Re: 2.2.43 and vsd-allow-ocb
On Mon, 6 May 2024 18:26, Andreas Metzler said: > So in my test (without --compliance=de-vs) 2.2.43 /should/ have > automatically used OCB when encrypting for a key which has 'AEAD: OCB' > set? Yes.Check with --debug=lookup which and why keys are selected. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2.2.43 and vsd-allow-ocb
Hi! On Sat, 4 May 2024 18:45, Andreas Metzler said: > rG0a355b2fe7d8 gpg: Add compatibility flag "vsd-allow-ocb" > rGa545e14e8a74 gpg: Support OCB encryption. > Which understand to mean that 2.2.43 would by default both generate keys > with 'AEAD: OCB' and use OCB when encrypting to keys with that flag set. > And this behavior could have been disabled with '--compatibility-flags No misunderstood this. OCB encryption is indeed supported regardless of the compatibiliy flag. What the compatibility flag does is to allow OCB also in --compliance=de-vs mode. This was required because at the time of the release we had not yet an approval to use this for VS-NfD/Restricted communication. Thus in the GnuPG VS-Desktop configuraion this option is only set after we received the approval. For key generation the flag is indded not set by default: /* For now we require a compat flag to set OCB into the preferences. */ if (!(opt.compat_flags & COMPAT_VSD_ALLOW_OCB)) ocb = 0; Becuase we don't want to create key so that sites required to use de-vs compliance mode won't end up with keys which claim to support a non-approved encryption scheme. Thanks for this reminder, that compatibility flag can now be removed. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Adding new uid to causes bad signature
Hi! Given that you have an uncommon primary key I would like to see some information of the card. Please run gpg-card to get infos on the card and used keys. In case you don't want to share this with the list, feel free to send it to Eva or me directly (w...@gnupg.org - no html parts). Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using a GnuPG crypted RSA key for SSH
On Thu, 2 May 2024 15:31, Matthias Apitz said: > which locks the card again. Any ideas? If you really want to reset the card after an operation _and_ you are using pcscd you can use gpg-connect-agent 'scd disconnect' /bye But killing scdaemon is probably the easier and more reliable way: gpgconf -K scdaemon does this by sending the kill command gpg-connect-agent 'scd killscd' /bye Some card applications require a VERIFY command (i.e. asking for the PIN) for each operation. An OpenPGP card does this only for the signing key and only if that feature has been enabled (force command of --card-edit). Remember that there is no PIN cache[1] but the card application tales the descision when and how often a PIN is required after power up (of the card). If you only want to be asked whether the ssh-key shall be used, you can put a line Confirm: yes into the private-keys-v1.d/.key file of the AUTH (shadow-)key: *** Confirm If given and the value is "yes", a user will be asked confirmation by a dialog window when the key is about to be used for PKSIGN/PKAUTH/PKDECRYPT operation. If the value is "restricted", it is only asked for the access through extra/browser socket. Shalom-Salam, Werner [1] Actually there is a PIN cache to allow a Yubikey to switch between the OpenPGP and PIV appications back anf forth without requiring a PIN after each switch. A sample use-case is sending PGP signed mails and also using a browser or IMAP server with user certificate based authentication. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using a GnuPG crypted RSA key for SSH
On Thu, 2 May 2024 16:58, Matěj Cepl said: > rather dubious: systemd can certainly manage a dependence on > shared resource, and concurrent running of two processes at Right. However, systemd does not use the same locking scheme as gnupg uses to avoid duplicate daemon startup. The gnupg internal startup of required daemons has been there before systemd was invented and it needs to work on all platforms - not just on Linux. Having different schemes here is major problem but the former Debian maintainer (dkg) promised to take care of all problems due to his patches which added that systemd startup (--supervised) feature. Given that history I consider it unlikely that Debian will ever provide an enhanced ssh version which can be configured to start its ssh-agent on connection failure. Thus we need to keep on using the updatestartuptty thing when using a curses pinentry or a remote X session. The updatestartup thing does actually two things: Make sure that gpg-agent is launched (most other commands will do this also) and, more important, to tell gpg-agent something about the current environment (GPG_TTY, DISPLAY, etc). I have a patch somewhere to extend the ssh-agent-protocol to convey envvars but more or less forgot about it. it would be a useful things also for other ssh-agent's > I still haven’t investigated this piece of Werner’s advice: > >> Using no-autostart in the common.conf might be useful. We use it always >> when running a remote gpg. That is easy: On a remote box you don't want to run gpg-agent because this shall instead be handled by ssh socket forwarding. Without such an option running gpg might start gpg-agent on the remote box and thus take over the forwarded socket. Instead of adding "no-autostart" to all config files of gnupg, adding this to common.conf will be sufficient. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using a GnuPG crypted RSA key for SSH
On Wed, 1 May 2024 11:50, Henning Follmann said: > Well, if you have a authentication subkey on your card you could use that > for ssh authentication directly. > Your gpg-agent would then act as ssh-agent. I would even claim that this is the best way to work with ssh - I do this now for nearly 20 years: Noteworthy changes in version 1.9.16 (2005-04-21) - * gpg-agent does now support the ssh-agent protocol and thus allows to use the pinentry as well as the OpenPGP smartcard with ssh. This even works on Windows as a preplcement of pageant and more recently ofbthe native OpenSSH Windows client. On Linux take care to add "enable-ssh-support" to gpg-agent.conf because on some distros the X config greps for this to decide whether to start the ssh-agent or leave this to gpg-agent. Technically the ssh support is always enabled and thus the option is not really required. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Example of 'PINENTRY_USER_DATA which can fulfill the' (envpassphrase) 'task'?
On Mon, 29 Apr 2024 07:03, Bee said: > But that environment is not passed and used by pinentry - it has no > knowledge of them. PINENTRY_USER_DATA may exist, but it has no > knowledge as to how to interpret it. Ergo, some other mechanism must Its is called "USER DATA" for a reason - you have to decide what to do with it. If your really really want a passphrase, what about passing the filename of a file holding the passphrase. Or a socket or some another secure IPC mechanism locator. For unattended use the only reason for a passphrase - which protects the private key against local users - are stupid policy requirements you have to follow. In all other cases, first come up with an attack tree to show that a passphrase is of any use for your application. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Example of 'PINENTRY_USER_DATA which can fulfill the' (envpassphrase) 'task'?
On Sun, 28 Apr 2024 13:02, Bee said: >>+ (https://dev.gnupg.org/T4154) [...] >>+ mypass="IUuKctdEhH8' gpg --batch --pinentry-mode=loopback \ >>+ --passphrase-env=mypass --decrypt < message.txt >>+ > > can be effected without resorting to PINENTRY_USER_DATA - so no need to > code, customize, maintain, update per gpg upgrades, or apply patches to > in-house self-solutions. Simply don't use a passphrase if you need to resort to such a thing. On many systems you - and other users - can easily look at the environment. It is also part of all kind of bug reports. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there built-in a way validate a signature against a specific key?
On Tue, 23 Apr 2024 21:39, Eric Pruitt said: > I have multiple public keys in my GPG keyring. When validating > signatures, I sometimes want to validate them against a specific key so The classcc tool for this is gpgv with its --keyring option. This is what for example Debian uses to validate signatures. A newer way is the --assert-signer option we introduced with version 2.4.1: --assert-signer fpr_or_file This option checks whether at least one valid signature on a file has been made with the specified key. The key is either specified as a fingerprint or a file listing fingerprints. The fingerprint must be given or listed in compact format (no colons or spaces in between). This option can be given multiple times and each fingerprint is checked against the signing key as well as the corresponding primary key. If fpr_or_file specifies a file, empty lines are ignored as well as all lines starting with a hash sign. With this option gpg is guaranteed to return with an exit code of 0 if and only if a signature has been encountered, is valid, and the key matches one of the fingerprints given by this option. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Thu, 18 Apr 2024 10:26, Bruce Walzer said: > Perhaps things that accept key fingerprints should ignore anything > other than hex digits? Double clicking a word makes things really easy. I also doubt that anyone will compare a 64 hex digit fingerprint visually. Thus better paste it and let some software do the comare. Which reminds me that the gpg --edit-key -> sign dialog should also accept a fingerprint on the "Really sign? (y/N)" prompt. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Wed, 17 Apr 2024 16:43, Christian Sommer said: > I indeed choose to preset the "with-fingerprint" option in my > gpg.conf. By removing it, listing my keys give back the full 64 > character long fingerprint of my X448 key. We once agreed that it is better to show a shortened fingerprint for human consumption. However, the mahine interface (--woth-colons) always provides the full fingerprint. Further it seems that most users appreciate the non-formatted fingerprint because that makes it easier to copy+paste. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can not import private key (Not enough space)
On Thu, 11 Apr 2024 12:24, Moses said: > tried to import again, and the same error still occurred. The same > error happened when I tried to directly execute the > D:\software\GNU\GnuPG\bin\gpg --import command. Well, I have no more idea on how to debug this by mail :-(. On Linux you would now use strace and on Windows we have the sysinternals tools to trace the system calls. And there is printf debugging - I would here start with libassuan (src/assuan-socket.c). Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Agent forwarding issue
On Wed, 10 Apr 2024 12:15, Todd Zullinger said: > This caused me to re-read the document and I'll likely add > an additional Token: line to note the two cards which hold a > new key (which I have yet to start using). That should make That is actually there (TOKEN, see the example) and gpg-agent updates the file if it find another card with the same key. See for example https://dev.gnupg.org/T6135 . However, you are free to edit/add such entries. Talking about keyformat.txt: I think it is time to move that over to doc/ where people would expect it. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can not import private key (Not enough space)
Hi, I see in your PATH D:\software\GNU\GnuWin32\bin prior to D:\software\GNU\Gpg4win\..\GnuPG\bin May it be that you use a gpg version picked up from the GnuWin32? Check also whether there is a gpg binary in the Git program directory. My educated guess is that Gnuwin32 is a Cygwin based collection of utilities which might also include gpg. Cygwin uses a slightly different and incompatiple socket emulation which would explain the error your get. As a workaround you may try to run D:\software\GNU\GnuPG\bin\gpg --import foo to use the correct gpg. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can not import private key (Not enough space)
Hi! On Tue, 9 Apr 2024 12:21, Moses said: > C:\>gpgconf -L which merely shows that you installed the software on d:\software and kep the user data at the usual C: directories. I see nothing strange. To recap your problem was: c:\> gpg --import private-keys.asc gpg: enabled compatibility flags: [snipped] gpg: key xxx: error sending to agent: Not enough space I don't known why you get that error which might hint at a out of memory (not out of disk space) problem.We could look at the output of gpgconf -V and gpgconf -X but I doubt that this will show anything useful for your case. Can you start kleopatra? If so, what does its selftest tell? What you can do is: gpgconf -K all to stop all background processes (or use the taskmgr or logout and in again). cd %APPDATA% ren gnupg gnupg.save cd %LOCALAPPDATA% ren gnupg gnupg.save and then try agin. If this does work you might have insufficent permissions somewhere below %APPDATA%\gnupg . If kleopatra starts you can also teh DbgViewer tool from Sysinternals to see the diagnostics from Kleopatra. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP card not available
