Re: nPth signature
Hi, On 2023/08/12 11:45, Daniel Rostovtsev via Gnupg-users wrote: I think that nPth is might be signed with an expired signature. Is this a problem? No problem. I downloaded from https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2 <https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2> and https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig <https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig> This is what I see when I run > gpg —-verify npth-1.6.tar.bz2.sig When I run with a trusted gpg. gpg: assuming signed data in 'npth-1.6.tar.bz2' gpg: Signature made Mon Jul 16 07:37:23 2018 UTC gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 gpg: Good signature from "Werner Koch (dist sig)" [expired] gpg: Note: This key has expired! Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 The release date of nPth 1.6 is 2018-07-16 and the files were signed on the same day. On 2018-07-16, the key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 was valid and not expired yet. -- Kosuke Kaizuka OpenPGP_signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
location of pubring.db
Hello, The location of public keyring can be changed with "keyring" option like this; keyring /path/to/pubring.kbx (current) or keyring /path/to/pubring.gpg (legacy) On GnuPG >= 2.3.0 with "use-keyboxd" option, new SQlite database of public keyring "pubring.db" is located in /GnuPG-HomeDir/public-keys.d, but it is not possible to change the location of this new file. keyring /path/to/pubring.db (does not work) "keyring" does not work any more with "use-keyboxd"? -- Kosuke Kaizuka OpenPGP_signature Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Dirmngr fails to communicate with keyservers (W32 binaries for GnuPG 2.1.22)
On Mon, 31 Jul 2017 10:35:24 +0200, Andre Heinecke wrote: > Hi, > > On Sunday, July 30, 2017 11:41:01 AM CEST Kosuke Kaizuka wrote: >> On Sat, 29 Jul 2017 14:58:09 +0100, MFPA wrote:> >>> I have installed the W32 package for GnuPG 2.1.22 and I find keys >>> cannot be sent to keyservers, or fetched/refreshed. The operation >>> fails with the message "keyserver send failed: Resource temporarily >>> unavailable". >>> >>> In the event the dirmngr from 2.1.21 is already running, the operation >>> succeeds. > > Yes, slipped our testing. We are working on it: > > https://dev.gnupg.org/T3318 The problem seems to have been fixed in gnupg-w32-2.1.22_20170731. -- Kosuke Kaizuka <cai.0...@gmail.com> signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Dirmngr fails to communicate with keyservers (W32 binaries for GnuPG 2.1.22)
On Sat, 29 Jul 2017 14:58:09 +0100, MFPA wrote:> > I have installed the W32 package for GnuPG 2.1.22 and I find keys > cannot be sent to keyservers, or fetched/refreshed. The operation > fails with the message "keyserver send failed: Resource temporarily > unavailable". > > In the event the dirmngr from 2.1.21 is already running, the operation > succeeds. > > > > [path_to]\GnuPG_2_1_22\bin>gpg --send-key 0xF5AECE1EF251BFAB > gpg: using character set 'utf-8' > gpg: no running Dirmngr - starting > '[path_to]\GnuPG_2_1_22\bin\dirmngr.exe' > > gpg: waiting for the dirmngr to come up ... (5s) > gpg: waiting for the dirmngr to come up ... (4s) > gpg: connection to the dirmngr established > gpg: Invalid key 0xF5AECE1EF251BFAB made valid by > --allow-non-selfsigned-uid > > gpg: sending key 0xF5AECE1EF251BFAB to