From wk at gnupg.org Sun Aug 1 12:24:41 2010 From: wk at gnupg.org (Werner Koch) Date: Sun, 01 Aug 2010 12:24:41 +0200 Subject: Terminating and reactivating an OpenPGPCard and/or CryptoStick In-Reply-To: (Peter Koch's message of "Fri, 30 Jul 2010 18:18:28 +0200") References: <8739v1pif2.fsf@vigenere.g10code.de> Message-ID: <87y6cqmxzq.fsf@vigenere.g10code.de> On Fri, 30 Jul 2010 18:18, pk at opensc-project.org said: > The reason is simple. My ATR is > > 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:c5:73:c0:01:40:00:90:00:0c Thus the ATR is wrong. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From cryptostick at privacyfoundation.de Sun Aug 1 17:02:12 2010 From: cryptostick at privacyfoundation.de (Crypto Stick) Date: Sun, 01 Aug 2010 23:02:12 +0800 Subject: GnuPG package: UDEV rule for smart card reader Message-ID: <4C558C74.3070305@privacyfoundation.de> Hi! We developed the Crypto Stick which is an USB smart card reader stick containing the OpenPGP Card. For instance to use GnuPG on Ubuntu directly with the Crypto Stick the user needs to run gnupg as root to be able to access the stick's usb device node under /dev/bus/usb. As a workaround we supply the following udev rule. It gives underprivileged users permissions to access the device node: ATTR{idVendor}=="20a0", ATTR{idProduct}=="4107", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" I understand that the already available UDEV rules of the gnupg package on Ubuntu are not part of the "vanilla" GnuPG but added by package maintainer. To achieve out-of-the box support, so that users do not need to install additional software or modify configuration, I would like to know how to get the appropriate configuration (e.g. UDEV rule) into GnuPG packages of diverse distributions? Instead of writing ot every package maintainer separately I hope this mailing list is the right audience. Cheers Jan From bernhard at intevation.de Mon Aug 2 22:14:54 2010 From: bernhard at intevation.de (Bernhard Reiter) Date: Mon, 2 Aug 2010 22:14:54 +0200 Subject: S/MIME revocation lists signed by different CA? Message-ID: <201008022215.10388.bernhard@intevation.de> Today I saw dirmngr 1.0.4-svn319 accept a certificate where the certificateRevocationList has been issued by a different CA which is not identical to the issuer of the certificate itself. User A Cert, Issued by CA A, CRL issued by CA B CA A by Root A and CA B by Root B both roots are trusted, somehow I still would expect dirmngr to reject the A certificate because the CRL was not signed by CA A, the same authority that issued it. Okay, I am trusting Root B, but maybe not for revoking other certificates. Otherwise if an attacker could redirect my CRL request and it is an advantage for them that the checking is not that strict. With OCSP that might be different when I define a trusted host that could verify all CAs. -- Managing Director - Owner: www.intevation.net (Free Software Company) Deputy Germany Coordinator: fsfeurope.org. Coordinator: Kolab-Konsortium.com. Intevation GmbH, Neuer Graben 17, Osnabr?ck, DE; AG Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From pioto at pioto.org Tue Aug 3 01:07:35 2010 From: pioto at pioto.org (Mike Kelly) Date: Mon, 2 Aug 2010 19:07:35 -0400 Subject: pinentry hangs in read() Message-ID: <20100802230735.GA26298@everglades.pioto.org> (This was originally reported as issue 1199[1], but I was referred to this list instead). Pinentry seems to always hang for me, when invoked by keychain[2] in my .bash_profile. Keychain seems to be invoking pinentry indirectly by doing: gpg --no-options --use-agent --no-tty --sign --local-user "$k" -o- >/dev/null 2>&1 where $k is the name of my gpg key. It seems to be hanging while doing a read. If I kill -9 the process (a regular SIGTERM doesn't work), then a new pinentry starts, and this time it actually displays the dialog. I am using gnupg-2.0.14, pinentry-0.8.0, and keychain-2.6.8. A full backtrace of the hanging process is attached. [1] https://bugs.g10code.com/gnupg/issue1199 [2] http://agriffis.n01se.net/keychain/ -- Mike Kelly -------------- next part -------------- (gdb) thread apply all bt full Thread 1 (process 24814): #0 0x00007fcd8aa9f2e0 in __read_nocancel () from /lib/libc.so.6 No symbol table info available. #1 0x00007fcd8ad4af4a in _nc_wgetch () from /lib/libncurses.so.5 No symbol table info available. #2 0x00007fcd8ad4b667 in wgetch () from /lib/libncurses.so.5 No symbol table info available. #3 0x00000000004125ec in dialog_run (pinentry=0x6181c0, tty_name=, tty_type=) at pinentry-curses.c:700 c = -512 diag = {pos = DIALOG_POS_PIN, pin_y = 14, pin_x = 16, pin_size = 58, pin_loc = 0, pin = 0x7fcd8d5f7188 "", pin_max = 2048, pin_len = 0, ok_y = 16, ok_x = 14, ok = 0x19dfe40 "", cancel_y = 16, cancel_x = 59, cancel = 0x19dfe60 "", notok_y = 0, notok_x = 0, notok = 0x0} ttyfi = 0x0 ttyfo = 0x0 screen = 0x0 done = pin_utf8 = #4 0x0000000000413219 in curses_cmd_handler (pinentry=0x0) at pinentry-curses.c:869 rc = #5 0x000000000040defe in cmd_getpin (ctx=0x7fcd8d5f6008, line=) at pinentry.c:872 result = 83918934 set_prompt = 0 #6 0x00000000004106d1 in dispatch_command (ctx=0x7fcd8d5f6008) at assuan-handler.c:435 s = 0x415008 "NOP" i = -1963461760 #7 process_request (ctx=0x7fcd8d5f6008) at assuan-handler.c:458 rc = #8 0x00000000004109b0 in assuan_process (ctx=0x7fcd8d5f6008) at assuan-handler.c:526 rc = #9 0x000000000040d865 in pinentry_loop () at pinentry.c:1089 rc = filedes = {0, 1} ctx = 0x7fcd8d5f6008 #10 0x0000000000408022 in main (argc=1, argv=0x7fff00fb1628) at pinentry-gtk-2.c:571 secure_mem = {malloc = 0x40d5f0 , realloc = 0x40d640 , free = 0x40d5b0 , calloc = 0, try_malloc = 0, try_realloc = 0} From sci-fi at hush.ai Tue Aug 3 12:25:18 2010 From: sci-fi at hush.ai (SciFi) Date: Tue, 3 Aug 2010 10:25:18 +0000 (UTC) Subject: MacOSX: I'm having several build problems with gnupgp-2.0.16 + SVN. Message-ID: Hi, I've been having several build problems on my MacOSX 10.5.8, which is an iMac C2D, i386-apple-darwin9.8.0. I tried 'stable' gnupg-2.0.16, then got the SVN versions (and prereqs there), giving me the same grief. ;) With the SVN version, I first saw this problem: >>>> [?] gcc-4.2 -I/usr/local/include -I/usr/local/include -I/usr/local/include -fast -mtune=core2 -march=core2 -force_cpusubtype_ALL -arch i386 -O3 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-security -W -Wno-sign-compare -Wno-missing-field-initializers -Wdeclaration-after-statement -Wno-pointer-sign -Wpointer-arith -fast -mtune=core2 -march=core2 -force_cpusubtype_ALL -arch i386 -o gpg2 gpg.o server.o build-packet.o compress.o compress-bz2.o free-packet.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o rmd160.o openfile.o keyid.o parse-packet.o cpr.o plaintext.o sig-check.o keylist.o pkglue.o pkclist.o skclist.o pubkey-enc.o passphrase.o seckey-cert.o decrypt.o decrypt-data.o cipher.o encrypt.o sign.o verify.o revoke.