On Mon, 8 Apr 2024 21:50, Dan Fandrich said: > Running "echo SERIALNO | scd/scdaemon --server" is enough. I've tried both > pcsc-lite 1.9.9 and 2.0.3 without a difference. I'm not sure how to drill By default we are not using PC/SC on Linux but direct access to the reader via USB. Now if pcscd is already running and has access to the reader scdaemon won't be able to access the reader via USB. 2.2 falls back to PC/SC if it can't use the reader via USB. Either shutdown pcscd or add disable-ccid-driver to ~/.gnupg/scdaemon.conf More debug output can be logged by adding debug cardio debug-ccid-reader Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can not import private key (Not enough space)
On Mon, 8 Apr 2024 11:42, Moses said: > C:\> gpg-connect-agent -v >> getinfo version > D 2.4.5 Okay, that works. >> gpgconf -L > ERR 67109139 Unknown IPC command Please enter this on the command line not at the gpg-connect-agent prompt. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can not import private key (Not enough space)
Hi! On Mon, 8 Apr 2024 02:38, Moses said: > gpg: key xxx: error sending to agent: Not enough space That is a ENOMEM which is commonly returned for a failed malloc call. Could happen at a lot of places. Try: gpg-connect-agent -v and tehre a command like "getinfo version" to check whether tehre is a problem with the IPC connection. gpgconf -L also gives important information. > c:\> gpg --version > gpg (GnuPG) 2.2.15 That version is pretty old and in terms of IPC ("error sending to agent") one idfference is that this version uses %APPDATA%\gnupg for the socket files but modern versions use %LOCALAPPDATA%\gnupg. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Agent forwarding issue
On Fri, 5 Apr 2024 13:03, Todd Zullinger said: > In such a case, it sounds like it may be reasonable to use > the normal socket? Until the remote side is updated to In fact, I also did this for some time but later came up with CommitDate: Wed Oct 12 11:30:35 2022 +0200 agent: Introduce attribute "Remote-list" to KEYINFO. * agent/command.c (do_one_keyinfo): Add arg list_mode. Check attribute Remote-list. (cmd_keyinfo): Change semantics to return nothing in restricted list mode. which is *** Remote-list Allow to list the key with the KEYINFO command from a remote machine via the extra socket. A boolean value is expected; the default is "no". Note that KEYINFO will anyway provide information if the keygrip is specified. Not exactly your problem but somehow related. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Agent forwarding issue
Hi! > gpg: problem with fast path key listing: Forbidden - ignored I'll suppress that message in --quiet mode for the next release. When doing a secret key listing (which happens with -K but also in --with-colons mode) gpg walks over all public keys and asks the agent for each key whether a corresponding secret key exists. With many secret keys this is quite some overhead and thus gpg first tries to a get a listing of all secret keys (the keygrips) and later can do a fast memcmp instead of an IPC call. If you use the extra-socket certain operations are forbidden so that a rogue gpg version on the remote site won't be able to change passwords, export secret keys, or get a listing of all available secret keys. This is why you see this diagnostic. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Tue, 2 Apr 2024 18:53, Andrew Gallagher said: > technical challenge since no modern software supports them, and gnupg1 > doesn’t implement --list-packets :-) But I have to admit they do Sure it has the --list-packets command. This command dates back to the very first release. >> But let me remark for the records that GnuPG has been the entity which >> always used the term /OpenPGP/ instead of /PGP/ or - as many Linux >> people did - the term /GPG/ keys. Thus we, and in particular me, >> stressed that this is the OpenPGP standard which GnuPG implements, >> popularized, took care, and pride of. Sure it does no "belong" to us or >> anyone - it is term without having a trademark. > > This is fair, and thank you. Not everyone is so careful. Thanks. > greatest amount of text declaring that OpenPGP no longer has a good > reputation has been written by you. So this is a circular argument. Well, I was obviously not caution enough with my statement. What I mean is that the current way the IETF WG works has a high potential to just this. At least an article in the very popular c't magazin might have such an effect. Maybe I should not overvalue such articles and postings on mailing lists. > Let us be clear here: you appear to be saying that if I want to update > hockeypuck to support both librepgp and crypto-refresh artifacts, I am > helping to destroy a solid standard? Or have I misunderstood your Given that Ubuntu's Hockeypuck is the default keyserver for GnuPG for most people (i.e. on Windows) it would be good if it continues to support at least the default keys. Whether X448 or the forthcominng Kyber subkeys are relevant for keyservers is a different questions. FWIW, I have severe doubts on the usefulness of public keyservers given the DoS problems for users and the wrong - but real - assumption of users that keys from a keyserver are trustworthy. Sending keys with an initial mail is a better way; keyserver should be used only to provide subkey updates and revocations - no search by user id. > I will bring this to the WG, with your comments. I don't care about the IETF OpenPGP WG^Committee anymore. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Tue, 2 Apr 2024 12:39, Andrew Gallagher said: > Are you saying that this is *not* a novel failure mode? Because we’ve No. We had v2, v3 and v4 keyes in all kind of combinations in the past (even as part of subkeys) and back then the two OpenPGP implementations had no problems with that. The whole point of packet version numbers is to be able to ignore such packets. > different version number (since v3 did not support subkeys). Have you > interop-tested this with other implementations? Besides RNP? What were If there are new implementaions they should check interop with the de-facto standards which are PGP, GnuPG and later RNP. There is also the widely used BouncyCastle library and we have not seen problems with it except when ppl ignore features of these library. > 3. The term “OpenPGP” does not belong to GnuPG. But let me remark for the records that GnuPG has been the entity which always used the term /OpenPGP/ instead of /PGP/ or - as many Linux people did - the term /GPG/ keys. Thus we, and in particular me, stressed that this is the OpenPGP standard which GnuPG implements, popularized, took care, and pride of. Sure it does no "belong" to us or anyone - it is term without having a trademark. OTOH, tehre is a respoisbility here to keep the repudiation of that standard high - this is what the /current OpenPGP WG participants/ don't a do anymore since fall 2021. > And I notice that you have not addressed the most important point in > my last email: > >> how should an implementation behave if it wants to support both the >> librepgp and crypto-refresh specs? That is up to those implementaions who want to destroy a solid standard. Why should I help them? This is a GnuPG mailing list and you are welcome to discuss technical details of stuff relevant to GnuPG and OpenPGP (up to fall 2021). Everything else is better addressed to the crypto-refresh commitee. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Fri, 29 Mar 2024 13:00, Andrew Gallagher said: > V5 subkeys of v4 primary keys would appear to introduce a novel > failure mode. It should be noted that in crypto-refresh, adding a Nope. A v5 key has nothing to do a v4 signature and having different algorithm on the primary key and the subkeys is really common and allowed us once to slowly introduce RSA and ECC without any major problems. This is why we will do the same for PQC encryption. To repeat: The *v5 key format* merely adds a four-octet count of the public key material to the v4 format. There are also minor chnages for the (not so import) secret key exchange format. And - more important - it defines that the fingerprint is now done using SHA-256. The latter is the whole point why we once decided to use add a v5 format - to make it clear tha a SHA-256 fingerprint is used. All in all a really minor changes and not worth a long debate. The crypto-refresh has a lot of things which breaks OpenPGP and that draft, or soon to be RFC, does not care about backward compatibility. They should not have used the term OpenPGP for this. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Thu, 28 Mar 2024 13:54, Christian Sommer said: > Likewise by telling GnuPG you really want the short keyID displayed > (gpg --keyid-format short) it takes the LAST 32 bytes of the FIRST 64 > bytes of the fingerprint. The thing here is that the short keyid is not from the specification but a convenience thing PGP-2 implemented (which actually did not compute the keyid from the fingerprint). Yes, it would indeed be nicer if we could work with the keyid in the same way as git handles a commit id. Unfortunately it will be pretty hard to change how the short keyid is derived from the long keyid or even use arbitrary sized keyids of fingerprints. In GnuPG the keyid is a "u32 kid[2]" and this is used a lot all over the code, for example: fprint ("long keyid: %08lX%08lX\n", (ulong)kid[0], (ulong)kid[1]); fprint ("short keyid: %08lX\n", (ulong)kid[1]); > discovered GnuPG for myself. so i'm completley new to this community > what's the preferred development model? i guess filing an issue, See doc/HACKING for hints. Please also be aware that for any unattended use you need to use the --with-colons and --status-fd interfaces. Some ignore this advice and thus we are nice and try to minimize all changes even to the human readable output format. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Get the private portion of subkeys
On Thu, 28 Mar 2024 08:26, Damien Cassou said: > Is that a problem? Am I missing something important? It seems this > causes me the troubles mentioned at [1]. Your subkeys are all stored on a smartcard. The primary key is online. This is as intended. If you remove the the primary private key (.key) You should see a '#' mark for the primary key. > My private master key is symlinked in ~/.gnupg/private-keys-v1.d: That is intended to work but has not been thoroughly tested. > [1] https://github.com/pinpox/pgp2ssh/issues/6 That reminds me that we have a function export_secret_ssh_key but it will always fail with a not-implemented error ;-). Noone of the core hackers felt a need for it. For example I have not used anything else than gpg-agent based ssh access since 2005. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: x488 vs all other : keyid flip
On Thu, 28 Mar 2024 00:49, Christian Sommer said: > on the other hand a x488 fingerprint is 50 hex characters long. let's say > it's 1 2 3 4 0 0 A B C D then its > long keyid is 1 2 3 4 and its short keyid is 22 3 4. x448 keys are created as version 5 keys and version 5 keys come with a 32 byte fingerprint (v4 has 20 bytes). Also the way the keyid is computed has changed: For v5 keys the keyid are the left most 32 or 64 bits. For display purposes an abbreviated hex format is used. It might be that the keyid is then display wrongly - frankly I have not checked because keyids are rarely used. Even the formatted fingerprint ("gpg --fingerprint") is not very useful anymore because the majority of users just copy+paste the fingerprint and thus the straight hex format as displayed by "gpg -k" is more useful. Here is an example: pub ed25519 2016-02-02 [SC] FD8FEC4F8595AB1B6F60D43FC2CED0800E50ACF1 uid [ unknown] chicago sub cv25519 2016-02-02 [E] 532D5C7677B4D806B50B0E0F11E7BF9EE1034B1C sub cv448 2024-03-27 [E] FB6A3BC5EB92C8AA9F3807A9B4C79C38F16E9AA4CF9384B07485923574773DCF where a v5 subkey has been added. Note also that I use the --with-subkey-fongerprint option which will eventually be the default. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ''gpg: failed to translate osfhandle 0x00000003' known|expected? -fd 4-7 doesn't.
On Mon, 25 Mar 2024 19:55, Bee said: > Could you make whatever notation at dev.gnupg.org is appropriate, please? https://dev.gnupg.org/T7060 Already implemented a new option but you need to wait for gnupg 2.6. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ''gpg: failed to translate osfhandle 0x00000003' known|expected? -fd 4-7 doesn't.