hkp://pool.sks-keyservers.net > gpg: Note: signature key 0xF5AECE1EF251BFAB has been revoked > gpg: Note: signature key 0xF5AECE1EF251BFAB has been revoked > gpg: keyserver send failed: Resource temporarily unavailable > gpg: keyserver send failed: Resource temporarily unavailable > > > > > > Compare with: > > [path_to]\GnuPG_2_1_22\bin>gpg --send-key 0xF5AECE1EF251BFAB > gpg: using character set 'utf-8' > gpg: WARNING: server 'dirmngr' is older than us (2.1.21 < 2.1.22) > gpg: Invalid key 0xF5AECE1EF251BFAB made valid by > --allow-non-selfsigned-uid > > gpg: sending key 0xF5AECE1EF251BFAB to hkp://pool.sks-keyservers.net > gpg: Note: signature key 0xF5AECE1EF251BFAB has been revoked > gpg: Note: signature key 0xF5AECE1EF251BFAB has been revoked Same issue with gpg 2.1.22 on Win7 x64. I've tried search, send-keys and recv-keys commands but all failed with "Resource temporarily unavailable" messages. gpg 2.1.21 works fine. -- Kosuke Kaizuka <cai.0...@gmail.com> signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: [Enigmail] [ANN] Enigmail v1.7 available
On Sat, 09 Aug 2014 12:03:28 +0200, Johan Wevers wrote: On 19-07-2014 15:29, John Clizbe wrote: As there are many Enigmail users who read this list, but not [Enigmail], I'm forwarding the announcement of the newest release of Enigmail, v1.7. There are quite a few changes in this release. Not compatible with Thunderbird 3.1.20. And considering the way Mozilla is currently adding bloat to all its programs (Hi Netscape 4.0), I don't see any reason to upgrade. Thunderbird 3.1.20 was released in March 2012. There are more than 200 security vulnerabilities fixed after release of 3.1.20... The last version compatible with Thunderbird 3.1.20 is Enigmail 1.1.2, released in June 2010. Current Enigmail 1.7 supports only Thunderbird 31 and 24. I strongly recommend you to upgrade at least to Thunderbird 24.7.0 and Enigmail 1.7. -- Kosuke Kaizuka cai.0...@gmail.com signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg4win
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, On Tue, 8 Jul 2014 10:38:12 +0200, Dr. Bernhard Kleine wrote: Do you know of a maillist or a forum for gpg4win ? I have problems to install. There are mailing lists and support forums in English and German. Eniglish ones are more active than German ones. http://www.gpg4win.org/community.html - -- Kosuke Kaizuka cai.0...@gmail.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTu7ySAAoJEFI91dNOjkjZb/sQAKT6oz0wSNGghuiO60BoTDuI u7kFlB2lwpEBJrDmIUJ+7j+V8fRKeYtEQIKaDxEjTuXbFOd68n1078/p7SMhpC52 99/c1rlwcX43BGbpWZfhGvnX/hA24knXwLiqt1sQNqXHgkaNqamzb8yAUvq0O3uJ C96ZABV+JI+XotJdvFzEgRJu+FH7ISW0j09FhKzHJKj95w2m2hkuqrjbVx3ul6dN V3MX39Qwb4VDiwfjuH15Aa7uQRRhxmXrr8qr1uF6OT4WkKSYoyc9Os/mRJ20BjNr kGjSzfou7LGJLNqSBTfWBmxawGp0HFl2dULV7VbgUJm9dTrwJUI1OOZMmQr4P4vX H97AK9MwSafEJ+c9OJTAhvwxWcHkGNj1zPukyleiS+MWZ+qpw5a30k+Xo42j0yYo eKBxSzPnzyGfTPquSZoU7d7Rkd7BozfF2KtLnhhUtWZfpwCIiANUiP/mEyKfQAjf /DLRRN15uOABwy4+VEBrjG779COMICQ052kgH5rF+2XQ1eqikq1AS8+ImVwcRebW /BQcbplVhNlCsPTFIU2uM9mpyNsaJGx8BSToq59X9gMV02fmcDsbZhZfyovSFgPY gQ9zvqgCQsFVo+rTJYieCfRYDptJyo0CiklLKUyL0rly8B0QYMT+lmQzMp1DSM8w NzhvtsgPMVNHK1XvItzf =ihBs -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: a bit OT: pgpdump binaries?