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdbio.o delkey.o keygen.o helptext.o keyserver.o photoid.o call-agent.o card-util.o exec.o ../common/libcommon.a ../gl/libgnu.a ../common/libgpgrl.a -lz -lbz2 -lreadline -L/usr/local/lib -lintl -liconv -lc -Wl,-framework -Wl,CoreFoundation -L/usr/local/lib -lgcrypt -lgpg-error -lassuan -L/usr/local/lib -lgpg-error -L/usr/local/lib -lgpg-error -L/usr/local/lib -liconv -L/usr/local/ssl/lib -L/usr/local/lib/libquicktime -L/usr/local/lib -L/usr/X11/lib -L/usr/lib ld: duplicate symbol _iobuf_debug_mode in server.o and gpg.o collect2: ld returned 1 exit status make[2]: *** [gpg2] Error 1 make[2]: Leaving directory `/Volumes/Big1500Doing/Projects/gnupg_svn/g10' [?] <<<< And fixed it with this quicky patch: >>>> --- ./common/iobuf.h_orig 2010-08-03 02:40:56 -0500 +++ ./common/iobuf.h 2010-08-03 03:56:38 -0500 @@ -24,8 +24,6 @@ #include "../include/types.h" /* fixme: should be moved elsewhere. */ #include "../common/sysutils.h" -#define DBG_IOBUF iobuf_debug_mode - /* Filter control modes. */ #define IOBUFCTRL_INIT 1 #define IOBUFCTRL_FREE 2 @@ -84,7 +82,7 @@ }; #ifndef EXTERN_UNLESS_MAIN_MODULE -#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) +#if !defined (INCLUDED_BY_MAIN_MODULE) #define EXTERN_UNLESS_MAIN_MODULE extern #else #define EXTERN_UNLESS_MAIN_MODULE @@ -92,6 +90,8 @@ #endif EXTERN_UNLESS_MAIN_MODULE int iobuf_debug_mode; +#define DBG_IOBUF iobuf_debug_mode + void iobuf_enable_special_filenames (int yes); int iobuf_is_pipe_filename (const char *fname); iobuf_t iobuf_alloc (int use, size_t bufsize); <<<< i.e. Darwin might seem to have the same bug on this as riscos, so I just eliminated that part of the test altogether. ;) ? I just happened to spot this similar coding trick in ./g10/options.sh, so I went with a similar patch here: >>>> --- ./g10/options.h_orig 2010-08-03 02:40:55 -0500 +++ ./g10/options.h 2010-08-03 03:56:44 -0500 @@ -28,7 +28,7 @@ #ifndef EXTERN_UNLESS_MAIN_MODULE /* Norcraft can't cope with common symbols */ -#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) +#if !defined (INCLUDED_BY_MAIN_MODULE) #define EXTERN_UNLESS_MAIN_MODULE extern #else #define EXTERN_UNLESS_MAIN_MODULE <<<< ? Now I am stuck with a similar yet more obstinate problem. I can't figure out what to do with the big struct called 'opt' as it is defined in the header ./sm/gpgsm.h: >>>> [?] gcc-4.2 -I/usr/local/include -I/usr/local/include -I/usr/local/include -fast -mtune=core2 -march=core2 -force_cpusubtype_ALL -arch i386 -O3 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-security -W -Wno-sign-compare -Wno-missing-field-initializers -Wdeclaration-after-statement -Wno-pointer-sign -Wpointer-arith -fast -mtune=core2 -march=core2 -force_cpusubtype_ALL -arch i386 -o gpgsm gpgsm.o misc.o keydb.o server.o call-agent.o call-dirmngr.o fingerprint.o base64.o certlist.o certdump.o certcheck.o certchain.o keylist.o verify.o sign.o encrypt.o decrypt.o import.o export.o delete.o certreqgen.o certreqgen-ui.o minip12.o qualified.o ../kbx/libkeybox.a ../common/libcommon.a ../gl/libgnu.a ../common/libgpgrl.a -L/usr/local/lib -lgcrypt -lgpg-error -L/usr/local/lib -lksba -lgpg-error -lassuan -L/usr/local/lib -lgpg-error -L/usr/local/lib -lgpg-error -lreadline -L/usr/local/lib -lintl -liconv -lc -Wl,-framework -Wl,CoreFoundation -lz -lbz2 -L/usr/local/lib -liconv -L/usr/local/ssl/lib -L/usr/local/lib/libquicktime -L/usr/local/lib -L/usr/X11/lib -L/usr/lib ld: duplicate symbol _opt in misc.o and gpgsm.o collect2: ld returned 1 exit status make[2]: *** [gpgsm] Error 1 make[2]: Leaving directory `/Volumes/Big1500Doing/Projects/gnupg_svn/sm' [?] <<<< Both modules do call for the same ./sm/gpgsm.h, which defines the struct 'opt' starting at line 52 thru 143. I don't remember if C can have a "extern struct ?" type modifier, else I could whip up a similar patch as above. But which module would be the NON-extern definer? Thanks for any help at all. From wk at gnupg.org Wed Aug 4 10:50:08 2010 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Aug 2010 10:50:08 +0200 Subject: S/MIME revocation lists signed by different CA? In-Reply-To: <201008022215.10388.bernhard@intevation.de> (Bernhard Reiter's message of "Mon, 2 Aug 2010 22:14:54 +0200") References: <201008022215.10388.bernhard@intevation.de> Message-ID: <87mxt24v9b.fsf@gnupg.org> On Mon, 2 Aug 2010 22:14, bernhard at intevation.de said: > both roots are trusted, somehow I still would expect > dirmngr to reject the A certificate because the CRL > was not signed by CA A, the same authority that issued it. The whole X.509 system has deployed today does not use a single root CA, as it was designed to, but the IUCC [1] system where all root certificates you trust make up one giant virtual single root CA. Thus it doesn't matter which root CA issued the CRL. Of course we could check that a specific CRL has been signed by a CA which ultimately is anchored at the root CA which issued the certificate you want to check with the CRL. This would be another exception to the complicated X.509 system but of course doable. I doubt that this is really useful. What is the threat model? Another CA would be able to revoke a certificate - Is that actually more harmful than this other CRL issuing a fake certificate? I doubt that. IIRC, I once noticed a legitimate certificate which pointed to a CRL which was ultimately certified by a different root CA. Exactly the case you described - do you want to break those certificates? Salam-Shalom, Werner [1] Implicy Universal Cross-Certification -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From lists at lina.inka.de Wed Aug 4 22:05:50 2010 From: lists at lina.inka.de (Bernd Eckenfels) Date: Wed, 4 Aug 2010 22:05:50 +0200 Subject: S/MIME revocation lists signed by different CA? In-Reply-To: <87mxt24v9b.fsf@gnupg.org> References: <201008022215.10388.bernhard@intevation.de> <87mxt24v9b.fsf@gnupg.org> Message-ID: <20100804200550.GA23932@lina.inka.de> On Wed, Aug 04, 2010 at 10:50:08AM +0200, Werner Koch wrote: > really useful. What is the threat model? Another CA would be able to > revoke a certificate - Is that actually more harmful than this other CRL > issuing a fake certificate? I doubt that. The other problem is, that the CA can issue an empty CRL and effectively re-activating already revoked certs. Its as unlikely. Gruss Bernd From wk at gnupg.org Thu Aug 5 11:01:00 2010 From: wk at gnupg.org (Werner Koch) Date: Thu, 05 Aug 2010 11:01:00 +0200 Subject: S/MIME revocation lists signed by different CA? In-Reply-To: <20100804200550.GA23932@lina.inka.de> (Bernd Eckenfels's message of "Wed, 4 Aug 2010 22:05:50 +0200") References: <201008022215.10388.bernhard@intevation.de> <87mxt24v9b.fsf@gnupg.org> <20100804200550.GA23932@lina.inka.de> Message-ID: <87zkx13037.fsf@vigenere.g10code.de> On Wed, 4 Aug 2010 22:05, lists at lina.inka.de said: > The other problem is, that the CA can issue an empty CRL and effectively > re-activating already revoked certs. Its as unlikely. Let me also point to the current discussion on cryptography@, for example http://www.mail-archive.com/cryptography at metzdowd.com/msg11467.html Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From bernhard at intevation.de Thu Aug 5 11:27:00 2010 From: bernhard at intevation.de (Bernhard Reiter) Date: Thu, 5 Aug 2010 11:27:00 +0200 Subject: S/MIME revocation lists signed by different CA? In-Reply-To: <87mxt24v9b.fsf@gnupg.org> References: <201008022215.10388.bernhard@intevation.de> <87mxt24v9b.fsf@gnupg.org> Message-ID: <201008051127.03886.bernhard@intevation.de> Am Mittwoch, 4. August 2010 10:50:08 schrieb Werner Koch: > On Mon, 2 Aug 2010 22:14, bernhard at intevation.de said: > > both roots are trusted, somehow I still would expect > > dirmngr to reject the A certificate because the CRL > > was not signed by CA A, the same authority that issued it. > > The whole X.509 system has deployed today does not use a single root CA, > as it was designed to, but the IUCC [1] system where all root > certificates you trust make up one giant virtual single root CA. > [1] Implicy Universal Cross-Certification Is that IUCC a widespead term? I have not found more information about it. One minor assumption I would make is that the cross trust between the roots and their respective certification trees is a bit less than within one tree alone. If this is assumption is not made so far, it looks like a sensible and useful assumption to me. > Thus it doesn't matter which root CA issued the CRL. > > Of course we could check that a specific CRL has been signed by a CA > which ultimately is anchored at the root CA which issued the certificate > you want to check with the CRL. This would be another exception to the > complicated X.509 system but of course doable. I doubt that this is > really useful. What is the threat model? Another CA would be able to > revoke a certificate - Is that actually more harmful than this other CRL > issuing a fake certificate? I doubt that. Okay, we have two thread models so far a) revoke valid certificates