[Announce] Libgcrypt 1.4.5 released

2009-12-11 Thread Werner Koch 
Hello! 

The GNU project is pleased to announce the availability of Libgcrypt
version 1.4.5.

Libgcrypt is a general purpose library of cryptographic building
blocks.  It is originally based on code used by GnuPG.  It does not
provide any implementation of OpenPGP or other protocols.  Thorough
understanding of applied cryptography is required to use Libgcrypt. 

Noteworthy changes in version 1.4.5:

 * Fixed minor memory leak in DSA key generation.

 * No more switching to FIPS mode if /proc/version is not readable.

 * Fixed a sigill during Padlock detection on old CPUs.

 * Fixed a hang on some W2000 machines.

 * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
   SHA-256 went up by 25%.


Source code is hosted at the GnuPG FTP server and its mirrors as
listed at http://www.gnupg.org/download/mirrors.html.  On the
primary server the source file and its digital signature is:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2 (1121k)
 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2.sig

This file is bzip2 compressed.  A gzip compressed version is also
available:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.gz (1386k)
 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.gz.sig

Alternativley you may upgrade version 1.4.4 using this patch file:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4-1.4.5.diff.bz2 (93k)

The SHA-1 checksums are:

ef7ecbd3a03a7978094366bcd1257b3654608d28  libgcrypt-1.4.5.tar.bz2
8d83a60ca55f2ea40b5d5bc99463905b7a1dcb56  libgcrypt-1.4.5.tar.gz
5307e361da5232cd771c300adddc69e57f0e366d  libgcrypt-1.4.4-1.4.5.diff.bz2


For help on developing with Libgcrypt you should read the included
manual and optional ask on the gcrypt-devel mailing list [1].  Note
that this version is from the stable branch; the current development
version is available at svn://cvs.gnupg.org/libgcrypt/trunk .

Improving Libgcrypt is costly, but you can help!  We are looking for
organizations that find Libgcrypt useful and wish to contribute back.
You can contribute by reporting bugs, improve the software [2], order
extensions or support or more general by donating money to the Free
Software movement (e.g. http://www.fsfe.org/donate/).

Commercial support contracts for Libgcrypt are available [3], and they
help finance continued maintenance.  g10 Code GmbH, a Duesseldorf
based company, is currently funding Libgcrypt development.  We are
always looking for interesting development projects.

Many thanks to all who contributed to Libgcrypt development, be it bug
fixes, code, documentation, testing or helping users.


Happy hacking,

  Werner



[1] See http://www.gnupg.org/documentation/mailing-lists.html.
[2] Note that copyright assignments to the FSF are required.
[3] See the service directory at http://www.gnupg.org/service.html.

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-announce mailing list
gnupg-annou...@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-announce


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG 1.4.5 - Problem with trustdb.gpg

2009-12-11 Thread Ritesh Patel 
Hello,
I was using GnuPG 1.4.5.

$ gpg --list-sigs
/home/test1/.gnupg/pubring.gpg
-
pub   1024D/E913B4F9 2009-12-11
uid  Test1 (Testing) te...@test.com
sig 3E913B4F9 2009-12-11  Test1 (Testing) te...@test.com
sub   1024g/25D2E967 2009-12-11
sig  E913B4F9 2009-12-11  Test1 (Testing) te...@test.com

I imported two different key (te...@test.com and te...@test.com) in two
different keyring (test2 and test3).

$ gpg --keyring test2 --no-default-keyring --import /tmp/test2_pub_key
gpg: keyring `/home/test1/.gnupg/test2' created
gpg: key 2BD18395: public key Test2 (Testing 2) te...@test.com imported
gpg: Total number processed: 1
gpg:   imported: 1

$ gpg --keyring test2 --list-keys
/home/test1/.gnupg/pubring.gpg
-
pub   1024D/E913B4F9 2009-12-11
uid  Test1 (Testing) te...@test.com
sub   1024g/25D2E967 2009-12-11

/home/test1/.gnupg/test2
---
pub   1024D/2BD18395 2009-12-11
uid  Test2 (Testing 2) te...@test.com
sub   1024g/474B7E93 2009-12-11


$ gpg --keyring test3 --no-default-keyring --import
/tmp/test3_pub_key
gpg: keyring `/home/test1/.gnupg/test3' created
gpg: key 7D6F8608: public key Test3 (Testing 3) te...@test.com imported
gpg: Total number processed: 1
gpg:   imported: 1

$ gpg --keyring test3 --list-keys
/home/test1/.gnupg/pubring.gpg
-
pub   1024D/E913B4F9 2009-12-11
uid  Test1 (Testing) te...@test.com
sub   1024g/25D2E967 2009-12-11

/home/test1/.gnupg/test3
---
pub   1024D/7D6F8608 2009-12-11
uid  Test3 (Testing 3) te...@test.com
sub   1024g/636851B8 2009-12-11


Now I signed first te...@test.com key with my key (te...@test.com, which is
untimely trusted key) and able encrypt message using keyring test2,
te...@test.com key.

$ gpg --keyring test2 --sign-key -u te...@test.com te...@test.com
-- works fine
$ gpg -se -a --keyring test2 --batch -u te...@test.com -r
te...@test.com/tmp/abc -- works fine also

The problem happen when I sign te...@test.com key in test3 keyring with my
key(te...@test.com). The signing went fine. Also I able to encrypt message
using keyring test3, te...@test.com key. But at this point it broke trust on
keyring test2, te...@test.com key. That key becomes unusable.

$ gpg --keyring test3 --sign-key -u te...@test.com te...@test.com
-- works fine
$ gpg -se -a --keyring test3 --batch -u te...@test.com -r
te...@test.com/tmp/abc --
works fine

Broken
$ gpg -se -a --keyring test2 --batch -u te...@test.com -r
te...@test.com/tmp/abc
gpg: 474B7E93: There is no assurance this key belongs to the named user
gpg: [stdin]: sign+encrypt failed: unusable public key

The same command sequence works fine with GnuPG 1.2.1. Both key (
te...@test.com and te...@test.com) keeps working.
Any help appreciated.

Thanks,
-Ritesh
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users