On Mon, 25 Mar 2024 08:33, Bee said: > C:\Program Files (x86)\GnuPG\bin>type HelloWorld.txt | .\gpg.exe > --passphrase-fd 3 -c 3< HelloWorld.txt >> gpg: failed to translate osfhandle 0x0003 gpg takes system handles and not libc file descriptors. File descriptors 0, 1, and 2 are handled by Windows in a different. All other depend on which ABI you work. cmd.exe seems to expect file descriptors which is good for scripting but gpg is rarely used in such a scripting environment but usuallay directly executed by CreateProcess and thus expects HANDLE values and not file descriptors. See gnupg/common/sysutils.c:translate_sys2libc_fd Actually it would be possible to provide an option to disable this translation and instead use libc file descriptors (with all the fun if different runtimes are used) but in more than 20 years we have not seen such a demand. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ''gpg: failed to translate osfhandle 0x00000003' known|expected? -fd 4-7 doesn't.
On Sat, 23 Mar 2024 21:17, Bee said: > Is 'gpg: failed to translate osfhandle 0x0003' known / expected? Don't mix Cygwin and plain Windows programs. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: speedo.mk errors out
On Fri, 22 Mar 2024 20:14, Christian Sommer said: > building GnuPG by speedo.mk on current master branch fails. The log That is quite possible. I doubt that anyone of us used it yet. Please use the STABLE-BRANCH-2-4 for such things. master is for development and things might or might not work. We don't yet care. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fails signing key with Yubikey
Hi! > gpg -K --with-colon 20E0635864445A177F8F7C0C6141FD27892AE9B4 > sec:u:255:22:6141FD27892AE9B4:1700197485:::u:::cESCA:::#::ed25519:::0: This is your primary key and it has been taken offline ..^.. marked by the pound sign. Only the primary key can be used to sign other keys. > ssb:u:255:22:D0753D43F3C7A942:1700197520:1731733520:s:::D276000124010304000625017386::ed25519:: This is a signing subkey on a card with s/n *17386. > ssb:u:255:18:90A11AD910FBE44E:1700197567:1731733567:e:::D276000124010304000625017386::cv25519:: This is an encryption subkey on a card with s/n *17386. > ssb:u:255:22:3A7E3018D78FC26A:1700197579:1731733579:a:::D276000124010304000625017386::ed25519:: This is a authentication subkey on a card with s/n *17386. You need to go the the machine where you have stored the private part of the primary key. Or get that key using its keygrip (see the "grp" line) and put it into the ~/.gnupg/private-keys-v1.d/ directory. But you probably took the key offline for improved security and thus you better don't re-import it and indeed use the other box for key signing. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How can I have gpg pause to receive its passphrase, before it starts outputing decrypt to stdout?
On Sat, 16 Mar 2024 21:26, B.S. said: > ... (Windows 10) [DOS] cmd ... [*NOT* powershell] > ... cygwin gpg ... [Do not use a Cygwin build of gpg - this is not supported. Use a standard build for WIndows.] > How can I have gpg pause to receive its passphrase, before it starts > outputing decrypt to stdout? Due to the way a pipe works there is not much you can do here. Except for having some kind buffering tool in between. Howeverm if you known the passphrase, you can pass it to gpg directly using --passphrase-file and --pinentry-mode=loopback. > So if gpg could finish getting its passphrase from 'readline' before > opening stdout (that less then sees to clear the screen and open its The pipeline is constructed by the shell (cmd.exe) and file descriptors are given to the programs. There is nothing any of the programs can do here. In fact when using a pipeline in this way, the next program in the line should be able to handle the output of the former which means it will expect valid output. > So far: > ( gpg.exe -d somefile.gpg | jq.exe ) | less You are using a Cygwin version of the standard shell here? In this case make sure that jq.exe gets its EPIPE from the failed gpg.exe. You may consider to use gpgme-json as a higher level API to gpg. But of course it does not work the usual way in a pipe. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Feature Request: 64-bit Windows Support for GnuPG
Hi! and thanks for asking. On Sun, 17 Mar 2024 11:29, pal said: > I am writing to express my strong interest in a 64-bit version of GnuPG for > Windows. While I understand that currently only 32-bit systems (x86) are > officially supported, I believe adding 64-bit compatibility would be a > valuable improvement for many users. Sure. In particular servers are sometimes installed w/o 32 bit support. GnuPG 2.6 will come as 64 bit Windows binary. A first beta is planned for this sommer. See https://dev.gnupg.org/T6508 for the status. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent "forgetting" keys when getting many parallel requests
On Sun, 17 Mar 2024 13:09, Bence Ferdinandy said: > running out of memory. Based on a discussion I found > (https://dev.gnupg.org/T4255), I set `auto-expand-secmem 100M` in Right. The man page says: --auto-expand-secmem n Allow Libgcrypt to expand its secure memory area as required. The optional value n is a non-negative integer with a suggested size in bytes of each additionally allocated secure memory area. The value is rounded up to the next 32 KiB; usual C style prefixes are allowed. For an heavy loaded gpg-agent with many concurrent connection this option avoids sign or decrypt errors due to out of secure memory error returns. You should not append the 'M' - it is simply ignored. That is a bug in the option parser but we can't fix that because it would break too many configs which falsely assume that a letter can be used for some kind of unit. The value is actually irrelevant becuase any value will enable the auto-expand behaviour. Larger chunks can make maneory allocation a biut faster because every free() call needs to check the linked list of secure memory pools. I am not sure whetehr this is measurable, though. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] GnuPG 2.4.5 released
ssian, Turkish, and Ukrainian being almost completely translated. Documentation and Support = The file gnupg.info has the complete reference manual of the system. Separate man pages are included as well but they miss some of the details available only in the manual. The manual is also available online at https://gnupg.org/documentation/manuals/gnupg/ or can be downloaded as PDF at https://gnupg.org/documentation/manuals/gnupg.pdf You may also want to search the GnuPG mailing list archives or ask on the gnupg-users mailing list for advise on how to solve problems. Most of the new features are around for several years and thus enough public experience is available. https://wiki.gnupg.org has user contributed information around GnuPG and relate software. In case of build problems specific to this release please first check https://dev.gnupg.org/T6960 for updated information. Please consult the archive of the gnupg-users mailing list before reporting a bug: https://gnupg.org/documentation/mailing-lists.html. We suggest to send bug reports for a new release to this list in favor of filing a bug at https://bugs.gnupg.org. If you need commercial support go to https://gnupg.com or https://gnupg.org/service.html. If you are a developer and you need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks == Since 2001 maintenance and development of GnuPG is done by g10 Code GmbH and has mostly been financed by donations. Several full-time employed developers and contractors are working exclusively on GnuPG and closely related software like Libgcrypt, GPGME, Kleopatra and Gpg4win. Fortunately, and this is still not common with free software, we have established a way of financing the development while keeping all our software free and freely available for everyone. Our model is similar to the way RedHat manages RHEL and Fedora: Except for the actual binary of the MSI installer for Windows and client specific configuration files, all the software is available under the GNU GPL and other Open Source licenses. Thus customers may even build and distribute their own version of the software as long as they do not use our trademarks GnuPG Desktop® or GnuPG VS-Desktop®. We like to thank all the nice people who are helping the GnuPG project, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, answering questions on the mailing lists, or helped with donations. *Thank you all* Your GnuPG hackers p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users at gnupg.org mailing list. List of Release Signing Keys: To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: rsa3072 2017-03-17 [expires: 2027-03-15] 5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28 Andre Heinecke (Release Signing Key) ed25519 2020-08-24 [expires: 2030-06-30] 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA Werner Koch (dist signing 2020) ed25519 2021-05-19 [expires: 2027-04-04] AC8E 115B F73E 2D8D 47FA 9908 E98E 9B2D 19C6 C8BD Niibe Yutaka (GnuPG Release Key) brainpoolP256r1 2021-10-15 [expires: 2029-12-31] 02F3 8DFF 731F F97C B039 A1DA 549E 695E 905B A208 GnuPG.com (Release Signing Key 2021) The keys are available at https://gnupg.org/signature_key.html and in any recently released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed by a different key. -- Arguing that you don't care about the right to privacy because you have nothing to hide is no different from saying you don't care about free speech because you have nothing to say.- Edward Snowden openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sign detach
Hi, please send proper bug reports or detailed questions. Stuart have hints how how this can be done. If you don't want to follow this basic rule we have to set you on moderated. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to download commit packages from gnupg phabricator?
Hi! On Wed, 6 Mar 2024 20:20, Vladimir Nikishkin said: > However, I don't seem to be able to find a way to download a tarball > of the commit in any way. You man a tarball made from the repository at that commit? In general we only publish traballs. If you want to use a working thing (i.e. git) then you need to build from git. We like well versioned releases. > But for some reason the links like > https://dev.gnupg.org/source/gpgpass/zip/master/;f46437b49b30257a7e98f98803c42c369b0748e8.zip That is quite possible; we never configured it. dev.gnupg.org is in most cases only a "mirror"[1] of our main repo server. Salam-Shalom, Werner [1] For a distributed VCS like Git the term "mirror" is of course a bit questionable. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should one really disable AEAD for recent GnuPG created PGP keys?
On Tue, 5 Mar 2024 11:15, Bruce Walzer said: > So just to be clear, I am not complaining that GnuPG implemented the > LibrePGP version of OCB. I am complaining that GnuPGP did #2 and #3 > before implementation was close to universal and did not clearly spell Sorry, this is not true. OCB mode is only used if all recipient's key have the flag that they support this mode. This is not different from the preferences for a certain cipher algorithm. For example AES in the old days. The migration from CAST5 to AES worked without any noticeable problems because after we implemented AES, we announced that in the keys and the peers started to use AES iff all recipients claimed that they support this flags. Same thing for for compression algorithms. At some point we were talked round to implement bzip2. The WG agreed on a code point for this and GnuPG implemented it. It is really rare that you get messages which you can't decrypt due to the non-supported compression algo. The preference system does it works. Now, when you move to another software with less capabilities, you need to announce that to your peers by sending an updated key with the new set of preferences. Sure there is a problem with low end mobile device software which you use with the same key - in this case you need to drop the preferences which are not supported by your mobile device software. > block cipher mode and do whatever else will speed things up. The user, > of course, would be made aware the the resulting files might not be > decryptable everywhere. If your key claims that it supports this feature it is decryptable - or you forgot to distribute the fact that you moved to a less capable software. Right, for symmetric only encryption the preferences don't work. But in this case you need to negotiate parameters and passwords anyway. > Arch Linux is just dropping #3 with their patch. Their version of > GnuPGP still supports the OCB mode and can generate it. So they are Sure they can do that. However, I don't think that this is a good decision. With the same argument we would still be using CAST5 or Twofish or even Blowfish. > distributions were not tempted to issue such patches. There really > should be a better way of doing this. Otherwise the users will > encounter different behaviour on different Linux distributions. Agreed. Let the preferences work for you. And also nag Vincent et al to stop crippling their software (rejecting OCB). After all BouncyCastle supports ed25519 which is also not specified by an RFC or anything else except the way gpg implemented the details of that curve. Such public key algorithms can't even be managed by the preference system. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should one really disable AEAD for recent GnuPG created PGP keys?