and render services unavailable based on them b) resurrected revoked certificates (as Bernd Eckenfels pointed out) which might make services attackable if certificates were compromissed before. I believe there is value in both attacks. And they are quite likely to be performed even without compromising a different CA, if I am right about that there is no strong connection between the signed CRL and the CA itself now. (My openssl crl -text and openssl as1nparse output of a CRL did not show any indication that the CRL is signed for a specific CA as it is not contained. Am I right? Otherwise how is the connection made?) This would reduce the attack to finding any CRL with the right properties over all CRLs that the user already trusts. For b) it will be easy for a) there needs to be a serial number revoked that I need to attack (I am not absolutely sure, but I remember only the serial numbers to be listed). In a world with several root cas, there will be some serial number collisions and lots of CRLs without serial numbers I might be interested in. Then I just redirect the LDAP or HTTP request, e.g. by DNS manipulation to the other CRL. Attack done. Right now I cannot dive into the various X509 specs and profiles, but assuming some of them make sense I would expect either finding how to couple CRL and sigining CAs or not allowing other CAs to sign the CRLs. > IIRC, I once noticed a legitimate certificate which pointed to a CRL > which was ultimately certified by a different root CA. Exactly the > case you described - do you want to break those certificates? You only know if this a legitimate cert, if you trust the other root CA to make statements about it. (See my minor assumption above.) Best Regards, Bernhard -- Managing Director - Owner: www.intevation.net (Free Software Company) Deputy Coordinator Germany: fsfe.org. Board member: www.kolabsys.com. Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From snauberg at gmx.de Thu Aug 5 14:39:34 2010 From: snauberg at gmx.de (Simon Nauberg) Date: Thu, 05 Aug 2010 14:39:34 +0200 Subject: Questions about key generation and RNG Message-ID: <20100805123934.171040@gmx.net> Hi list. I'd have a few questions about key generation and the random number generator and would be happy if you could help me answering them: a) Is there any easy way to modify gnupg's sourcecode, so that - when creating a key or any signatures - the subpackages get that critical flag set mentioned in the standard for PGP? As far as I can see it is not directly supported by gnupg for end users but, pointing me to the right place(s) I should be able to patch this in myself. b) In the German Wikipedia, I've read the following quote: "Aus Performancegr?nden wird in der Praxis oft nur der Seed eines Pseudo-Zufallszahlengenerators von /dev/random gelesen (z. B. in OpenSSL, PGP und GnuPG)." (http://de.wikipedia.org/wiki//dev/random) Which means about, that only the seed of the PRNG from /dev/random would be used by gnupg. This sounds like a limitation, so what exactly does it mean? Is it that gnupg has it's own PRNG (if so which one? BBS? Yarrow?) and uses /dev/random just to seed that one? c) When creating keys (especially the asymmetric keys) a good entropy is very critical. Is there kind of a "how to" what one should do or avoid in order to gain "best possible" entropy for that? E.g. things like, not generating a directly after booting, producting a lot of valuable entropy (e.g. via keybord/mouse events) before. d) Should one use EGD rather than /dev/random (or whatever gnupg uses internally)? If so, why is it better? e) When creating keys with "highest demands"... it probably makes sense to use TRNGs, right? If so, does this still help if gnugp comes with its own PRNG and uses /dev/random just for seeding that (see (b) ). Is it suggested to use several TRNGs at once? Which TRNGS are suggested? I know about Simtecs EntropyKey (http://www.entropykey.co.uk/) and turbid (http://www.av8n.com/turbid/). Are there any others which can be bought or so? Should I use their programs to feed to kernel with entropy, or should I rather create a plain file with their random bits and feed it into /dev/random? f) Any other hints for key-generation? e.g. obscure tricks like changing the system-time, if that one is taken into account for the RNG. Or stuff like that? Regards, Simon. -- GRATIS f?r alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 From huebners at uni-potsdam.de Thu Aug 5 18:11:55 2010 From: huebners at uni-potsdam.de (=?ISO-8859-15?Q?Sebastian_H=FCbner?=) Date: Thu, 05 Aug 2010 18:11:55 +0200 Subject: gpgme_op_import_keys in gpgme 1.1.6 Message-ID: <4C5AE2CB.9080608@uni-potsdam.de> Hello everybody, I am using gpgme 1.1.6. This is the last stable package for debian "lenny". As far as I can tell, I can not use the function gpgme_op_import_keys() in this version of gpgme. (The function is mentioned in the reference manual for gpgme 1.2.0) How can I import keys from key a keyserver using gpgme 1.1.6? Is there any similar to gpgme_op_import_keys() or do I have to install gpgme 1.2. Thanks in advance, Sebastian From tomp at idirect.com Sun Aug 8 16:54:33 2010 From: tomp at idirect.com (Tom Pegios) Date: Sun, 08 Aug 2010 10:54:33 -0400 Subject: regarding [svn] w32pth - r43 - trunk Message-ID: <4C5EC529.2080103@idirect.com> Should configure.ac be changed to: "m4_define([my_version], [2.0.5])" or is this change still part of 2.0.4 ? Tom Pegios From wk at gnupg.org Mon Aug 9 09:19:57 2010 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Aug 2010 09:19:57 +0200 Subject: regarding [svn] w32pth - r43 - trunk In-Reply-To: <4C5EC529.2080103@idirect.com> (Tom Pegios's message of "Sun, 08 Aug 2010 10:54:33 -0400") References: <4C5EC529.2080103@idirect.com> Message-ID: <87ocdc1cde.fsf@vigenere.g10code.de> On Sun, 8 Aug 2010 16:54, tomp at idirect.com said: > Should configure.ac be changed to: "m4_define([my_version], [2.0.5])" Right, I should have changed this to 2.0.5 and set svn to yes. It is a bug fix, I'll do a new release asap. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Aug 9 18:36:38 2010 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Aug 2010 18:36:38 +0200 Subject: Logging via TCP Message-ID: <87d3tr2161.fsf@vigenere.g10code.de> Hi, On Windows, GnuPG is not able to log to local socket. This is a bit annoying thus I added logging via TCP to GnuPG trunk. The debugging method of writing log files has two shortcomings: It is not possible to easily see the interaction between the modules and if a process crashes the last lines of debug output are not saved to the file. To solve this problem GnuPG does now support logging to an arbitrary TCP address. This shall only be used for debugging as it might reveal sensitive information as no encryption is used. To enable this feature, put something like log-file tcp://192.168.42.17:4712 into the respective foo.conf file. Note that you must use an IP address. You may choose any port you like. Make sure that the host is reachable to avoid delays due to the long TCP timeouts. IPv6 is also supported but not tested; use something like tcp://[::1]:4712. There is no resolver code used to avoid extra dependency in the logging code. To view the logs you may use nc -lp 4712 but that has the drawback of only displaying one connection. It is better to use watchgnupg: watchgnupg --tcp 4712 To build this watchgnupg you may simply build trunk on a Posix platform or get gnupg/tools/watchgnupg.c and compile it standalone. watchgnupg has no ipv6 support, though. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From smujohnson at gmail.com Wed Aug 11 01:43:12 2010 From: smujohnson at gmail.com (smu johnson) Date: Tue, 10 Aug 2010 16:43:12 -0700 Subject: Q: Why doesn't --pgp2 warn you if you don't have IDEA Message-ID: Hi, My first post to this mailing list! Well, I was playing around with GnuPG and PGP 2.6.x today, and I'm curious as to why the option --pgp2 doesn't warn you if you do not have the IDEA algorithm setup for GnuPG. I understand the politics as to why IDEA is not included due to patent restrictions and complications, but that doesn't really explain why a warning isn't issued when GnuPG knows that your attempts to send messages to old PGP 2 users are a waste of time. Shouldn't a warning be issued (and maybe a link to the FAQ page for IDEA) to explain what is happening, instead of the end user finding out the hard-way that all his private messages encrypted with 3DES using --pgp2 are unintelligible to the recipient? Just my 2 cents... thank you for reading! -- smu johnson -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Wed Aug 11 03:56:10 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 10 Aug 2010 21:56:10 -0400 Subject: Q: Why doesn't --pgp2 warn you if you don't have IDEA In-Reply-To: References: Message-ID: <4C62033A.4030600@sixdemonbag.org> On 8/10/2010 7:43 PM, smu johnson wrote: > My first post to this mailing list! Welcome! This question *might* be better served for GnuPG-Users, BTW: it seems like the answer would be something general users would be interested in. Not that it's off-topic here or anything. :) > Well, I was playing around with GnuPG and PGP 2.6.x today, and I'm > curious as to why the option --pgp2 doesn't warn you if you do not have > the IDEA algorithm setup for GnuPG. Possibly. I am not a developer and do not claim to speak for them. I would speculate that RFC1991 conformance (PGP 2.6 compatibility) is such a low priority for them that they haven't bothered to do much with it. Speaking just for myself, given the choice between spending time on RFC4880 and RFC1991, I would much prefer 4880. :) From wk at gnupg.org Wed Aug 11 09:08:49 2010 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Aug 2010 09:08:49 +0200 Subject: Q: Why doesn't --pgp2 warn you if you don't have IDEA In-Reply-To: <4C62033A.4030600@sixdemonbag.org> (Robert J. Hansen's message of "Tue, 10 Aug 2010 21:56:10 -0400") References: <4C62033A.4030600@sixdemonbag.org> Message-ID: <871va5zkvy.fsf@vigenere.g10code.de> On Wed, 11 Aug 2010 03:56, rjh at sixdemonbag.org said: > Possibly. I am not a developer and do not claim to speak for them. I > would speculate that RFC1991 conformance (PGP 2.6 compatibility) is such Actually RFC1991 is not complete description of PGP 2.6 BTW, PGP2 is basically broken because it relies on the MD5 algorithm which is considered too weak now. Thus we won't bother to add any more compatiblity switch for PGP 2 into GnuPG. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From smujohnson at gmail.com Wed Aug 11 09:22:04 2010 From: smujohnson at gmail.com (smu johnson) Date: Wed, 11 Aug 2010 00:22:04 -0700 Subject: Q: Why doesn't --pgp2 warn you if you don't have IDEA In-Reply-To: <871va5zkvy.fsf@vigenere.g10code.de> References: <4C62033A.4030600@sixdemonbag.org> <871va5zkvy.fsf@vigenere.g10code.de> Message-ID: On Wed, Aug 11, 2010 at 12:08 AM, Werner Koch wrote: > On Wed, 11 Aug 2010 03:56, rjh at sixdemonbag.org said: > > > Possibly. I am not a developer and do not claim to speak for them. I > > would speculate that RFC1991 conformance (PGP 2.6 compatibility) is such > > Actually RFC1991 is not complete description of PGP 2.6 > > BTW, PGP2 is basically broken because it relies on the MD5 algorithm > which is considered too weak now. Thus we won't bother to add any more > compatiblity switch for PGP 2 into GnuPG. > > Yes, it's obviously not a the secure choice, but I don't think it's really necessary to remove the functionality. It already warns when using MD5 that it is insecure, and obviously MD5 is not going to be chosen by default by a new user. So what's the problem? Only someone using the expert switches would know what he's doing and be able to get GnuPG to use MD5, and still be prompted with the warning that it isn't a good idea. So the choice remains with the expert user. I had a lot of fun decrypting a message from GnuPG using PGP 2.6.3 at work today and it'd be a shame if this kind of fun geek stuff went away. Not only that, about a year or two ago, I sent an e-mail to a PGP 2.6.3i user and was pretty happy about it. It was something like a "message in a bottle" thing where you find an old public key and hope the recipient still has the private key. But being forced to dig up old DOS archives to find a 16-bit PGP 2.6.3 in a Windows x64 era because GnuPG removed the functionality seems like an unnecessary and huge headache to me. -------------- next part -------------- An HTML attachment was scrubbed... URL: From calestyo at scientia.net Wed Aug 11 16:26:40 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Wed, 11 Aug 2010 14:26:40 +0000 Subject: Questions about key generation and RNG Message-ID: Hi. I can only give you some hint for (A).... but your other questions sound interesting,... so maybe some expert here (Werner, David?) finds some time to shine some light upon them. Regarding A: I once played a bit around with signature subpackets,... and the following patch (on 1.4.10) should help you: diff -u -r old/g10/build-packet.c new/g10/build-packet.c --- old/g10/build-packet.c 2008-12-11 17:40:05.000000000 +0100 +++ new/g10/build-packet.c 2010-08-11 16:22:00.194301418 +0200 @@ -642,6 +642,11 @@ critical = (type & SIGSUBPKT_FLAG_CRITICAL); type &= ~SIGSUBPKT_FLAG_CRITICAL; + /* SIGSUBPKTs are defined in .../g10/packet.h */ + /* Select the types you want to set critical... */ + if(type = SIGSUBPKT_SIG_CREATED) + critical = 1; + /* Sanity check buffer sizes */ if(parse_one_sig_subpkt(buffer,buflen,type)<0) BUG(); If you need this for more than just playing around... PLEASE ask one of the developers (e.g. Werner Koch or David Shaw) for a short confirmation, whether this is really secure. Happy hacking, Chris. From calestyo at scientia.net Wed Aug 11 16:46:51 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Wed, 11 Aug 2010 14:46:51 +0000 Subject: Questions about key generation and RNG In-Reply-To: References: Message-ID: <4d1402938dcb40c7e0db024e3de6014e@imap.dd24.net> btw: I've we're already asking questions about the RNG... I'd have also one since some time now: I once tried to understand the code ( ^^ )... and when I create a key (--gen-key)... gpg seems to call rndlinux_gather_random (on systems having /dev/random) in order to get it's entropy, right? Now when the level parameter is <= 2 (IIRC) than urandom is used instead of /dev/random. It seems that during key generation both happens, and at least once it is called with level=0. Why? And does this have any negative security impact? Thanks, Chris. From buanzo at buanzo.com.ar Wed Aug 11 17:24:43 2010 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Wed, 11 Aug 2010 12:24:43 -0300 Subject: GPGME: keylist grouped by trust Message-ID: <4C62C0BB.1070803@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi! I'm wondering what the correct way would be to get gpg --list-keys data but grouped by trust? Just get the data, and do the ordering internally, or is there some sort of GPGME compliant way? Tks! - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - OWASP - SANS - OISSG . http://www.buanzo.com.ar/pro/eng.html ..: http://www.cervezacicuta.com.ar - "LA" Cerveza Artesanal de Villa Bosch -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkxiwLsACgkQAlpOsGhXcE1R7ACdFUkMt/5u8IqcBIEAbRAbxJsc FsMAn0Z/dOPREoHRVzmhKDfwYr9Nps6N =Ob5l -----END PGP SIGNATURE----- From wk at gnupg.org Wed Aug 11 20:03:03 2010 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Aug 2010 20:03:03 +0200 Subject: Questions about key generation and RNG In-Reply-To: <4d1402938dcb40c7e0db024e3de6014e@imap.dd24.net> (Christoph Anton Mitterer's message of "Wed, 11 Aug 2010 14:46:51 +0000") References: <4d1402938dcb40c7e0db024e3de6014e@imap.dd24.net> Message-ID: <874of1xc14.fsf@vigenere.g10code.de> On Wed, 11 Aug 2010 16:46, calestyo at scientia.net said: > It seems that during key generation both happens, and at least once it is > called with level=0. > > Why? And does this have any negative security impact? GCRY_WEAK_RANDOM = 0, GCRY_STRONG_RANDOM = 1, GCRY_VERY_STRONG_RANDOM = 2 Nowadays GCRY_WEAK_RANDOM is an alias for GCRY_STRONG_RANDOM because it is better to explictily use gcry_create_nonce if you need "weak" random numbers. In any case GCRY_WEAK_RANDOM is used during key generation to create test vectors for the self-test; there are no security problems with that. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Aug 11 20:03:50 2010 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Aug 2010 20:03:50 +0200 Subject: GPGME: keylist grouped by trust In-Reply-To: <4C62C0BB.1070803@buanzo.com.ar> (Arturo Busleiman's message of "Wed, 11 Aug 2010 12:24:43 -0300") References: <4C62C0BB.1070803@buanzo.com.ar> Message-ID: <87zkwtvxfd.fsf@vigenere.g10code.de> On Wed, 11 Aug 2010 17:24, buanzo at buanzo.com.ar said: > I'm wondering what the correct way would be to get gpg --list-keys data but grouped by trust? > > Just get the data, and do the ordering internally, or is there some sort of GPGME compliant way? There is no sorting feature in GPGME, thus you need to do it yourself. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From buanzo at buanzo.com.ar Wed Aug 11 20:22:33 2010 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Wed, 11 Aug 2010 15:22:33 -0300 Subject: GPGME: keylist grouped by trust In-Reply-To: <87zkwtvxfd.fsf@vigenere.g10code.de> References: <4C62C0BB.1070803@buanzo.com.ar> <87zkwtvxfd.fsf@vigenere.g10code.de> Message-ID: <4C62EA69.1010206@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/11/2010 03:03 PM, Werner Koch wrote: > There is no sorting feature in GPGME, thus you need to do it yourself. Thank you for the confirmation, Werner! - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - OWASP - SANS - OISSG . http://www.buanzo.com.ar/pro/eng.html ..: http://www.cervezacicuta.com.ar - "LA" Cerveza Artesanal de Villa Bosch -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkxi6mYACgkQAlpOsGhXcE22xgCfZ8kMGQLp1ZyqNpABgV8oqFhl YkcAnRNez1q8oY83Secy0ySKP7Vgdhlc =aEUf -----END PGP SIGNATURE----- From calestyo at scientia.net Sun Aug 15 14:47:48 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Sun, 15 Aug 2010 14:47:48 +0200 Subject: PATCH 1/4: documentation/RFC cleanups Message-ID: <1281876468.3284.108.camel@fermat.scientia.net> Hi. Attached is a patch, which would do about the following: - In all comments and documentation, try to apply the following schemas: RFCs are written as "RFC XXXX", currently we have things like rfcxxxx, rfc-xxxx, rfc xxxx etc. PGP is written as "PGP [optionally a version], currently we have a mix of pgp, PGP, pgp2, and similar (I tried to not accidentally change any code parts like options (--pgp2, --rfc2400) or constants or that like. I generally did not touch and localised stuff. The following changes were not applied to Changelogs or NEWS (the above schema changes however were): - RFC 822 is obsolete and superseeded by RFC 5322 - In some places, replaced the rfc2440bis* or similar, by RFC 4880 - Replaces some minor typos or errors like there was once RFC 1990 instead of 1991. - Removed documentation which does not longer apply obviously (e.g. the annotated rfc2440.txt seems to be gone) - When RFC 1991 or RFC 2440 did not specifically mean those versions (e.g. an outdated feature or so), I've replaced it with RFC 4880. If a section was given, I've applied that to the according section in 4880. - At some places (where I found it) changed the section style to what is used in the RFC itself (i.e. "x.x.x." instead of "x.x.x"). Cherry-pick what you like, and _please_ double-check everything!!! ;) Ah.. the patch is for 1.4.10.... I guess it's not easily possibly to adapt that to 2.x? If you'd like I could do the same work for 2.x One more thing: on gnupg.org you have EGD included... a) 0.8 seems to be outdated, there's a 0.9 available. b) Somewhere you like to the old upstream site, which has been moved now to: http://egd.sourceforge.net/ Could you adapt that please? Thanks, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cleanups1.patch Type: text/x-patch Size: 18728 bytes Desc: not available URL: From calestyo at scientia.net Sun Aug 15 14:52:24 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Sun, 15 Aug 2010 14:52:24 +0200 Subject: PATCH 2/4: documentation/RFC cleanups In-Reply-To: <1281876468.3284.108.camel@fermat.scientia.net> References: <1281876468.3284.108.camel@fermat.scientia.net> Message-ID: <1281876744.3284.114.camel@fermat.scientia.net> (part2) -------------- next part -------------- A non-text attachment was scrubbed... Name: cleanups2.patch Type: text/x-patch Size: 21214 bytes Desc: not available URL: From calestyo at scientia.net Sun Aug 15 14:52:30 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Sun, 15 Aug 2010 14:52:30 +0200 Subject: PATCH 3/4: documentation/RFC cleanups In-Reply-To: <1281876468.3284.108.camel@fermat.scientia.net> References: <1281876468.3284.108.camel@fermat.scientia.net> Message-ID: <1281876750.3284.115.camel@fermat.scientia.net> (part3) -------------- next part -------------- A non-text attachment was scrubbed... Name: cleanups3.patch Type: text/x-patch Size: 16338 bytes Desc: not available URL: From calestyo at scientia.net Sun Aug 15 14:52:35 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Sun, 15 Aug 2010 14:52:35 +0200 Subject: PATCH 4/4: documentation/RFC cleanups In-Reply-To: <1281876468.3284.108.camel@fermat.scientia.net> References: <1281876468.3284.108.camel@fermat.scientia.net> Message-ID: <1281876755.3284.116.camel@fermat.scientia.net> (part4) -------------- next part -------------- A non-text attachment was scrubbed... Name: cleanups4.patch Type: text/x-patch Size: 22933 bytes Desc: not available URL: From bernhard at intevation.de Mon Aug 16 17:46:28 2010 From: bernhard at intevation.de (Bernhard Reiter) Date: Mon, 16 Aug 2010 17:46:28 +0200 Subject: AGP on Android Message-ID: <201008161746.33109.bernhard@intevation.de> On Android there is something called android-privacy-guard, AGP. http://www.thialfihar.org/projects/apg http://code.google.com/p/android-privacy-guard/ useful for the key management and gui stuff I guess, also they integrate deprecated non-MIME OpenPGP signing and encryption to k9mail. (http://code.google.com/p/k9mail/wiki/ReleaseNotes) Looks like they are using the Bounty Castle Crypto Java implementation. The more end-to-end email security there is, the better, so it is cool to see it around! :) I just wondered: Could GnuPG run on Android? Did someone try? Best, Bernhard -- Managing Director - Owner: www.intevation.net (Free Software Company) Deputy Coordinator Germany: fsfe.org. Board member: www.kolabsys.com. Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From rjh at sixdemonbag.org Mon Aug 16 18:05:08 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Aug 2010 12:05:08 -0400 Subject: AGP on Android In-Reply-To: <201008161746.33109.bernhard@intevation.de> References: <201008161746.33109.bernhard@intevation.de> Message-ID: <4C6961B4.6090803@sixdemonbag.org> On 8/16/10 11:46 AM, Bernhard Reiter wrote: > I just wondered: Could GnuPG run on Android? Did someone try? Android is fundamentally a really hacked-upon Linux kernel with some GNU userland and the Android stack. There's no reason to think GnuPG couldn't be ported fairly easily, especially if you're willing to reduce the feature set as far as possible. This is not the same thing as saying it would be wise: there are some good reasons to be skeptical of OpenPGP on mobile devices. From rich at anomos.info Mon Aug 16 18:41:33 2010 From: rich at anomos.info (Rich Jones) Date: Mon, 16 Aug 2010 12:41:33 -0400 Subject: AGP on Android In-Reply-To: <4C6961B4.6090803@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> Message-ID: I've ported GPG to Android! It works pretty well, I was working on a privacy app for Android that I had to put on the back burner, but the binary works okay. Hopefully