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thank you Josef for binary files! On Sun, 11 May 2014 19:15:29 -0400, Faramir wrote: compilation is straightforward, if msys and mingw is installed! pgpdump.c is missing a #include getopt.h, after adding that just a ./configure and make to compile it! I compiled a 64 and a 32 bit version for you! The files are digitally signed using the Microsoft Authenticode stuff. Hello Josef, Thank you, as Ben said, I appreciate your effort and already downloaded the binary files. I tried to verify the digital signature, but something failed, however, the hash values match the ones you provided, plus virustotal battery of 52 antivirus agree the file is safe, so I'm puzzled but not worried about the signature. I have downloaded and checked binary files. ? pgpdump64.exe SHA-512: match Microsoft Authenticode: verified (Name: Josef Schneider, Email address: josef.schnei...@gmail.com, Signed on: ?2014?/05?/09? 17:12:04) check by Norton: passed pgpdump.exe SHA-512: match Microsoft Authenticode: verified (Name: Josef Schneider, Email address: josef.schnei...@gmail.com, Signed on: ?2014?/05?/09? 17:16:36) check by Norton: passed Authenticode certificate is issued by StartCom Class 2 Primary Intermediate Object CA. - -- Kosuke Kaizuka cai.0...@gmail.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTcGLFAAoJEFI91dNOjkjZ3hQQANC+fpVL3pWiDvxzG2b1wTZO e1wR1fsgd6P5vyyTmkANo9LXwoCJsrUysF3JykTKceROnJtUp6lHbE3woNwlTPrp 5Idyh7v0RQ2kWywntrCuBX2dTQNA1NFqhol63rp7zFa7vdWJw7bUOVz6J3hVVSyK mjpPU2QIULQBW2Gb4cZTyjVvwuvSg9PfEzdEvohmEYV2stlPRtNJH1HhFL0qeYEY 2Tw0PYFBa8gBzb+on3NFxyoTGIB7hjBqLE1b5Ze08VGkjCT1tlkiyg7X3TYMkINn Oz+hFlMP/Kjs4b+Oyd4DoccUT9jLgxjm46heUCyyg36XqaSqsG1VbDA6xIHvVDzz KddHUAbXo3hyhFs7gdVI3HJpQYMw0aNwuTFvRw4PZWLeo11TYM8FuXs50ZtWytVR FOQCko+TE4j+N8hGcLvK0HnGQQlbYuMgxXMI3zi0HADvHRuR7YtU9KQTEKR5vvjZ lqSii3wRf68/xcXS7J6xU9soRdDqjcyhGW+OFcwWqkwRBnjkZ/EdfMrFZuNanS11 CaDyoj9123uym5Yl7ECWAA2M2qFIQ1OX+v8Ap0qW4KbrLtk8YJXSQlbimPvCik10 nTUvvSjqxm7Kfj8DT8SH7gK0PsUYaL75AhYiFIZ2ukRJ464WWqFDGT5p6I/BlWGa idpADBVEzEFuG4SV/SZo =I88e -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Much slower than other block cipher implementations?
Hi Will, On Thu, 5 Dec 2013 13:14:27 +1300, Will Bryant wrote: Hi all, My understanding is that when you encrypt a file using GPG a random session key gets generated, that gets encrypted using public key crypto, and then that session key is used to encrypt the file using a regular block cipher. Why then does GPG only encrypt at about 12 MB/s when OpenSSL can encrypt using the same block cipher at over 260 MB/s on the same machine? Is it just a faster implementation of the block cipher, or is GPG doing something else that slows it down? I'm using fairly modern Intel CPUs that do have AES instructions, so I was wondering if that was it. Which version of GnuPG (ligcrypt) and OS are you using? As far as I know, only GnuPG 2.0.x on x86 environments supports AES-NI. 1. GnuPG 1.4.x or lower does not support AES-NI at all. 2. GnuPG 2.0.x with ligcrypt 1.5.0 and above supports AES-NI on x86 environments. 3. GnuPG 2.0.x on x86-64 Ligcrypt 1.5 branch does not support AES-NI yet on x86-64 environments. Support of AES-NI on x86-64 has been implemented to ligcrypt master[1], but not backported to current 1.5 branch[2]. [1] http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=d8bdfa42ed582655c180e7db9b16d4e756a12a6e [2] http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=shortlog;h=refs/heads/LIBGCRYPT-1-5-BRANCH -- Kosuke Kaizuka cai.0...@gmail.com signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Serpent?