Hi! On Tue, 5 Mar 2024 12:39, Tobias Leupold said: > Sorry for asking another thing about this. For sure, I didn't want to set off > an avalanche, and I still don't want to. But from a user's perspective, this > is simply very confusing and also unsettling. You are right. What I can do is to give my perspective of this which is based on my experience re-implementing a free PGP version since 1997 and while doing that taking part in the OpenPGP specification process which started at the same time. > https://security.stackexchange.com/questions/275883/should-one-really-disable-aead-for-recent-gnupg-created-pgp-keys > > The answer started with: > >> While authenticated encryption (AEAD) is good - especially for something >> like OpenPGP, which is an old and over-complicated standard that has a >> concerning large attack surface for vulnerabilities or simple implementation This introduction is pretty unfair but unfortunately as common on the net as the "PGP is way too complicate for anyone to use" claim. In reality PGP (in the form of GnuPG and Thunderbird) is used daily by million of people who consciously choose to protect their mails and data. If you want to see an over-complicated standard, have a look at S/MIME (aka CMS, X.509) which is implemented by all major mailers but has not the good repudiation of *PGP. See also [1]. The above answer by CBHacking continues: I definitely can't recommend enabling a non-standardized compatibility-breaking feature by default, and frankly feel that GnuPG made a major error in doing so. That is factual wrong. RNP, the core of Thunderbird's OpenPGP implementation, implemented this too. But instead of fixing all the stuff which got lost during the migration from Enigmail to TB's new OpenPGP code the TB maintainer now wants to remove support for OCB from TB. IETF specifications are not a standard but a specification how certain things are commonly implemented. The meanwhile most used public key algorithm (Curve25519) is not specified in OpenPGP but nevertheless less widely used and accepted. From a security perspective, I'm not even sure that just adding an OCB-based AEAD mode actually helps anything, in expectation; OpenPGP messages can already be authenticated in a few different ways, so arguably the likeliest source of security flaws is that the message S/he is right that formats get more complex and that we already have Authenticated Encryption (the core feature of AEAD) in OpenPGP but exactly that old format is complex and hard to implement. OTOH, the new OCB based Authenticated Encryption is a straightforward implementation of a well reseached mode and the gold standard for all block cipher modes. The old format in OpenPG was an ad-hoc implementation of Authenticated Encryption on top of the legacy PGP-2 format. Thus in the long run the new OCB mode will reduce the complexity. The answer shows in bold: Given that you work with non-GnuPG clients, and that this feature is not part of the OpenPGP specification, and that OpenPGP already includes message authentication and integrity, I recommend disabling this feature for now. With the same argument you could also stop using TLS 1.3 and instead keep on using TLS 1.2 in eternity. In most cases 1.3 has no real world advantages when done right. However, most sites allow for both 1.3 and 1.2 and only a few disallow 1.2 which leads to the same problems as we see with the removal of support by some application and some Linux distros. Note that you'll have to re-encrypt the data for non-GPG clients after disabling this non-standard feature. Also most other things CBHacking wrote are okay, this one is simply wrong. This is not a gpg only feature. > from somebody with an impressive reputation on the network, for whom I > suppose Well, some anonmyous account on stackexchange. I can't tell. Salam-Shalom, Werner [1] Let me quote Peter Gutman, a really well repudiated expert on all things security, on S/MIME: "As a result there's no pressure on the people involved in PKI standardisation to create anything that meets any real-world requirement, allowing them instead to spend their time building great gothic cathedrals of infinite complexity whose sole purpose seems to be to strike awe and terror into the masses." I hope that *PGP stops evolving into this direction. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Your message to Gnupg-users awaits moderator approval
On Mon, 4 Mar 2024 15:34, Matěj Cepl said: > like this one. My key has been signed by 60+ signatures, but > still 45K just for that seems excessive. Is there some way how to > generate something meaningful, which would be smaller? gpg --export -a --export-options export-minimal FOO >foo.asc this keeps just your self-signatures. There are other ways too but they are more complicated. Ley me quickly raise the limit on the mailing list. I has been setup a lng time ago. I guess 100k should be sufficient. BTW, thanks to the nice folks who silently do their moderator jobs for years and years. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should one really disable AEAD for recent GnuPG created PGP keys?
On Mon, 4 Mar 2024 19:05, Tobias Leupold said: > IMO interoperability with GnuPG is crucial for this project. Most > people using that on their phones will come from Linux, or they will Actually most users will come from Windows ;-) Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should one really disable AEAD for recent GnuPG created PGP keys?
On Tue, 5 Mar 2024 00:16, Vincent Breitmoser said: > The packet format referred to here is GnuPG-specific. In November Vincent, please stop spreading wrong facts. That is not a GnuPG specific but an agreed upon format by the participants of the OpenPGP WG and implemented by all major implementations. This was done in the same way we handle that since 1997 - the implementers agreed upon some format, implemented it and later described it some draft document. For example the current AEAD mode (CFB+MDC) was agreed upon in the year 2000 and implemented by both existing implementations (PGP and GnuPG). If took then 8 years before it was codified in an RFC. Same thing for modern ECC curves - implemented by everyone but no detailed specs out there. Modern AEAD mode (OCB) was specified and cross-tested in 2018 but some people, driving their own agenda, dropped that in fall 2021 and came up with another format with no solid reason. Bruce: I understand your claims and we have been very careful not to break anything when implementing a modern mode. That mode is really required because the old CFB+MDC is slow and policy makers don';t like it because it is not on their list of modern algorithms. The problem here is that group of newcomers with their niche implementations who want to gain an advantage compared to the existing implementations. Unfortunately supported by a few people like Vincent who patch out things or don't use their existing stuff. OTOH, it is not a real problem because they are, well, niche implementations, albeit with a loud voice. > 2023, GnuPG forked the OpenPGP standard as "LibrePGP", in protest of Right, Ribose and GnuPG came up with that site to explain what was going wrong and to have a descriptive name for the actual OpenPGP standard in current use. All has been said and there is no need to continue spreading wrong facts from your rebellion group aiming to discredit the most widely used standard for mail and data encryption. Please go to your own list and continue there. Here is no place to repeat that. My last word on this on this ML. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [gpg-agent] Empty OPTION xauthority=
On Mon, 4 Mar 2024 14:19, Matěj Cepl said: > Do I understand it correctly that gnupg contains smaller version > of systemd (dependency activation) inside of itself and that No. It is not required. Just don't let systemd start gpg-agent or dirmngr with option --supervised. If you use ssh just make sure that gpg-agent has been started - this is the same as with ssh-agent. > MicroOS by openSUSE (and Fedora Atomic and many others, > every Linux distro has its own variant of this, I guess) are > container-oriented systems, where only minimal host system > is used to run multiple isolated containers (Docker/Podman, > distrobox, or Flatpak). SELinux and other methods are used to I see. We once looked into running a gpg-agent under a different account and with the right glue it should work. Definitely needs some more work but given that remote use works, it should not be a major hassle. The gpgconf.ctl hack might come handy to force the use of a different socket directory - see the latest gpgconf man page. Depends on how things are actually done. There is even a --chuid option to gpgconf to handle things for a user during session startup. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Should one really disable AEAD for recent GnuPG created PGP keys?
On Mon, 4 Mar 2024 12:03, Tobias Leupold said: > So: Is it wise and/or necessary to disable that for new GnuPG generated keys, > for the sake of interoperability? Or will the others catch up and implement No, it is not because you are delaying the deployment of new and a much faster algorithm mode. Although OpenPGP provides a nice preference system to convey the capabilities of your software it has the obvious problem that you need to change the preferences when moving to another software. In fact gpg has always asked you to update the preferences if it detected a different set. Using the same key with different software is and will always be problematic. I would also consider the security drawbacks of doing so. The attack surface of an Android phone is far higher than of your well maintained Unix or Windows desktop. Thus it may be useful to reflect this by using different keys or at least subkeys. All the major implementers (Ribose RNP, GnuPG, BouncyCastle, OpenPGP.js) took great care to first deploy the software with support for the new mode before actually creating keys with a preference for that mode [1]. Unfortunately a small group of people seem to sabotage this strategy by rejecting the new mode despite that it has been implemented by their crypto library. Well, or your version on Android is too old - which would indicate a severe security problem anyway. > it? Or is there a good reason not to do so? Should one keep using legacy RSA > keys? Is it too early to switch to more modern ones? RSA has nothing to do with this. You can safely switch to curve25519 (ed25519/cv25519) for new keys - they are supported even longer than OCB mode (aka AEAD). Salam-Shalom, Werner [1] OCB (AEAD) decryption implemented by GnuPG with versions: 2.3.0-beta (January 2018) - interop tested with RNP and OpenPGP.js 2.3.0 (April 2021) 2.2.21 (July 2021) -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [gpg-agent] Empty OPTION xauthority=
On Sun, 3 Mar 2024 20:38, Matěj Cepl said: > 1. Could you please explain why it is racy? Why from all services Because all components of gnupg will start gpg-agent and the other daemons oin the fly and make sure that only one is started. Systemd does not know about this specific start mechanism and thus you might see two daemon processes for some time until their self-check detects this situation. In most cases this is just a annoying but it may very well happen that the two processes receove different information and are not abale to properly handle the caching. With smartcards you may also run into lockups becuase only one process may hold access to a smartcard. With keyboxd we even didn't implement the systemd start thingy because keyboxd acquires a process lifetime lock on the database and thus a second process won't be abale to get that lock and timeout after some time. > 2. When running on MicroOS system (or Fedora Atomic) how could >you guarantee that there is only one gpg-agent and gpg >doesn't try to run it inside of a container, thus making it I have no idea what this is about. In case you need to play interesting games with the sockets, the gpgconf.ctl mechanism might be helpful. Using no-autostart in the common.conf might be useful. We use it always when running a remote gpg. > What? You know there is a vulnerability in gpg (actually, > couldn't the particularly modified environment be abused for some Please read again what I wrote: An empty string for the value is simply invalid syntax. That is different from not giving a value which is specified as removing the envvar (cf. "" vs. NULL). > I have Wayland-only system (based on sway), so whole XAUTH* > variables are nonsensical here. Others might be: $ gpg-connect-agent 'getinfo std_env_names' /bye D GPG_TTY D TERM D DISPLAY D XAUTHORITY D XMODIFIERS D WAYLAND_DISPLAY D XDG_SESSION_TYPE D QT_QPA_PLATFORM D GTK_IM_MODULE D DBUS_SESSION_BUS_ADDRESS D QT_IM_MODULE D INSIDE_EMACS D PINENTRY_USER_DATA D PINENTRY_GEOM_HINT Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [gpg-agent] Empty OPTION xauthority=