I'll release the full app in about a month and a half-ish (it's a crypto + stegonographic project). APG is actually pretty good though, just a little slow last time I used it. R On Mon, Aug 16, 2010 at 12:05 PM, Robert J. Hansen wrote: > On 8/16/10 11:46 AM, Bernhard Reiter wrote: > > I just wondered: Could GnuPG run on Android? Did someone try? > > Android is fundamentally a really hacked-upon Linux kernel with some GNU > userland and the Android stack. There's no reason to think GnuPG > couldn't be ported fairly easily, especially if you're willing to reduce > the feature set as far as possible. This is not the same thing as > saying it would be wise: there are some good reasons to be skeptical of > OpenPGP on mobile devices. > > _______________________________________________ > Gnupg-devel mailing list > Gnupg-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-devel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From buanzo at buanzo.com.ar Mon Aug 16 18:59:38 2010 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Mon, 16 Aug 2010 13:59:38 -0300 Subject: AGP on Android In-Reply-To: <4C6961B4.6090803@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> Message-ID: <4C696E7A.90600@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/16/2010 01:05 PM, Robert J. Hansen wrote: > This is not the same thing as saying it would be wise: there are some good reasons to be skeptical of > OpenPGP on mobile devices. Hi Robert, Would you care to elaborate on that? Yours, - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - OWASP - SANS - OISSG . http://www.buanzo.com.ar/pro/eng.html ..: http://www.cervezacicuta.com.ar - "LA" Cerveza Artesanal de Villa Bosch -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkxpbncACgkQAlpOsGhXcE1jHACfYJUoM8pk5lZ4nnXaYubzP5ZS RMQAnR2kxWNyMgMAFWvNUCvm2mqKxxjI =0oFo -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Mon Aug 16 21:20:45 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Aug 2010 15:20:45 -0400 Subject: AGP on Android In-Reply-To: <4C696E7A.90600@buanzo.com.ar> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> Message-ID: <4C698F8D.3030202@sixdemonbag.org> On 8/16/2010 12:59 PM, Arturo 'Buanzo' Busleiman wrote: > Would you care to elaborate on that? People play MP3s on their three-year-old smartphones and they don't want to have to stop listening to their music just because they get an encrypted email. That means their 400MHz ARM processor is already running close to 100% CPU usage between codecs and background apps. Now introduce CPU-intensive asymmetric crypto into the mix, and... It is challenging to give users a satisfactory experience when (a) the email has to decrypt and render in under a second, (b) you're not allowed to make their MP3 playback skip, and (c) you're supporting ridiculously large keysizes (4K RSA). If you want all three of those, your work's cut out for you. In time, OpenPGP will come out with a mobile profile that's meant to work better in these environments. In time, people will also buy new, more capable, smartphones. The problems that I'm talking about are only problems right now -- I don't want to give the impression they're permanent. From pioto at pioto.org Mon Aug 16 20:10:37 2010 From: pioto at pioto.org (Mike Kelly) Date: Mon, 16 Aug 2010 14:10:37 -0400 Subject: pinentry hangs in read() In-Reply-To: <20100802230735.GA26298@everglades.pioto.org> References: <20100802230735.GA26298@everglades.pioto.org> Message-ID: <20100816181037.GA14787@everglades.pioto.org> On Mon, Aug 02, 2010 at 07:07:35PM -0400, Mike Kelly wrote: > (This was originally reported as issue 1199[1], but I was referred to > this list instead). > > Pinentry seems to always hang for me, when invoked by keychain[2] in my > .bash_profile. Is there some other information I could provide that might be helpful in tracking down this problem? Does my question belong on some other mailing list or something? Or, does nobody have any ideas about what may be the problem here? (Sorry to pester, but this has been bothering me and at least one other person I know for a while now) Thanks. -- Mike Kelly From buanzo at buanzo.com.ar Mon Aug 16 22:19:28 2010 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Mon, 16 Aug 2010 17:19:28 -0300 Subject: AGP on Android In-Reply-To: <4C698F8D.3030202@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> Message-ID: <4C699D50.9060506@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/16/2010 04:20 PM, Robert J. Hansen wrote: > In time, OpenPGP will come out with a mobile profile that's meant to > work better in these environments. In time, people will also buy new, > more capable, smartphones. The problems that I'm talking about are only > problems right now -- I don't want to give the impression they're permanent. Well, we fully agree then. With the above clarification on time-dependancy, that is. Thank you for your time. - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - OWASP - SANS - OISSG . http://www.buanzo.com.ar/pro/eng.html ..: http://www.cervezacicuta.com.ar - "LA" Cerveza Artesanal de Villa Bosch -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkxpnVAACgkQAlpOsGhXcE0UugCeL9YAHPZQbbmABUmviRN4ilIy 5+oAn000k2HBF3wa56rMkNtbXoENrN/b =wKFX -----END PGP SIGNATURE----- From gnupg at oneiroi.net Mon Aug 16 21:52:42 2010 From: gnupg at oneiroi.net (Milo) Date: Mon, 16 Aug 2010 21:52:42 +0200 Subject: AGP on Android In-Reply-To: <4C698F8D.3030202@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> Message-ID: <4C69970A.4090202@oneiroi.net> Hello. On 08/16/2010 09:20 PM, Robert J. Hansen wrote: > On 8/16/2010 12:59 PM, Arturo 'Buanzo' Busleiman wrote: >> Would you care to elaborate on that? > > People play MP3s on their three-year-old smartphones and they don't want > to have to stop listening to their music just because they get an > encrypted email. That means their 400MHz ARM processor is already > running close to 100% CPU usage between codecs and background apps. Now > introduce CPU-intensive asymmetric crypto into the mix, and... > > It is challenging to give users a satisfactory experience when (a) the > email has to decrypt and render in under a second, (b) you're not > allowed to make their MP3 playback skip, and (c) you're supporting > ridiculously large keysizes (4K RSA). If you want all three of those, > your work's cut out for you. > > In time, OpenPGP will come out with a mobile profile that's meant to > work better in these environments. In time, people will also buy new, > more capable, smartphones. The problems that I'm talking about are only > problems right now -- I don't want to give the impression they're permanent. I think that your impression is outdated. HTC G1 (almost three year old phone) - when talking about raw CPU power - is as capable as Pentium III/550 or almost as old iBook's PPC G4 (and these aren't performing that poor you know). What's more it has cute DSP capability which can be used in audio processing (for example) with far better results then non-specialized chip. You missed that right now probably most of smartphones are armed with asymmetric crypto software. Examples? TLS/SSL when sending/getting emails or just surfing some parts of the web... No conclusion needed here, right? -- Regards, Milo From rjh at sixdemonbag.org Mon Aug 16 23:13:26 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Aug 2010 17:13:26 -0400 Subject: AGP on Android In-Reply-To: <4C69970A.4090202@oneiroi.net> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> Message-ID: <4C69A9F6.9090708@sixdemonbag.org> On 8/16/2010 3:52 PM, Milo wrote: > No conclusion needed here, right? The HTC G1 isn't the three-year-old handheld I'm thinking of. I'm thinking of bargain basement Windows Mobile devices that were given away for free with contract signups. I'm also thinking of el-cheapo handhelds sold in the developing world, which in order to keep prices down skip such niceties as DSPs. Are there three-year-old handhelds that can do the