nov 6 2017, 4:40 PM · FAQ, gpg4win

Oct 20 2017

werner edited projects for T3118: gpg --sign --local-user ... fails with smartcard, added: gnupg (gpg22); removed gnupg (gpg21).
Oct 20 2017, 1:57 PM · gnupg, Documentation, FAQ

Aug 3 2017

marcus closed T2901: --with-fingerprint does not show fingerprints anymore as Invalid.
Aug 3 2017, 5:25 PM · FAQ, Not A Bug, gnupg

Jul 17 2017

Mouse added a comment to T3267: scdaemon PC/SC OPEN failed: sharing violation (0x8010000b).

@werner I request re-consideration. I *have* read the discussion, and remain convinced that a parameter that allows shared access is necessary.

Jul 17 2017, 10:47 PM · FAQ, scd
marcus closed T3029: make install does not configure/link installation for libgcrypt for gpg2 as Invalid.
Jul 17 2017, 5:51 PM · Bug Report, gnupg, FAQ, Not A Bug

Jul 12 2017

marcus closed T2177: pinentry: Passphrase not recognized in Thunderbird/Enigmail as Invalid.

That issue is best taken up with the enigmail maintainers. If you report it there, feel free to add a link here. Thanks!

Jul 12 2017, 4:13 PM · FAQ, Bug Report, pinentry

Jul 10 2017

werner updated the task description for T3267: scdaemon PC/SC OPEN failed: sharing violation (0x8010000b).
Jul 10 2017, 4:26 PM · FAQ, scd
werner closed T3267: scdaemon PC/SC OPEN failed: sharing violation (0x8010000b) as Wontfix.

This is on purpose. Please read the discussions. Use card-timeout in scdaemon.conf or "gpgconf --kill scdaemon"

Jul 10 2017, 4:24 PM · FAQ, scd

Jul 7 2017

werner added a comment to T2901: --with-fingerprint does not show fingerprints anymore.

--with-fingerprint is an option to modify the output of --list-keys and not a command. There are other --with-xxxx options for other purposes. There is no command to list a keyring. This is why gpg meanwhile prints a warning when used without a command.

Jul 7 2017, 4:24 PM · FAQ, Not A Bug, gnupg
crazycasta added a comment to T2901: --with-fingerprint does not show fingerprints anymore.

I don't think anyone is suggesting the use of gpg without a command. However, use WITH the --with-fingerprint command seems to be broken. Thank you for providing a correct way of doing what we want, but please either explain why the use of the --with-fingerprint command isn't working, or put this back as a bug.

Jul 7 2017, 1:56 PM · FAQ, Not A Bug, gnupg
werner edited projects for T2901: --with-fingerprint does not show fingerprints anymore, added: Not A Bug, FAQ; removed Bug Report.

The use of gpg without a command is simply wrong. This has never been specified and could actually lead to surprises.
You need to import the key first and then look at it with -k (--list-keys) or --fingerprint.

Jul 7 2017, 10:33 AM · FAQ, Not A Bug, gnupg

Apr 28 2017

gniibe triaged T3118: gpg --sign --local-user ... fails with smartcard as Normal priority.
Apr 28 2017, 1:04 AM · gnupg, Documentation, FAQ
gniibe claimed T3118: gpg --sign --local-user ... fails with smartcard.

T1967: GnuPG should select a key for signing without trying to use missing subkeys and T1983: gpg2 prefers missing secret key to available key on card is related, possibly.

Apr 28 2017, 1:04 AM · gnupg, Documentation, FAQ

Apr 27 2017

gniibe added projects to T3118: gpg --sign --local-user ... fails with smartcard: FAQ, Documentation.
Apr 27 2017, 8:00 AM · gnupg, Documentation, FAQ

Apr 20 2017

gniibe claimed T1983: gpg2 prefers missing secret key to available key on card.
Apr 20 2017, 8:07 AM · Bug Report, gnupg
gniibe added a parent task for T1983: gpg2 prefers missing secret key to available key on card: T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).
Apr 20 2017, 8:06 AM · Bug Report, gnupg
gniibe reopened T1983: gpg2 prefers missing secret key to available key on card as "Open".

Sorry, merging/closing is not good. This should be a subtask of T2291.

Apr 20 2017, 8:06 AM · Bug Report, gnupg
gniibe added a comment to T1983: gpg2 prefers missing secret key to available key on card.

We need to change how to access scdaemon from gpg frontend. Thus, I merge this to T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)), setting its priority to High. Please continue at T2291.

Apr 20 2017, 7:49 AM · Bug Report, gnupg
gniibe merged task T1983: gpg2 prefers missing secret key to available key on card into T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).
Apr 20 2017, 7:47 AM · Bug Report, gnupg

Apr 19 2017

dkg raised the priority of T1983: gpg2 prefers missing secret key to available key on card from Normal to High.
Apr 19 2017, 5:46 PM · Bug Report, gnupg

Apr 3 2017

wk removed a project from T3029: make install does not configure/link installation for libgcrypt for gpg2: gnupg (gpg21).
Apr 3 2017, 9:43 AM · Bug Report, gnupg, FAQ, Not A Bug
wk added projects to T3029: make install does not configure/link installation for libgcrypt for gpg2: Not A Bug, FAQ.
Apr 3 2017, 9:43 AM · Bug Report, gnupg, FAQ, Not A Bug

Mar 30 2017

admin created FAQ.
Mar 30 2017, 6:42 PM

Dec 20 2016

werner closed T2872: On-card key generation wizard backs up encryption, but not signing key as Resolved.
Dec 20 2016, 3:28 PM · gnupg, FAQ, Not A Bug, Bug Report

Dec 19 2016

werner added projects to T2872: On-card key generation wizard backs up encryption, but not signing key: Not A Bug, FAQ, gnupg.
Dec 19 2016, 8:19 AM · gnupg, FAQ, Not A Bug, Bug Report

Dec 4 2016

archange added a comment to T2177: pinentry: Passphrase not recognized in Thunderbird/Enigmail.

Little update with latest 1.0.0 release:

– nothing new regarding pinentry-gnome3, still working nicely;
– nothing new regarding pinentry-gtk-2, but I know why it doesn’t take into
account my dead keys anymore and it’s not an issue on pinentry side;
– thanks to the new “show passphrase” button, I’ve been able to figure where the
issue lies with pinentry-qt: while invoked in the terminal, it does take into
account my dead keys, but while invoked via Thunderbird/Enigmail, it does not
(altought pinentry-gnome3 does).

So I suppose this is in fact an issue with Enigmail… Any hints on what they
could be doing wrong so that I can report this to them?

Dec 4 2016, 11:03 AM · FAQ, Bug Report, pinentry
archange changed Version from 0.9.7 to 1.0.0 on T2177: pinentry: Passphrase not recognized in Thunderbird/Enigmail.
Dec 4 2016, 11:03 AM · FAQ, Bug Report, pinentry