Projects S/MIME

S/MIMEProject
ActivePublic
Watch Project

Members
View All

  • This project does not have any members.

Watchers
View All

  • This project does not have any watchers.

Recent Activity
View All

Dec 17 2019

werner added a comment to T4777: Pinentry sometimes mixes languages.

The description comes from gpg/gpgsm while the prompts are from gpg-agent. Thus if the agent has been started with the German local but gpgsm without a local this would explain the behaviour.

Dec 17 2019, 11:39 AM · S/MIME, gpgagent
werner added a project to T4779: GpgSM: "Invalid Object" error when importing .p12 certs with wrong passphrase: gnupg (gpg23).
Dec 17 2019, 11:36 AM · gnupg (gpg23), S/MIME
aheinecke reassigned T4779: GpgSM: "Invalid Object" error when importing .p12 certs with wrong passphrase from wk to werner.
Dec 17 2019, 10:57 AM · gnupg (gpg23), S/MIME
aheinecke assigned T4783: GpgSM: Configuration Error for Certificates without CLR dps to werner.
Dec 17 2019, 10:57 AM · S/MIME
aheinecke created T4779: GpgSM: "Invalid Object" error when importing .p12 certs with wrong passphrase.
Dec 17 2019, 10:28 AM · gnupg (gpg23), S/MIME
aheinecke created T4777: Pinentry sometimes mixes languages.
Dec 17 2019, 10:19 AM · S/MIME, gpgagent

Dec 7 2019

werner updated the task description for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Dec 7 2019, 4:28 PM · gnupg (gpg22), S/MIME, Bug Report
werner changed the visibility for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Dec 7 2019, 4:28 PM · gnupg (gpg22), S/MIME, Bug Report
werner updated the task description for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Dec 7 2019, 4:26 PM · gnupg (gpg22), S/MIME, Bug Report
werner closed T4696: Fresh certificate get's pulled into certificate chain with expired root certificate as Resolved.
Dec 7 2019, 1:15 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a commit to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate: rG8c167febc0ab: sm: Add special case for expired intermediate certificates..
Dec 7 2019, 12:51 PM · gnupg (gpg22), S/MIME, Bug Report

Dec 6 2019

werner added a commit to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate: rGd246f317c048: sm: Add special case for expired intermediate certificates..
Dec 6 2019, 8:31 PM · gnupg (gpg22), S/MIME, Bug Report
werner moved T4696: Fresh certificate get's pulled into certificate chain with expired root certificate from For next release to Ready for release on the gnupg (gpg22) board.
Dec 6 2019, 8:30 PM · gnupg (gpg22), S/MIME, Bug Report
werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

I found a solution for master and 2.1.19 which minimizes the risk of regressions:

Dec 6 2019, 8:29 PM · gnupg (gpg22), S/MIME, Bug Report

Dec 5 2019

aheinecke closed T3961: GpgOL: Add option to prefer S/MIME over OpenPGP in autoresolution as Resolved.

I think this is now resolved.

Dec 5 2019, 1:16 PM · S/MIME, gpgol

Dec 4 2019

werner triaged T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS as Low priority.
Dec 4 2019, 10:43 AM · OpenPGP, S/MIME, gpgme, Bug Report
dkg added a comment to T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.

Very few OpenPGP data signatures have an expiration time either, fwiw. I have never actually seen one in the wild, and no one that i know uses --ask-sig-expire or --default-sig-expire (it shows up in the cupt test suite and the apt test suite, but doesn't appear to be actually used by anything).

Dec 4 2019, 10:03 AM · OpenPGP, S/MIME, gpgme, Bug Report
werner added a comment to T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.

CMS signatures do not have a expiration time. Further the meaning of the expiration time of one of the certificates also depends on the validation model (shell or chain); thus a one-to-one relationship between these times is not possible.

Dec 4 2019, 8:56 AM · OpenPGP, S/MIME, gpgme, Bug Report
werner triaged T4765: gpgsm --import should not try to invoke dirmngr if it is not necessary as Low priority.
Dec 4 2019, 8:47 AM · gnupg (gpg23), S/MIME, Bug Report
dkg created T4767: gpgme_signature_t exp_timestamp behaves differently for OpenPGP vs. CMS.
Dec 4 2019, 8:02 AM · OpenPGP, S/MIME, gpgme, Bug Report

Dec 3 2019

dkg created T4765: gpgsm --import should not try to invoke dirmngr if it is not necessary.
Dec 3 2019, 10:26 PM · gnupg (gpg23), S/MIME, Bug Report
werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

Thank you.

Dec 3 2019, 3:00 PM · gnupg (gpg22), S/MIME, Bug Report
destogl added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

I uploaded the certificate files. For a test please do the following:

Dec 3 2019, 2:31 PM · gnupg (gpg22), S/MIME, Bug Report
destogl changed the visibility for T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.
Dec 3 2019, 2:28 PM · gnupg (gpg22), S/MIME, Bug Report

Nov 27 2019

werner added a comment to T4696: Fresh certificate get's pulled into certificate chain with expired root certificate.

Sorry, a fix didn't made it into 2.2.18.