job? Sure. Is it reasonable to think _most_ three-year-old handhelds can do the job? That seems like a bold claim. I'll need to see supporting evidence. From gnupg at oneiroi.net Mon Aug 16 23:52:07 2010 From: gnupg at oneiroi.net (Milo) Date: Mon, 16 Aug 2010 23:52:07 +0200 Subject: AGP on Android In-Reply-To: <4C69A9F6.9090708@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> <4C69A9F6.9090708@sixdemonbag.org> Message-ID: <4C69B307.5040303@oneiroi.net> On 08/16/2010 11:13 PM, Robert J. Hansen wrote: > On 8/16/2010 3:52 PM, Milo wrote: >> No conclusion needed here, right? > > The HTC G1 isn't the three-year-old handheld I'm thinking of. I'm > thinking of bargain basement Windows Mobile devices that were given away > for free with contract signups. I'm also thinking of el-cheapo > handhelds sold in the developing world, which in order to keep prices > down skip such niceties as DSPs. > > Are there three-year-old handhelds that can do the job? Sure. Is it > reasonable to think _most_ three-year-old handhelds can do the job? > That seems like a bold claim. I'll need to see supporting evidence. I'm getting your point but remember that we are talking about Android-capable devices (well, at least this was Bernhard's point I think) - and I bet that most of these are equal or stronger in terms of processing power then G1 (this was first widely available Android hw platform). There is another thing to mention - data transmission security is Ahillean heel of modern mobile phone networks. For couple of reasons operators don't care or don't want to provide it (same for - all? - mobile OSes vendors). It would be nice to push this topic further (despite some potential difficulties - like one mentioned by you) because not much is happening on this field. -- Regards, Milo From rjh at sixdemonbag.org Tue Aug 17 00:24:06 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Aug 2010 18:24:06 -0400 Subject: AGP on Android In-Reply-To: <4C69B307.5040303@oneiroi.net> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> <4C69A9F6.9090708@sixdemonbag.org> <4C69B307.5040303@oneiroi.net> Message-ID: <4C69BA86.7090406@sixdemonbag.org> On 8/16/2010 5:52 PM, Milo wrote: > I'm getting your point but remember that we are talking about > Android-capable devices You are; I'm not. I never said there was reason to be skeptical of OpenPGP on the Android: I said there was reason to be skeptical of OpenPGP on mobile devices. Maybe I should have made it more clear: I thought I was being precise, but I can see how people may have missed my shift. I think OpenPGP in the mobile space is fascinating. OpenPGP in the Android-specific space, or the iPhone or Pre-specific space, or what-have-you, interests me much less. From jrollins at finestructure.net Tue Aug 17 01:15:57 2010 From: jrollins at finestructure.net (Jameson Rollins) Date: Mon, 16 Aug 2010 19:15:57 -0400 Subject: AGP on Android In-Reply-To: <4C69A9F6.9090708@sixdemonbag.org> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> <4C69A9F6.9090708@sixdemonbag.org> Message-ID: <877hjq87yq.fsf@servo.finestructure.net> On Mon, 16 Aug 2010 17:13:26 -0400, "Robert J. Hansen" wrote: > On 8/16/2010 3:52 PM, Milo wrote: > > No conclusion needed here, right? > > The HTC G1 isn't the three-year-old handheld I'm thinking of. I'm > thinking of bargain basement Windows Mobile devices that were given away > for free with contract signups. I'm also thinking of el-cheapo > handhelds sold in the developing world, which in order to keep prices > down skip such niceties as DSPs. > > Are there three-year-old handhelds that can do the job? Sure. Is it > reasonable to think _most_ three-year-old handhelds can do the job? > That seems like a bold claim. I'll need to see supporting evidence. I think you're really jumping the gun here. If we can get even geeks to use OpenPGP on their fancy phones we'll be doing well. jamie. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From rjh at sixdemonbag.org Tue Aug 17 02:06:44 2010 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Aug 2010 20:06:44 -0400 Subject: AGP on Android In-Reply-To: <877hjq87yq.fsf@servo.finestructure.net> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> <4C69A9F6.9090708@sixdemonbag.org> <877hjq87yq.fsf@servo.finestructure.net> Message-ID: <1B171A1C-DF38-439D-A382-B52447E84131@sixdemonbag.org> > I think you're really jumping the gun here. If we can get even geeks to > use OpenPGP on their fancy phones we'll be doing well. Network effects. Imagine there's a cool little communications app that only works on the Palm Pre. Nobody cares, because the Pre occupies such a tiny fragment of the market space. (Or, for the real world, Skype on the desktop is a very hot piece of technology: Skype on Droid, nobody cares. As cool as the Droid is, it's a tiny fragment, etc., etc.) By comparison, just dialing a number and talking to someone, regardless of what carrier they're on ? that's very cool and people pay good money for it. The size of the base of users with whom you can communicate contributes in a very big way to the overall usefulness of the application. This is all getting very far afield of the original question, though, which was whether it was possible to port GnuPG to Android. If we want to discuss this further, let's take it to -users and leave the -devel list for its intended purpose: low-volume talk about stuff directly related to GnuPG development. From nathan at freitas.net Tue Aug 17 00:10:40 2010 From: nathan at freitas.net (Nathan Freitas) Date: Mon, 16 Aug 2010 18:10:40 -0400 Subject: AGP on Android In-Reply-To: <4C69B307.5040303@oneiroi.net> References: <201008161746.33109.bernhard@intevation.de> <4C6961B4.6090803@sixdemonbag.org> <4C696E7A.90600@buanzo.com.ar> <4C698F8D.3030202@sixdemonbag.org> <4C69970A.4090202@oneiroi.net> <4C69A9F6.9090708@sixdemonbag.org> <4C69B307.5040303@oneiroi.net> Message-ID: <4C69B760.3000900@freitas.net> I just wanted to jump in here, as I originally joined this list during my own efforts port GPG to Android. I ended up deciding to support the work of APG instead, because I felt that perhaps new implementation on BouncyCastle was more appropriate for Android, even with the performance hit. As for this notion that Android is just a first world phenomenon, I can tell you that availability of Android is growing very quickly throughout the world, thanks in large part to many of the mobile manufacturers in China using it it instead of their own proprietary or locally developed mobile OSes. Growth of Android amongst middle class users in China, India, the Middle East, and even some parts of Africa, is strong. Yes, the $10 Nokia's and last generation WinMo phones still rule in quantity, but Android is evolving quickly out of its early adopter, luxury phase. On 8/16/10 5:52 PM, Milo wrote: > There is another thing to mention - data transmission security is > Ahillean heel of modern mobile phone networks. For couple of reasons I am also the developer who ported Tor to Android aka "Orbot", and I can tell you it runs great, even on a G1, while taking phone calls. We've just quietly pushed the 1.0 release into the Android Market, so please check it out. In addition, we have an OtRChat app which can run over Tor, and provide encrypted XMPP, etc. You can find out more at: https://www.torproject.org/docs/android.html https://guardianproject.info/apps/orbot/ https://guardianproject.info/apps/otrchat/ mobile OSes vendors). It would be nice to push this topic further > (despite some potential difficulties - like one mentioned by you) > because not much is happening on this field. That's what we are doing at Guardian : https://guardianproject.info Feel free to join our dev list or find us on #guardianproject on irc. Best, Nathan From calestyo at scientia.net Thu Aug 19 01:48:07 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Wed, 18 Aug 2010 23:48:07 +0000 Subject: bug: gpg-agent --version doesn't show the default scd Message-ID: Hi. The