Gnuk 1.2.20 and Chopstx 1.21
NIIBE Yutaka
gniibe at fsij.org
Mon Apr 25 04:54:48 CEST 2022
Hello,
Chopstx 1.21 is released.
tag release/1.21
Tagger: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Apr 22 11:14:57 2022 +0900
commit e12a7e0bb3f004c7bca41cfdb24c8b66daf3db89
This release is from STABLE-BRANCH-1 branch.
Gnuk 1.2.20 is released.
tag release/1.2.20
Tagger: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Apr 22 11:20:32 2022 +0900
commit 9d3c08bd2beb73ce942b016d4328f0a596096c02
This release is from STABLE-BRANCH-1-2 branch.
Those are maintenance releases. Newer compiler is more strict, so, I
need to care about clear semantics of pointer uses (I didn't care in the
past).
If you still uses Gnuk Token < 1.2.16, the change in 1.2.16 may be
useful, with the use case of newer OpenSSH, which uses
sntrup761x25519-sha512 at openssh.com. It requires larger data to be
signed.
=========================================
* Major changes in Gnuk 1.2.16
Released 2020-09-10, by NIIBE Yutaka
[...]
** Ed25519 signing allowing longer message
For OpenPGP, it does hashing on host side before requesting signing to
the device. Thus, the length of message to be signed is limited and
determined by the hash algorithm. That's good feature of OpenPGP. On
the other hand, there is a use case, like OpenSSH certificate signing,
where the length of message is a kind of arbitrary. Even though Gnuk
(or OpenPGP card protocol itself) has limitation, we removed the
length check against EDDSA_HASH_LEN_MAX at cmd_pso.
=========================================
scdaemon fix is also needed, it will be in GnuPG 2.3.6. It is tracked
by:
https://dev.gnupg.org/T5935
--
More information about the Gnuk-users
mailing list