Nov 27 2019, 8:19 AM · gnupg (gpg22), S/MIME, Bug Report

Nov 26 2019

werner triaged T4756: gpgsm --list-keys behaves differently than gpg when --passphrase is supplied as Normal priority.
Nov 26 2019, 4:52 PM · Feature Request, S/MIME

Nov 25 2019

werner triaged T4757: gpgsm --import --quiet is not quiet as Low priority.
Nov 25 2019, 10:19 PM · S/MIME, Bug Report
dkg created T4757: gpgsm --import --quiet is not quiet.
Nov 25 2019, 8:43 PM · S/MIME, Bug Report
dkg created T4756: gpgsm --list-keys behaves differently than gpg when --passphrase is supplied.
Nov 25 2019, 7:06 PM · Feature Request, S/MIME

Nov 21 2019

werner triaged T4751: gpgsm unable to import a PKCS12 file with a NULL password as Normal priority.
Nov 21 2019, 8:13 AM · gnupg, Feature Request, S/MIME
dkg created T4751: gpgsm unable to import a PKCS12 file with a NULL password.
Nov 21 2019, 4:22 AM · gnupg, Feature Request, S/MIME

Nov 11 2019

aheinecke added a commit to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: rOb05416e7bc41: Restore S/MIME class after close.
Nov 11 2019, 4:06 PM · g10code, S/MIME, gpg4win, gpgol

Nov 7 2019

werner lowered the priority of T4696: Fresh certificate get's pulled into certificate chain with expired root certificate from High to Normal.
Nov 7 2019, 3:18 PM · gnupg (gpg22), S/MIME, Bug Report

Oct 4 2019

aheinecke moved T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients from Backlog to In Progress on the g10code board.
Oct 4 2019, 4:34 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke added a project to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: g10code.
Oct 4 2019, 4:31 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke added a commit to T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients: rOee6c1cb59204: Restore msg class for S/MIME after move.
Oct 4 2019, 4:19 PM · g10code, S/MIME, gpg4win, gpgol
aheinecke renamed T4543: GpgOL: Moved S/MIME mails can no longer be read by other clients from GpgOL: Moved S/MIME mails with attachments can no longer be read by other clients to GpgOL: Moved S/MIME mails can no longer be read by other clients.
Oct 4 2019, 4:14 PM · g10code, S/MIME, gpg4win, gpgol

Sep 9 2019

aheinecke claimed T4699: X.509 certificate request more comfortable.

I give this normal priority even if it is a whish because I have the same whish and already have some code around that would make it more comfortable, especially if it is used directly in GpgOL.

Sep 9 2019, 11:26 AM · kleopatra, S/MIME, gpg4win, Feature Request
werner added projects to T4699: X.509 certificate request more comfortable: gpg4win, S/MIME.
Sep 9 2019, 7:40 AM · kleopatra, S/MIME, gpg4win, Feature Request

Sep 5 2019

werner triaged T4696: Fresh certificate get's pulled into certificate chain with expired root certificate as High priority.

Thanks for the sample certs. I noticed the posts but had not the time to look into them.

Sep 5 2019, 3:56 PM · gnupg (gpg22), S/MIME, Bug Report

Aug 22 2019

gniibe added a comment to T4480: GPGSM: Duplicated IMPORT_OK status lines emitted.

It appears (for me) correct behavior.

Aug 22 2019, 3:52 AM · S/MIME

Jul 5 2019

aheinecke closed T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes as Resolved.

Works for me! :-)

Jul 5 2019, 9:44 AM · S/MIME, gnupg
aheinecke merged T3928: canceling password dialog for decrypting is not recognized correctling. into T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes.
Jul 5 2019, 9:33 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG38b9da7de335: sm: Return the last error for pubkey decryption..
Jul 5 2019, 8:53 AM · S/MIME, gnupg
gniibe added a commit to T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes: rG6cc4119ec03b: gpg: Return the last error for pubkey decryption..
Jul 5 2019, 8:18 AM · S/MIME, gnupg

Jun 13 2019

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I have a larger change for the wait code in the works. This will go into 1.14.0 but not in 1.13.1

Jun 13 2019, 9:06 AM · S/MIME, gpgme

Jun 7 2019

aheinecke created T4561: GPG / GPGSM: Pinentry cancels lead to wrong error codes.
Jun 7 2019, 9:56 AM · S/MIME, gnupg

Jun 6 2019

werner added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

I had to patch strace to follow threads but not forks (P8) and then when built with support for -k I tracked it down: In the inbound handler we close the fd immediately on EOF. However the upper layers don't know about it and a select fails with EBADF. Of course we could ignore the EBADF, figure out the closed fd and restart. The problem is that another thread may have opened a new oobject and that will get the last closed fd assigned - bummer.

Jun 6 2019, 5:08 PM · S/MIME, gpgme
aheinecke added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

Just noticed that due to me failing to properly understand re-entrant locks the run-thread test is broken at least on windows in that it never waits for completion. So running out of filedescriptors is to expect. I'll fix the test.

Jun 6 2019, 9:44 AM · S/MIME, gpgme
aheinecke added a comment to T4257: GPGME: op_verify failes for S/MIME with EBADF in multithreaded signature verification.

My observation from running the verify threaded test on windows is that it does behave differently. The EBADF does not occur.

Jun 6 2019, 8:51 AM · S/MIME, gpgme