gpg-agent manpage claims: --scdaemon-program filename Use program filename as the Smartcard daemon. The default is installation dependent and can be shown with the --version com? mand. Perhaps I'm doing something wrong,.. but mine seems not to show any info about which scdaemon is used. Cheers, Chris. From wk at gnupg.org Thu Aug 19 10:23:44 2010 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Aug 2010 10:23:44 +0200 Subject: bug: gpg-agent --version doesn't show the default scd In-Reply-To: (Christoph Anton Mitterer's message of "Wed, 18 Aug 2010 23:48:07 +0000") References: Message-ID: <87bp8zqacv.fsf@vigenere.g10code.de> On Thu, 19 Aug 2010 01:48, calestyo at scientia.net said: > The gpg-agent manpage claims: > --scdaemon-program filename > Use program filename as the Smartcard daemon. The default is > installation dependent and can be shown with the --version com? > mand. The man page is wrong. To see the defaults use gpgconf: $ gpgconf gpg:GPG for OpenPGP:/usr/local/bin/gpg2 gpg-agent:GPG Agent:/usr/local/bin/gpg-agent scdaemon:Smartcard Daemon:/usr/local/bin/scdaemon gpgsm:GPG for S/MIME:/usr/local/bin/gpgsm dirmngr:Directory Manager:/usr/local/bin/dirmngr Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From calestyo at scientia.net Thu Aug 19 11:42:30 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Thu, 19 Aug 2010 09:42:30 +0000 Subject: bug: gpg-agent --version doesn't show the default scd In-Reply-To: <87bp8zqacv.fsf@vigenere.g10code.de> References: <87bp8zqacv.fsf@vigenere.g10code.de> Message-ID: <44fd82043182ef5be608adbd52870728@imap.dd24.net> On Thu, 19 Aug 2010 10:23:44 +0200, Werner Koch wrote: > $ gpgconf > gpg:GPG for OpenPGP:/usr/local/bin/gpg2 > gpg-agent:GPG Agent:/usr/local/bin/gpg-agent > scdaemon:Smartcard Daemon:/usr/local/bin/scdaemon > gpgsm:GPG for S/MIME:/usr/local/bin/gpgsm > dirmngr:Directory Manager:/usr/local/bin/dirmngr Ah... =) Attached is a patch =) Cheers, Chris. btw: The other patch (http://lists.gnupg.org/pipermail/gnupg-devel/2010-August/025689.html) I've sent in recently,... is it going to be merged? -------------- next part -------------- A non-text attachment was scrubbed... Name: used-scdaemon-doc.patch Type: text/x-diff Size: 516 bytes Desc: not available URL: From wk at gnupg.org Thu Aug 19 16:11:57 2010 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Aug 2010 16:11:57 +0200 Subject: bug: gpg-agent --version doesn't show the default scd In-Reply-To: <44fd82043182ef5be608adbd52870728@imap.dd24.net> (Christoph Anton Mitterer's message of "Thu, 19 Aug 2010 09:42:30 +0000") References: <87bp8zqacv.fsf@vigenere.g10code.de> <44fd82043182ef5be608adbd52870728@imap.dd24.net> Message-ID: <87wrrmpu8i.fsf@vigenere.g10code.de> On Thu, 19 Aug 2010 11:42, calestyo at scientia.net said: > btw: The other patch > (http://lists.gnupg.org/pipermail/gnupg-devel/2010-August/025689.html) I've > sent in recently,... is it going to be merged? I doubt that. Maybe I go over the patches at some time and fix the strings. But I won't apply them as they are. Frankly we would need copyright assignments for such large patches (it doesn't matter that this is "only" documentation). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From calestyo at scientia.net Thu Aug 19 16:22:54 2010 From: calestyo at scientia.net (Christoph Anton Mitterer) Date: Thu, 19 Aug 2010 14:22:54 +0000 Subject: bug: gpg-agent --version doesn't show the default scd In-Reply-To: <87wrrmpu8i.fsf@vigenere.g10code.de> References: <87bp8zqacv.fsf@vigenere.g10code.de> <44fd82043182ef5be608adbd52870728@imap.dd24.net> <87wrrmpu8i.fsf@vigenere.g10code.de> Message-ID: <403d0b4099482047ba344a41928cb091@imap.dd24.net> On Thu, 19 Aug 2010 16:11:57 +0200, Werner Koch wrote: > I doubt that. Maybe I go over the patches at some time and fix the > strings. Well of course they're not that important,... but I guess it's bad to leave such things outdated, because at one point there'd be so much to catch up that it's nearly impossible, > Frankly we would need > copyright assignments for such large patches (it doesn't matter that > this is "only" documentation). No problem,... just tell me what I have to sign or so... Cheers, Chrs. From snauberg at gmx.de Fri Aug 20 13:30:33 2010 From: snauberg at gmx.de (Simon Nauberg) Date: Fri, 20 Aug 2010 13:30:33 +0200 Subject: Questions about key generation and RNG Message-ID: <20100820113033.6660@gmx.net> Does perhaps anyone know a mailinglist where one could find answers to questions like these? Regards, Simon. -- Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief! Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail From stanislav at sidorenko-s.com Fri Aug 20 13:33:12 2010 From: stanislav at sidorenko-s.com (Stanislav Sidorenko) Date: Fri, 20 Aug 2010 15:33:12 +0400 Subject: SHA2 hashes and smartcards in gpg2 Message-ID: <4C6E67F8.2060809@sidorenko-s.com> Hi! A month ago I've found a issue in gpg1 that did not allow using SHA2 hashes for signing if it is done by smartcard: Two links to that discussion. http://lists.gnupg.org/pipermail/gnupg-users/2010-July/039186.html http://lists.gnupg.org/pipermail/gnupg-users/2010-July/039236.html But as I can see current gpg2 also has such issue. /branches/STABLE-BRANCH-2-0/g10/call-agent.c #endif snprintf (line, DIM(line)-1, "SCD PKSIGN %s%s", hashalgo == GCRY_MD_RMD160? "--hash=rmd160 " : "", serialno); line[DIM(line)-1] = 0; Could you please check and fix it? Thanks, Stanislav From huebners at uni-potsdam.de Wed Aug 25 18:28:05 2010 From: huebners at uni-potsdam.de (=?ISO-8859-15?Q?Sebastian_H=FCbner?=) Date: Wed, 25 Aug 2010 18:28:05 +0200 Subject: gpgme_get_key in external mode Message-ID: <4C754495.4040307@uni-potsdam.de> Hello, I am using gpgme_get_key and gpgme_op_import_keys to import a certain key from a keyserver. (Version GPGME 1.2) Sometimes it works, but often gpgme_get_key returns with GPG_ERR_EOF. Every time I run "gpg --recv" from a terminal it works without any problem. I use the following keyserver: pool.sks-keyservers.net Sometimes it takes a while to import a key. Thus I tried to ensure that the "get_key"-function has finished using gpgme_wait, but it doesn't work out. I still got the same problem. Is there something I can do about that? Thanks in advance, Sebastian H?bner From ab1234cd5678 at gmx.biz Tue Aug 31 22:45:05 2010 From: ab1234cd5678 at gmx.biz (ab1234cd5678 at gmx.biz) Date: Tue, 31 Aug 2010 22:45:05 +0200 Subject: Format of exported private keys Message-ID: <1071324942.20100831224505@gmx.at> Hi, I plan to produce a webmailer that does use my private key in a Javascript implementation. To achieve this I came up with the idea to have a textarea field on the form where I can paste my exported secret key and use. Unfortunately I can't find any information about the structure of the exported key. So I know it is armored. It contains a checksum as well. But how is the checksum calculated, how do I distinguish between PGP keys and X.509 keys? Could anyone give me a pointer? -- Thanks in advance, Raymund From dshaw at jabberwocky.com Tue Aug 31 23:58:59 2010 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 31 Aug 2010 17:58:59 -0400 Subject: Format of exported private keys In-Reply-To: <1071324942.20100831224505@gmx.at> References: <1071324942.20100831224505@gmx.at> Message-ID: On Aug 31, 2010, at 4:45 PM, ab1234cd5678 at gmx.biz wrote: > Hi, > > I plan to produce a webmailer that does use my private key in a > Javascript implementation. > > To achieve this I came up with the idea to have a textarea field on > the form where I can paste my exported secret key and use. > > Unfortunately I can't find any information about the structure of the > exported key. So I know it is armored. It contains a checksum as well. > But how is the checksum calculated, how do I distinguish between PGP > keys and X.509 keys? Without going into the wisdom of pasting private keys into a web form (yikes), the information you are looking for is in RFC-4880. David