Hi! On Sat, 2 Mar 2024 20:54, mc...@cepl.eu said: > am running it on host with systemd --user services (configuration Take care, the use of systemd is racy and support will be removed in 2.6. > gpg: all values passed to '--default-key' ignored > gpg: keydb_search failed: IPC syntax error (You may use --debug=ipc alsowith gpg to see what is going on) > 2024-03-02 10:53:20 gpg-agent[2434] DBG: chan_10 <- OPTION xauthority= gpg-gent receives this from gpg. Look: $ gpg-connect-agent > option xauthority= ERR 67109140 IPC syntax error - option argument expected > option xauthority OK gpg takes the value for xauthority from the envvar XAUTHORITY. In your case it seems that this envvar is set to the empty string which results in the above synax error. Using xauthority without a value and thus without the '=' removes the value from gpg-agent's environment. In theory it would be possible to ignore the empty string but given that we have the code this way for 20 year the risk of a regression is to high. Please figure out why XAUTHORITY is set to the empty sting. XAUTHORITY is only needed if you don't use ~/.Xauthority to store the X11 magic cookies; see xauth(1). Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On the security of ~/.password-store/.gpg-id [was: Re: Second OpenPGP-card]
On Fri, 1 Mar 2024 21:56, Daniel Kahn Gillmor said: > For example, GnuPG could instead offer an interface with explicit > options to allow the user to choose to match certificates by > fingerprint, or by e-mail address, or by name, or by full User ID, but Simply prefix the fingerprint with 0x and gpg will only consider fingerprints. RTFM. You know that very well given that you are the person who was so keen to be able to maintain a "curated" keyring. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Wed, 28 Feb 2024 17:41, Jacob Bachmeyer said: > As Werner mentioned, you can also have different .gpg-id files for > different parts of your password store, if you wanted some passwords > to only be available with certain smartcards. FWIW: The C3S uses pass for their teams and meik wrote a script to manage such a password store: https://github.com/C3S/passtore Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Wed, 28 Feb 2024 17:40, Jacob Bachmeyer said: > Or even Windows, which remains disturbingly common in applications > that probably need far less attack surface, like industrial control > systems... (Is the stupidity of management a main driver of Shamir's > law?) Often true but the real problem is software complexity. Also: developers are being paid for their work and thus they tend to keep themself in business by requiring software changes all the time. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Wed, 28 Feb 2024 10:55, Matthias Apitz said: > purism@pureos:~$ cat .password-store/.gpg-id > CCID L5 Which means that it encrypts to "CCID L5". pass parses this using while read -r gpg_id; do gpg_id="${gpg_id%%#*}" # strip comment [[ -n $gpg_id ]] || continue GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" ) GPG_RECIPIENTS+=( "$gpg_id" ) done The good thing with pass is that it is easy to read. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Tue, 27 Feb 2024 20:52, Jacob Bachmeyer said: > Therefore, pass(1) almost certainly has its own list of keys stored pass stores the fingerprints of the keys in a .gpg-id file and allows to set different ones per directories. > logarithm problem and /vice versa/. Accordingly, RSA1024 is now > considered sufficiently dubious that some implementations no longer > support it, such as the go-crypto/openpgp library used by the newer Which is a Bad Idea because it is up to the user or their implementation to decide which keys are trustworthy. Being able to revoke rsa1024 keys is a useful feature. Although MD5 (PGP2) can be considered as fully broken, rsa1024 is not in general broken. But ist is pretty fashionable to use an easy to exploit OS (e.g. not using the latest Linux kernel) and musing about RSA key strength. Keep Shamir's law in mind. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Tue, 27 Feb 2024 10:07, Matthias Apitz said: > I've never done anything with this and expected it also at date > 2021-10-30 (when I initialized the OpenPGP card in the mobile L5). The pubring.kbx is used for various things. For example we also store "ephemeral keys" for X.509 (those we receive via mail) which are not used due to an incomplete chain. There is a cleanup process running every few hours to remove them. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric passphrase with remote (extra, restricted) gpg-agent
Hi! sorry, for the wrong order of the messages, I simply forgot to sent them yesterday. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric passphrase with remote (extra, restricted) gpg-agent
On Fri, 23 Feb 2024 22:59, Marcin Wrochna said: > However, I cannot make `gpg --symmetric` encryption work on the remote, > as it tells me getting a passphrase is "Forbidden". Right. It does not sund like a good idea to give the server access to your local password store (in gpg-agent). This way the server might get access to any password sored in the cache. You need to look at the code in gnupg/agent/commands.c - search for the function cmd_get_passphrase. The first statement there is if (ctrl->restricted) return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); The function (test with gpg-connect-agent and "help get_passphrase") has an option --no-ask which only returns value from the cache or errors out. What we might do is another option (e.g. --only-query) to only popup the pinentry and return the value. Maybe this can be the default for a restricted connection. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric passphrase with remote (extra, restricted) gpg-agent
Hi again! you may want to try the attached patch. It is against the current 2.4 head but should apply also to somewhat older versions. If this solves your problem, it can go into 2.4.5 soon. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein From 4025da324903093736f238329274f5e234f5339e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sun, 25 Feb 2024 15:55:14 +0100 Subject: [PATCH GnuPG] agent: Allow GET_PASSPHRASE in restricted mode. * agent/command.c (cmd_get_passphrase): Allow use in restricted mode but ignore the cacheid. -- The use case is symmetric encryption via the extra-socket. To avoid that the gpg running on the server has access to the cache we set the cache id to NULL so that the cache is not used at all. --- agent/command.c | 9 - 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/agent/command.c b/agent/command.c index 20ae08e9f..100b97f57 100644 --- a/agent/command.c +++ b/agent/command.c @@ -1988,9 +1988,6 @@ cmd_get_passphrase (assuan_context_t ctx, char *line) struct pin_entry_info_s *pi2 = NULL; int is_generated; - if (ctrl->restricted) -return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); - opt_data = has_option (line, "--data"); opt_check = has_option (line, "--check"); opt_no_ask = has_option (line, "--no-ask"); @@ -2039,7 +2036,9 @@ cmd_get_passphrase (assuan_context_t ctx, char *line) if (!desc) return set_error (GPG_ERR_ASS_PARAMETER, "no description given"); - if (!strcmp (cacheid, "X")) + /* The only limitation in restricted mode is that we don't considere + * the cache. */ + if (ctrl->restricted || !strcmp (cacheid, "X")) cacheid = NULL; if (!strcmp (errtext, "X")) errtext = NULL; @@ -2121,7 +2120,7 @@ cmd_get_passphrase (assuan_context_t ctx, char *line) entry_errtext = NULL; is_generated = !!(pi->status & PINENTRY_STATUS_PASSWORD_GENERATED); - /* We don't allow an empty passpharse in this mode. */ + /* We don't allow an empty passphrase in this mode. */ if (!is_generated && check_passphrase_constraints (ctrl, pi->pin, pi->constraints_flags, -- 2.39.2 openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to get a pubkey with WKD
On Thu, 22 Feb 2024 15:37, Bernhard Reiter said: > For Debian GNU/Linux oldstable, it still is 2.2.27, though > and 2.2.19 for Ubuntu GNU/Linux 20.04LTS. --locate-external-keys was introduced with 2.2.17. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Hints on how to check for a WKD key (was: Trying to get PKA working)
On Wed, 21 Feb 2024 15:52, Philip Colmer said: > that works. The wiki (https://wiki.gnupg.org/WKDHosting) says to use > gpg --homedir "$(mktemp -d)" --verbose --locate-keys > your.em...@example.org ... and this doesn't work. Its a wiki and ppl change it at will and worse nobody checks and updates it. The above seems to be an old idea to make sure tha the key does not yet exist. In contrast to --locate-key --locate-external-key loads the key from external resources even if it already exists. Thus this is a refresh key function. Some folks don't like to clutter their keyring with more keys and thus use a temporary GNUPGHOME directory (i..e --homedir). For me the above works: $ gpg --homedir "$(mktemp -d)" --verbose --locate-keys w...@gnupg.org [...] gpg: pub ed25519/63113AE866587D0A 2018-09-28 w...@gnupg.org gpg: key 63113AE866587D0A: public key "w...@gnupg.org" imported gpg: no running gpg-agent - starting '/usr/local/bin/gpg-agent' gpg: waiting for the agent to come up ... (5s) gpg: connection to the agent established gpg: Total number processed: 1 gpg: imported: 1 gpg: auto-key-locate found fingerprint AEA84EDCF01AD86C4701C85C63113AE866587D0A gpg: automatically retrieved 'w...@gnupg.org' via WKD pub ed25519 2018-09-28 [SC] [expires: 2027-01-31] AEA84EDCF01AD86C4701C85C63113AE866587D0A uid [ unknown] w...@gnupg.org sub cv25519 2018-09-28 [E] [expired: 2022-01-31] sub ed25519 2020-08-04 [S] sub brainpoolP384r1 2021-06-28 [E] [expires: 2027-01-10] Another way to test is $ gpg-wks-client check -v w...@gnupg.org gpg-wks-client: public key for 'w...@gnupg.org' found via WKD gpg-wks-client: fingerprint: AEA84EDCF01AD86C4701C85C63113AE866587D0A gpg-wks-client: user-id: w...@gnupg.org gpg-wks-client: created: Mon 01 Oct 2018 05:39:07 PM CEST gpg-wks-client: addr-spec: w...@gnupg.org This is develpment version, you need to use the classical thing though: $ gpg-wks-client --check -v w...@gnupg.org If you add --debug=ipc you can actually see what has been requested from the server. Without any option you just get an returns status for scripting. Now someone(tm) should update the wiki. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Trying to get PKA working
Hi! Please don't use PKA. Any remaining support will be removed anyway. The Web Key Directory is a far better and easiert way to get certificates. In fact it is enabled by default and used transparently in Kleopatra and with the Windows GpgOL plugin. Other Unix mailers might also have support for it. https://wiki.gnupg.org/WKD But take care; this is a wiki and information may be a bit confusing. For example I would suggest to use the gpg-wks-client command --install-key or even --mirror to prepare a local copy of the WKD and then sync this to the server. This way you don't need to install the web Key Server stuff etc. Testing is a mere gpg --locate-external-key -v f...@example.org Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Tue, 13 Feb 2024 17:32, Matthias Apitz said: > We need here 'Microm SIM'. And I talked to the owner of floss-shop. They > do not offer a way to pop out Micro SIM. I simply uses scissors to cut them out and those cards work. Granted I don't use the Librem regulary (if at all), but the card was not that of a problem. Well, I had planty of old cards to try ;-) Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to get a pubkey with WKD (Re: Incompatible secret key format between 2.4.4 and 2.2.27?)
On Thu, 15 Feb 2024 11:48, Bernhard Reiter said: > But it does not get the current version of the pubkey in some circumstances. Example? I am not zware of it. > And the long version works in a few more elder GnuPG versions. ;) Since 2.2.17 from summer 2019 - 5 years passed since then with a couple of CVEs. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Incompatible secret key format between 2.4.4 and 2.2.27?
On Wed, 14 Feb 2024 11:24, Bernhard Reiter said: > The following will get his pubkey by WKD on the command line: > gpg --locate-keys --auto-key-locate clear,nodefault,wkd w...@gnupg.org FWIW, gpg --locate-external-key w...@gnupg.org is much easier that the abvove long list of options. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Second OpenPGP-card
On Fri, 9 Feb 2024 15:36, Matthias Apitz said: > So, can I buy this card here in Europe or even in Germany? floss-shop.de > If not, I could with a script decrypt all the files in this tree and > encrypt them again after setup the card. But, it would be better just > copy the files over by SCP, also when passwords get added or updated. Actually we have an open task for re-encryption: https://dev.gnupg.org/T1825 For small messages this is easy but there is no easy solution for large data. A detached encryption packet is a theoretical option. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Incompatible secret key format between 2.4.4 and 2.2.27?