On Fri, 23 Aug 2013 19:00:27 -0400, Faramir wrote: El 22-08-2013 9:56, Robert J. Hansen escribió: ... GnuPG extends this with support for Camellia-128, Camellia-192 and Camellia-256. I don't know the reasoning for introducing Camellia, but I'm sure there's a solid basis for it. IIRC, somebody said, a long long time ago, that Japan had some requirements for using Camellia, so I guess if GnuPG doesn't have it, japanese people can't use it without some you are using an unnapproved cipher or something like that. But I can't even remember who said Japan likes Camellia, so maybe that's not the reason. I think that the situation of Camellia in Japan is similar to that of AES in US or SEED in North Korea. Camellia is developed by Nippon Telegraph and Telephone and Mitsubishi Electric (both are Japanese companies), and included in Japan e-Government Recommended Ciphers List by CRYPTREC (Cryptography Research and Evaluation Committees, Japan). http://www.cryptrec.go.jp/english/list.html. Of course, Japanese people can use AES and any other ciphers, however, Japan Government and some Japanese people may prefer Camellia than AES (as I set key pref to CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES CAST5). Camellia is also recommended by NESSIE in EU, and supported by TLS/SSL (RFC 4132, 5932, 6367), S/MIME (RFC 3657), IPSec (RFC 4132, 5529), etc. -- Kosuke Kaizuka cai.0...@gmail.com signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP for Android
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Sun Jan 16 2011 14:12:42 GMT+0900, Malte Gell wrote: In the Android Market there is APG. Has anyone tested it? Does it import keys with subkeys? By the way, is there an app that encrypts SMS with APG? Hi. I have already tested APG 1.0.8 with Android 2.1 on Xperia SO-01B (X10 family in Japan). APG... 1. can import keys with subkeys. 2. can not verify email signed by my self-signed key with Enigmail+Thunderbird. 3. ignores the encoding (always uses iso-8859-1). 4. does not support CAMELLIA. 5. has no integration with gmail app on 2.1. - -- Kosuke Kaizuka cai.0...@gmail.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJNNQeTAAoJEFI91dNOjkjZgcoQAMV2q79Fp6to2n6d/hnk6mJ+ QhdzAT7SfVVy7OWsXOYmhknquAlKjEb326n5m3iWP+BdWb+8EvFIP15pp1BuDwk2 9sgMTILnsU91UXorRF2AK/q+9XlHOoPd49mGHA7EE8heQcWjvA9/YPXyawXnXjET ViPaYYVQ3Qfkoj48MY0YbmJF6r1PlrVB9t9ontkJ/j4wASg8iSyzIiiSgyzctZee 3/Aq+WuSt5hfWAoiImT8U/nNkt76vzysc3OONMW3mc6d/xJwcGrXQ6huaasORFGY lC2aISVDsYOoSQwccmFLHXltPeVZChRcQqllVsjCwM+xvWL88UIkAakvqw0lLeqb 2bAACbXeHzxLggahXJB5m2mxTu9XFp2QeqJMMEPx3weJPfEOdWxdMCo7qvq3ns8z HJ+2DUBKgQofRmji9ecGDsm0Htr2+HCYLF5q7CbnO7+p0JeEDWxsj2JS8M7MvoSv wKGn6J2wBEaeq2cEA72CwBPAAGFY/08PyPIwTvYbgtOMIWpBsZwoHLu8wHJfFm+U C8oQYX+fNfKjopYUryjDUZvntJEfPY0TELV98UdPS3lPVcEcvlNoiq51nyIsjsAk fk8eSWzR+Rbl6hgZbOJRkvCVFv8Et5AhV3k+hQ5vrYM/UN/yuN2zWuYn22jR/wJC D1WRbRVCcW5jb2y1EReQ =Z62K -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users