On Sun, 11 Feb 2024 20:28, mlist_e9e869bc--- said: > signature is done in Version 5, instead of Version 4 like other parts of > the key. With that certify signature removed, I can import the secret > key to GPG 2.2.27 no problem. Can you please try to import that key (with the v5 key signature) using a current 2.2. version (2.2.42)? Or you can send me the public key by private mail so that I can check what's going on. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Regarding the expiration of the signed data in npth-1.6.tar.bz2
On Tue, 6 Feb 2024 17:51, Bernhard Reiter said: > So far I haven't seen renewed signatures from GnuPG devs, which makes it > unlikely they sign the nPth release from 2018 again. Right, we will soon do a new release with some fixes for AIX and to modernize tyhe build system. In theory we could re-sign old stuff but for most packages the latest releases are fresh enough. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Trouble with GPG Cards for SSH when using FIDO2
Hi! I would suggest that you put debug ipc log-file /foo/bar/agent.log into gpg-agent.conf and debug cardio log-file /foo/bar/scd.log into scdaemon.conf and restart them all (gpgconf -K all). You way of course also run watchgnupg to see a combined log but sepearte log files are good enough. The ssh handler has no dedicated debug statements and thus any debug level is sufficient to see errors in the logs. If you don't see anything in the logs you either need to use a socket proxt (somewhere in the gnupg source is one) or add debug statements to command-ssh.c. My guess is that the scdaemon log gives some hints. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] GnuPG 2.4.4 released
tions. *Thank you all* Your GnuPG hackers p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users at gnupg.org mailing list. List of Release Signing Keys: To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: rsa3072 2017-03-17 [expires: 2027-03-15] 5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28 Andre Heinecke (Release Signing Key) ed25519 2020-08-24 [expires: 2030-06-30] 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA Werner Koch (dist signing 2020) ed25519 2021-05-19 [expires: 2027-04-04] AC8E 115B F73E 2D8D 47FA 9908 E98E 9B2D 19C6 C8BD Niibe Yutaka (GnuPG Release Key) brainpoolP256r1 2021-10-15 [expires: 2029-12-31] 02F3 8DFF 731F F97C B039 A1DA 549E 695E 905B A208 GnuPG.com (Release Signing Key 2021) The keys are available at https://gnupg.org/signature_key.html and in any recently released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed by a different key. -- Arguing that you don't care about the right to privacy because you have nothing to hide is no different from saying you don't care about free speech because you have nothing to say.- Edward Snowden openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
On Tue, 23 Jan 2024 12:38, Leo Coogan said: > sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02] > C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B > Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB You don't have a signing key. Ther primary key has been taken offline ('#') and can thus not be used for signing. > ssb cv25519 2023-03-03 [E] [expires: 2025-03-02] > 143454E3276F11C51D01B35363D14EA6FDB00D9F > Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21 The subkey is not capable of signing (by usage flags and algorithm). Did you had another signing subkey and that one expired? Add --list-options show-unusable-subkeys to the listing command to check. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
On Fri, 19 Jan 2024 14:19, Leo Coogan said: > When I run `git commit -m` on nixos, I receive this error: For debugging add "verbose" to ~/.gnupg/gpg.conf . This should give you more information what's up. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Win 11 + Smarcard: SSH public key authentication fails
On Wed, 17 Jan 2024 08:22, Thomas said: > I didn't use ssh @ on purpose because I'm used to > use the same user on remoteserver as on client. Common problem for me too when I ssh into a Windows box where I use a different user name on purpose ;-). This way you don't accidently login into a testbox and run commands not intended for that box. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: running gpg-agent in foreground
On Wed, 17 Jan 2024 14:01, Falko Strenzke said: > I would like to run my development version of GPG-agent under valgrind. As I > understand it, for that purpose I have to run it in the foreground, i.e. in > server mode. However, whenever I launch it as No, that will not work for you. I recommend this: cd /my/test/directory GNUPGHOME=`pwd` gpg-agent --daemon /bin/sh This way you can easily start gpg-agent via valgrind. Instead of running a shell directly you may also use a script instead of /bin/sh: --8<---cut here---start->8--- #!/bin/sh SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) export SSH_AUTH_SOCK cat >setup-tests.ini <<'EOF' PS1="$(echo "$PS1" | sed 's,\\\$ $,(GnuPGTest)\\\$ ,')" export HISTCONTROL=ignoreboth export HISTFILE=$(pwd)/.bash_history EOF exec bash --init-file setup-tests.ini --8<---cut here---end--->8--- which gives you a dedicated prompt so that you can easily see that you are in a test environment. For logging put "log-file socket://" into common.conf and run watchgnupg --time-only --homedir /my/test/directory in another terminal. Add --force to take over the logging socket. Useful debug options for gpg-agent.conf are "debug ipc". Use "gpg-agent --debug help" to get a list of all debug options. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Win 11 + Smarcard: SSH public key authentication fails
On Mon, 15 Jan 2024 20:03, Thomas Schneider said: > And ssh-pageant is not available for Win 11, but pageant is included > in PuTTY. I didn't implemented or tested the newer --enable-w32-openssh-support so I don't have first have experience. However, Windows comes with an sssh server and an client, which are slighly modified OpenSSH versions. Thus you should be able to simply run c:\ ssh -v snow...@hawaii.nsa.gov The ssh diagnostics enabled with -v should show you what's going on and whether ssh tries to use an ssh-agent implementation. You need to start gpg-agent first, of course: gpgconf --launch gpg-agent or run any gpg command or kleopatra, etc.) > Could you please share some details of your working setup (scripts > connecting from Win 10/11 to other servers using SSH). Okay, let's try it: I just installed a gpg4win 4.3.0-beta and tried it on my testbox (Windows 10.0 build 19045) using my regular token: debug1: Next authentication method: publickey debug1: Offering public key: cardno:FFFE_xxx ED25519 SHA256:tXYM7ne2kI+ZUw7jGii9LBhoz8uB0ucKv28OSSW6a/g agent debug1: Server accepts key: cardno:FFFE_xxx ED25519 SHA256:tXYM7ne2kI+ZUw7jGii9LBhoz8uB0ucKv28OSSW6a/g agent debug1: Authentication succeeded (publickey). Authenticated to ftp.gnupg.org ([217.69.76.55]:22). But that should also work with your gpg4win version. >> the native client you need to add *enable-w32-openssh-support* to your Oops, the option is actually *enable-win32-openssh-support*. I try to get it into the Kleopatra config dialog with gnupg 2.4.4 - right now kleopatra can only enable the Unix style ssh support. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Win 11 + Smarcard: SSH public key authentication fails
Hi! I am not 100% sure whether I did understand you correctly: You are in Windows 11 and want to use its native OpenSSH client to connect to some other ssh server. Why do you need Putty, which has an integrated but different ssh implementation? For Putty you had *enable-putty-support* in your gpg-agent.conf. For the native client you need to add *enable-w32-openssh-support* to your gpg-agent.conf. Better disable the Putty support; I am not sure whether there are any conflicts. Take care, alhough me and my scripts ssh into Windows10 and 11 boxes quite often, the other way around is not that well tested. For debugging options, please see my other mail from today. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Trouble with GPG Cards for SSH when using FIDO2
On Mon, 15 Jan 2024 09:25, Philipp Schmidt said: > - Everything works fine until I use one of the keys for FIDO2 > - Afterwards I cannot restore the service without a reboot Try to add pscs-shared to scdaemon.conf and gpgconf -R scdaemon. Does this change anything? If not, add log-file /foo/scd.log debug ipc,reader,card to scdaemon.conf and check the log file or send it to me. Make sure that you did not enter the PIN as it would show up in the log. If this does not give any hints, adding "debug cardio" will give even more verbose output. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: typo in section 7.4.3 of the gpgme manual
On Fri, 5 Jan 2024 21:25, Ming Kuang said: > I think it should be "may also be" instead of "my also be" :) Fixed. Thanks. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Cannot export SSH public key
On Fri, 5 Jan 2024 10:07, Felix E. Klee said: >> gpg-connect-agent updatestartuptty /bye > > or otherwise, I get no PIN entry dialog / prompt That is right. The ssh-agent protocol has no means to tell the ssh-agent or gpg-agent some important environment cariabales, like the current tty or DISPLAY. I can't remember what ssh-askpass (?) works but for GnUPG, gpg-agent uses the tty/display from where it was launched if it does not know anything else updatestartuptty tells gpg-agent that it should assume that the tty/display whenre gpg-connect-agent was run should be the new default. Fixing this in the ssh-agent protocol would be easy and I actually implemented this but did not found the time to keep on nagging them to include my patch to pass arbitrary envvars over the ssh-agent protocol. The gnupg part has long been implemented: https://dev.gnupg.org/rG224e26cf7b67f22bb0140133eac6b4ad24f3b1b7 and somewhere on the openssh ML one should find my patch. I am so used to run the updatestartuptty that I don't even think about this. It is the first thing I do when I ssh into my laptop. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: --list-keys fails with missing .gnupg directory and --no-options
Hi! Right, no-options also inhibits the homedir creation: --no-options Shortcut for --options /dev/null. This option is detected before an attempt to open an option file. Using this op‐ tion will also prevent the creation of a ‘~/.gnupg’ homedir. > I'm wondering if the documentation for --no-options should perhaps be > updated to indicate that commands like --list-keys may fail if there's no I think that most commands will fail without a homedir. > homedir, or perhaps should --no-options skip doing anything with > trustdb.gpg. Well, if the homedir exists - which is the common case - this would change behaviour. --no-options is used so that you don't accidently use configured options like --encrypt-to or similar. For example, dirmngr and gpg-wks-client have such needs. I would suggest to create a temporary home directory or disable the trust thing (--always-trust should work). But without a home directory many things can't work. BTW, if case you are writing a verification script, have a look at the new option --assert-signer. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm: ksba_cms_parse failed: Broken pipe
Hi! On Thu, 14 Dec 2023 16:19, Jakob Bohm said: > zcat ${infl} | > faketime "${DSTAMP}" gpgsm --verify --validation-model shell > --assume-binary --status-fd 3 --output - - 3>${wrkdir}/sigdec.status > || : > gpgsm: ksba_cms_parse failed: Broken pipe gpgsm expects more data but zcat already sent its EOF. This might be due to a broken ASN.1 structure which announced N bytes but gpgsm was not able to read thes N bytes. CMS chunks up the data so that you can have a very long stream of data. (I have sometimes seen chunks of just one byte). That is the error message you meant, or did you see more? Adding --verbose is often very helpful. > Message on status-fd (copied to stderr by cat command) > > [GNUPG:] ERROR verify.leave 32877 This is the machine interface; which you rightfully parse. $ gpg-error 32877 32877 = (0, 32877) = (GPG_ERR_SOURCE_UNKNOWN, GPG_ERR_EPIPE) = (Unspecified source, Broken pipe) verify.leave helps us to locate the place where the error as emitted: Here is is at the end of gpgsm_verify function but unfortunately we can't get the offset of the input data where it stopped parsing. You may use "--debug hashing" to write a file with the data hashed (i.e. what is verified). That gives an indication where inthe stream the error occured. Anothyer useful tool is the venerable dumpasn1 tool which you could use instead of gpgsm to find error in the input data structure. > Which of the inputs was being truncated on the way to the that > parsing function? The decompressed $infl . > It would be much easier if the gpgsm code could be used standalone > like the old gpg1 could, with no entanglement to pinentry, dirmgr Yeah But for security reasons we have separated tasks in a way similar to what postfix does. > status-fd protocol etc. etc. scripted signing and verification of > computer generated data is not suited to a human-centric user Right, it is a machine interface. For gpg we have the extra tool gpgv to make verification against a known set of keys easy. And recently we added --assert-signer which basically does the same. There has never been a demand to have a dedicated verification tool for CMS but I can imagine to add a --assert-signer also to gpgsm. Your use of faketime is interesting ;-) Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Contributing: how to modify the man page
Hi! > info and the gpg man page. I would like to know which files do I need to > edit in order to edit the gpg man page and the gpg info page. Both are build from the same texinfo source. That is gnupg/doc/gpg.texi or one of the other *texi files - some are include files. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Disable keyboxd system-wide?
On Thu, 7 Dec 2023 12:07, Conrad Hoffmann said: > Thanks a lot, that did the trick. I only got to an empty > /etc/gnupg/common.conf, but was not yet aware of the [ignore] syntax, > very useful. There is also a --8<---cut here---start->8--- [force] some-option [-force] --8<---cut here---end--->8--- Which uses the option but ignore them in the ~/.gnupg conf files. FWIW, you can also do things like --8<---cut here---start->8--- # Options to handle embedded keys [getreg flag \Software\GNU\GnuPG:AutoKeyImport] [if $flag != 0] auto-key-import [fi] [getreg flag \Software\GNU\GnuPG:IncludeKeyBlock] [if $flag != 0] include-key-block [fi] --8<---cut here---end--->8--- To read values from the Windows Registry or with getenv from the environment. Another hack is this: --8<---cut here---start->8--- # From 2024-01-01 on we require at least rsa3000 [if $_epoch >= 1704067200 ] min-rsa-length 3000 [fi] --8<---cut here---end--->8--- Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Disable keyboxd system-wide?
Hi! On Wed, 6 Dec 2023 12:29, Conrad Hoffmann said: > it on. But as temporary workaround, I would be interested if there is > a way to disable keyboxd system-wide (as opposed to > ~/.gnupg/common.conf), so unsuspecting new users do not run into this? If you put this --8<---cut here---start->8--- [ignore] use-keyboxd [-ignore] --8<---cut here---end--->8--- int /etc/gnupg/common.conf the use-keyboxd option in the ~/.gnupg/common.conf file should be ignored. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: prefered key/subkey for decryption
Hi! On Tue, 5 Dec 2023 00:00, Maxime de Roucy said: > On gnupg 2.4.3 the fist subkey tried is the "local" one. > I think that it's because the "local" subkey is rsa4096, which is more secure > than rsa2048 (the yubikey subkey). No, there is such logic. > I found --personal-cipher-preferences, --personal-digest-preferences and > --personal-compress-preferences but as both subkeys are RSA… it doesn't help. That does not help with decryption. In general this problem shows up if you receive a lot of mails using an anonymous recipients (--throw-keyids) and gpg ask you to insert all your cards one after the ther. We have this TODO item in the code: /* FIXME: The list needs to be sorted so that we try the keys in * an appropriate order. For example: * - On-disk keys w/o protection * - On-disk keys with a cached passphrase * - On-card keys of an active card * - On-disk keys with protection * - On-card keys from cards which are not plugged it. Here a * cancel-all button should stop asking for other cards. * Without any anonymous keys the sorting can be skipped. */ Your use case is very similar and such a sorting would also be helpful. Another way to implement this might be by using a similar thing to what we allow for ssh-keys (see gnupg/agent/keyformat.txt) in the private key files: *** Use-for-ssh If given and the value is "yes" or "1" the key is allowed for use by gpg-agent's ssh-agent implementation. This is thus the same as putting the keygrip into the 'sshcontrol' file. Only one such item should exist. If another non-zero value between 1 and 9 is used, this is taken to establish the order in which the keys are returned to ssh; lower numbers are returned first. If a negative value is used this overrides currently active (inserted) cards and thus allows to prefer on-disk keys over inserted cards. A value of -1 has the highest priority; values are capped at -999 and have a lower priority but still above the positive values, inserted cards or the order in sshcontrol. Sorry, for not having a better answer. > (reminder: all subkeys are derived from the same primary key). Sure that you derived them? What we do is to bind subkeys to a primary key and then the sender selects the latest valid subkey for encryption. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Cannot export SSH public key
On Wed, 22 Nov 2023 19:39, Felix E. Klee said: > However, I could not log in. SSH reports: > > Permission denied (publickey). You need to make sure that the gpg-agent is running and the SSH_AUTH_SOCK envvar is set correctly. Here is the snippet from by ~/.bashrc --8<---cut here---start->8--- # Setup information required by GnuPG and ssh. We use the # standard socket in GnuPG's homedir, thus there is no need for an # environment variable. We reset any left over envvar. # SSH_AGENT_PID should not be set either because it is only used # to kill ssh-agent (option -k) but we don't want this to kill # gpg-agent. Because ssh does not know about GnuPG's homedir we # need to set its envvar to the standard gpg-agent. GPG_TTY needs # to be set to the current TTY. The extra test is used to avoid # setting SSH_AUTH_SOCK if gpg-agent has been started with a # shell on the command line (often used for testing). unset GPG_AGENT_INFO unset SSH_AGENT_PID if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" fi export GPG_TTY=$(tty) --8<---cut here---end--->8--- In case you are switching to a different X server etc, you may need to run gpg-connect-agent updatestartuptty /bye once. This will also make sure that the agent is launched. Although gpg-agent by default creates the socket for the ssh-agent protocol, some distros have a pecularity that they look into ~/.gnupg/gpg-agent.conf and check whether there is a "enable-ssh-support" option set. If not they don't set the envvar (as above) or do their necessary systemd stuff to create the socket. > I then tried exporting the key using `ssh-add`: > > ssh-add -L >~/.ssh/id_rsa.pub ssh-add should have connected to gpg-agent and exported the ssh public keys it knows. You don't need to put this into id_rsa.pub. I use > Now it gets a bit weird: Apparently the key exported by `ssh-add` is not > tied to my authentication key! I noticed this because I replaced the > authentication key. They key exported by `ssh-add` did not change. I can What is in your ~/.gnupg/sshcontrol file? It should list the keygrips of the keys to be used for ssh. gpg -k --with-keygrip yubi...@f76.eu Instead of putting this into sshcontrol you may also put them into the private-keys-v1.d/.key file with a line: Use-for-ssh: yes FWIW, you may also use Label: My pink token to have a nicer prompt. > Should I better use the authentication key exported by GPG for SSH? But > how to make that work? gpg --export-ssh-key Adds a comment with the keyid - is that one correct? Does it match what you see with ssh-add -L (or ssh-add -l)? Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg 'signing server'? Looking for advice on key management/security
On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said: > succeed in either case. If this condition is not met, Mallory will > eventually be able to forge a signature. Therefore, smartcards do not > actually provide additional security in the typical PGP usage. In all environments you have the advantage that you don't need to re-deploy your public keys after a compromise of your signing box. Sure, there are signatures on software/data out there which are not legitimate but this is not different from the easier attack of modifying the software/data before doing the signature. Further, by inserting the smartcard only when required you limit the exposure time of the key and hinder attackers to do a lot of illegitimate signatures or decryption. The OpenPGP cards feature a signature counter which can give you a hint on whether it was used by something else than you. It is not a perfect solution but raises the hurdle for the attacker. By using the smartcard on different machines you can even avoid malware which fakes the displaying of the signature counter. For a policy POV having the key material securely locked away is also an advantage - even if the data can be decrypted/signed using a smartcard by malware. The security of the key material and the ability to use the key material are different topics in a security policy. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to avoid weird mestage on file deciphering
On Fri, 10 Nov 2023 13:48, Stephan Verbücheln said: > Notifications, warnings and errors are sent to stderr (rather than > stdout), so the solution for bash would be: > > $ gpg --decrypt file.txt.gpg 2> /dev/null Or to suppress the specific diagnostics mentioned but still show important error message use gpg -q ... or gpg --quiet ... Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Pinentry problem with different home dir
On Wed, 25 Oct 2023 18:51, Michael Richardson said: > The gpg-agent dependancy that came a few years ago has really been a PITA. a few years = 20 years [1] > I would really like some way to tell GPG that it really needs to ignore all > of *my* (personal) setup, because I'm wearing a different personality now. Use a different home directory. Actually running gpg --homedir /somewhere -s something should be enough but the agent and dirmngr started on the fly won't be killed until you rmdir /somewhere. Or just use -u to select a different signing key. For example in ~/.gitconfig --8<---cut here---start->8--- [user] name = "Werner Koch" email = "w...@gnupg.org" signingkey = C1D34B69219E4AEEC0BA1C21E3FDFF218E45B72B [commit] gpgsign --8<---cut here---end--->8--- Salam-Shalom, Werner [1] "Noteworthy changes in version 1.9.0 (2003-08-05)" -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Finding all files encrypted with a certain key
Hi, hit the sent key combination by accident. The last para should have read: I think it is time to make things like this easier. Actually re-encrypt support has been on our feature list for many years. Every time I want to tackle this I stop at the decision on whether to also handle the large-file-on-server case or just do the simple re-encrypt-a-copy. Feature I'd like to have are: - Select whether anything should be done at all for a message. - Add new public keys (to encrypt the session key) - Add new symmetric keys - Remove existing public keys - Remove unknown keys (hidden keys) - Remove symmetric keys Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Finding all files encrypted with a certain key
On Wed, 25 Oct 2023 10:54, Felix E. Klee said: > Thank you! I modified that a bit, to make it more readable to me and fix > a little bug: The second `$1` doesn’t expand to the file name. Also, I Upoi caught me, I didn't test the posted version. > gpg: decryption failed: No secret key > > I wonder how to get rid of that. grep -v on stderr ;-). I think it is time to make things like this easier. Actually re-encrypt support has been on our feature list for many years. Every time I want to tackle this I stop at the descsion on whether to to also handle the large file on server shall be re-encrypted ot on teh simple re-encrypt a copy. > > My version: > > #/bin/sh > > filename=$1 > enc_sub_key=04FDF78D1679DD94 > > gpg --decrypt \ > --pinentry-mode cancel \ > --status-fd 1 \ > --quiet \ > --output /dev/null "$1" | > awk -v filename="$filename" \ > -v enc_sub_key="$enc_sub_key" \ > ' > $1=="[GNUPG:]" && > $2=="ENC_TO" && > $3==enc_sub_key { > print filename > exit 0 > }' > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnupg-users -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Pinentry problem with different home dir
On Wed, 25 Oct 2023 13:01, Falko Strenzke said: > Can anyone give me an advice what I can try to get the GnuPG Agent > pinentry working with different home directory specified via > GNUPGHOME? Run it this way: mkdir /foo/bar cd /foo/bar GNUPGHOME=`pwd` gpg-agent --daemon ~/bin/gnupg-setup-tests With gnupg-setup-tests being: --8<---cut here---start->8--- #!/bin/sh SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) export SSH_AUTH_SOCK cat >setup-tests.ini <<'EOF' PS1="$(echo "$PS1" | sed 's,\\\$ $,(GnuPGTest)\\\$ ,')" export HISTCONTROL=ignoreboth export HISTFILE=$(pwd)/.bash_history EOF exec bash --init-file setup-tests.ini --8<---cut here---end--->8--- That is a pretty conevient setup and allows to keep test around and easily switch to them. The pinentry is searched at $(gpgconf -L bindir)/pinentry In case you have a special setup you may put a gpg-agent.conf into $GNUPGHOME and use the pinentry-program option. "gpg -v" shou.d show which pinetry is launched, in case of problems, the gpg-agent.conf should show/log an error. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Finding all files encrypted with a certain key
On Tue, 24 Oct 2023 11:38, Felix E. Klee said: > For the purpose of re-encryption with a new key, I’d like to find all > files that are encrypted with my key BEF6EFD38FE8DCA0. All encrypted > files, independent of key, have the extension `.gpg`. > > How do I do that for a massive directory tree? AMybe something like this encrypted-to-me-p.sh --8<---cut here---start->8--- #/bin/sh gpg -d --status-fd 1 -o /dev/null 2>/dev/null "$1" | awk ' $1=="[GNUPG:]" && $2=="ENC_TO" && $3=="BEF6EFD38FE8DCA0" {print $1; exit 0}' --8<---cut here---end--->8--- find /foo -type f -name '*.gpg' -print0 | xargs -0 -n1 encrypted-to-me-p.sh Best done with a keyring which does not hold any keys. Does not catch files which have hidden recipients. Note that you need to test for the subkey because that is the only information available in the encrypted files. Using --list-packets or pgpdump might be better but those have no stable API. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: libgcrypt 1.10.2 compile on AIX POWER
On Mon, 16 Oct 2023 15:25, Frank Lindner said: > Changing this back to cc/xlC did throw the well know issue of 'keyword > inline unknown'. I am not aware of that problem. We are Libgcrypt and the entire GnuPG suite on AIX for decades. The configure script should detect whether inline is supported by the compiler. I also wonder why and from where did you tool all the compiler options. How did you invoked configure and make? Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can preferred order of decryption keys be specified?
On Sat, 14 Oct 2023 12:06, Martin Jambor said: > Is there a way to specify a preferred decryption key (that is different > from the default signing key)? Although we meanwhile have a way to set preferences for ssh keys [1] we don't have this for decryption keys. :-( > Incidentally, does anybody know how to convince emacs EasyPG to pass > --no-throw-keyids to GPG? :-) Elisp is easy to modify ;-). One other idea: Replace the throw-keyid in gpg.conf by --8<---cut here---start->8--- [getenv no_throw_keyid NO_THROW_KEYID] [if $no_throw_keyid -z ] throw-keyid [fi] --8<---cut here---end--->8--- and then have Emacs to set the NO_THROW_KEYID envvar to 1 or so. Shalom-Salam, Werner [1] In the respective .key file you may put this name/value: *** Use-for-ssh If given and the value is "yes" or "1" the key is allowed for use by gpg-agent's ssh-agent implementation. This is thus the same as putting the keygrip into the 'sshcontrol' file. Only one such item should exist. If another non-zero value between 1 and 9 is used, this is taken to establish the order in which the keys are returned to ssh; lower numbers are returned first. If a negative value is used this overrides currently active (inserted) cards and thus allows to prefer on-disk keys over inserted cards. A value of -1 has the highest priority; values are capped at -999 and have a lower priority but still above the positive values, inserted cards or the order in sshcontrol. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Building GnuPG – libassuan version
Hi Falko, On Wed, 11 Oct 2023 09:08, Falko Strenzke said: > I see now that even https://github.com/gpg/libassuan/tree/libassuan-3.0-base > is identifying itself as version "2.5.6-beta1" via its config binary. So I > wonder how I can have working version of libassuan for current GnuPG master. I am travelling, so only a short reply. Please do not use the github mirror - I am not sure whether it is always up to date. Better use the https://dev.gnupg.org mirror or just the plain git:// mirror. You should simply checkout "master" and not a specific tag. Current development goes into master and at least for me it works. Current HEAD is at 16b6b7753229a41fb3b4bf77d34873db8f3cb682. You need to get the latest libassuan master, build and install it and also the latest libgpg-error. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: (No Subject)
Hi! On Wed, 4 Oct 2023 20:37, soil said: > i'd like to sign a public key that i'm keen to send emails to, but i'm > only given the option to sign with the 1st private key i set up. but In case you are using the command line this is easy: gpg -u YOURKEYID --quick-sign-key FINGERPRINT_OF_KEY_TO_SIGN You may also use gpg -u YOURKEYID --edit-key FINGERPRINT_OR_USERID_OF_KEY_TO_SIGN If you are using a GUI (e.g. Kleopatra) you will have a drop down box to select the signing key. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unhelpful error message while attempting to generate key pair
On Thu, 14 Sep 2023 14:33, Alan Mackenzie said: > But I'd like to apologise for the tone of my first post, which came out No problem, my tone is also often pretty rude. > Yes, it was my pinentry, which had been set up to use gnome3. I was Actually a pinentry should fallback to curses if DISPLAY is not set. But the pinentry-gnome3 (?) has some special features and I doubt that anyone looked at it for a long time. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unhelpful error message while attempting to generate key pair
On Wed, 13 Sep 2023 20:48, Alan Mackenzie said: > I type > > $ gpg --gen-key Use gpg -v --gen-key to see more warning. > agent_genkey failed: Timeout Look like a problem with your pinentry. Did it show up on another screen? The "-v" should tell you which pinentry was invoked; share that with us for help. Next debug level would be gpg -v --debug ipc --gen-key but I don't think you need this. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: All CPU threads
On Mon, 11 Sep 2023 22:29, Jacob Bachmeyer said: > So using threads to compute a blinded RSA operation would just about > recover the computational cost of blinding the calculation? How would No. I gave this as an example where you could else see on how to speed up things. For example if you do not need to mitigate local side-channel attacks. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Failed to export secret key
Hi, so everthing looks okay. What I would now do is to strace pinentry; Here is a wpinentry wrapper I have used in the past. --8<---cut here---start->8--- #!/bin/sh MYPINENTRY="/usr/local/bin/pinentry-qt" locale >/tmp/pinentry.err set >>/tmp/pinentry.err exec strace -o /tmp/pinentry.trc -e read=0 $MYPINENTRY -v -d "$@" 2>>/tmp/pinentry.err #exec valgrind $MYPINENTRY -d "$@" 2>>/tmp/pinentry.err --8<---cut here---end--->8--- Adjust to your needs and put pinentry-program /home/foo/bin/pinentry-wrapper into gpg-agent.conf. gpgconf --kill gpg-agent and try again. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: All CPU threads
Hi! Thanks Rob for your comments. Here are some additional points: On Sat, 9 Sep 2023 22:07, Robert J. Hansen said: > and for the vast majority of users isn't worth it. The easy wins (28% > cost savings on RSA encryption! Whee, almost half a millisecond!) are The blinding we use for RSA (to mitigate side-channel attacks) should be in the same range as these wins. I bet that by adding threads to the computation you will open another can of side-channel attacks. > performance. I'm sure that if and when the next RFC is officially > released, there will be interest in getting parallelization support OCB mode is already used and deployed for years. With a decent Libgcrypt (1.10) I get these figures for the old (CFB) and the new mode (OCB) AES256 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz CFB enc | 0.691 ns/B 1379 MiB/s 5.14 c/B 7440±1 CFB dec | 0.064 ns/B 14959 MiB/s 0.470 c/B 7372±2 OCB enc | 0.070 ns/B 13547 MiB/s 0.522 c/B 7415±2 OCB dec | 0.071 ns/B 13451 MiB/s 0.520 c/B 7336±3 These values are for the low level crypto routines. In reality we also do a SHA-1 hashing in addition to CFB which makes it even slower. OTOH. the protocol requires buffering and the way gpg implements things has a large impact on the performance. Fortunately, Jussi Kivilinna also worked on gpg's buffering and gained a lot of extra speed: * gpg: Threefold decryption speedup for large files. https://dev.gnupg.org/rGab177eed51 (For the old CFB mode) * gpg: Nearly double the AES256.OCB encryption speed. https://dev.gnupg.org/rG99e2c178c7 Thus in 2.4 we get this for symmetric encryption of a 4 GiB file from RAM to /dev/null on a Ryzen5800X: AES256.CFB encryption 1.3 GiB/s AES256.OCB encryption 4.2 GiB/s FWIW there are also improvements in signature verification: * gpg: Up to five times faster verification of detached signatures. Doubled detached signing speed. https://dev.gnupg.org/rG4e27b9defc https://dev.gnupg.org/rGf8943ce098 YMMV depending on what kind of data you encrypt, whether signing and compression comes into the game. Compression is a major performance hog - feeding gpg from a (threaded) bzip2 and using -z0 will in general give better performance than the using the internal compressor code. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Failed to export secret key
On Fri, 8 Sep 2023 13:49, Alexander Leidinger said: > default-yes=_Yes > 2023-09-08 13:37:53 gpg-agent[94491] DBG: chan_9 <- ERR 83886254 > Unknown option Don't care about this error. It is shown but ignored. Future Pinentries might want to implement a yes button and gpg provides the translation here. > 2023-09-08 13:37:54 gpg-agent[94491] DBG: error calling pinentry: > Operation cancelled You clicked on CANCEL or closed the window. > gpg: key 89DE8BFC8A2A81F8C9BD2F7940C7373A4DE34E7C: asking agent for > the secret parts [...] > gpg: key 89DE8BFC8A2A81F8C9BD2F7940C7373A4DE34E7C: error receiving key > from agent: Operation cancelled - skipped You canceled, gpg-agent could not unprotect the key and and thus you get the error code. Given that you said it worked in loopback mode - I assume the pinentry is broken and returns Cancel due to other reasons. Did you GPG=$(tty) export GPG_TTY in your target's bashrc etc? The simple tty pinentry is used and it needs to know its tty - is /dev/pts/5 the correct one? Try running pinentry on the target directly: $ pinentry getpin should show the prompt. Does it - if not, strace the process etc. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Failed to export secret key
On Mon, 4 Sep 2023 19:45, Alexander Leidinger said: > If I specify --pinentry-mode loopback it works. Shouldn't this also > work without this option? If yes, what's wrong or how to debug this Sure, this shall work. You may want to add --8<---cut here---start->8--- debug ipc debug-pinentry log-file /some/file --8<---cut here---end--->8--- to gpg-agent.conf, restart the agent and check the log file. Reminder: In case of any problems, please try invoking gpg with --verbose (or -v). You will see more diagnostics. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users