rnp icon indicating copy to clipboard operation
rnp copied to clipboard

Published 20 hours ago verified publisher icon rnpgp

Metadata

RNP: high performance C++ OpenPGP library used by Mozilla Thunderbird

Results 207 rnp issues
Sort by recently updated
recently updated
newest added

Coverity CID 1428747: Memory - illegal accesses (USE_AFTER_FREE)

2 comment

``` ** CID 1428747: Memory - illegal accesses (USE_AFTER_FREE) /src/tests/ffi.cpp: 8334 in rnp_tests_test_ffi_export_revocation_Test::TestBody()() ________________________________________________________________________________________________________ *** CID 1428747: Memory - illegal accesses (USE_AFTER_FREE) /src/tests/ffi.cpp: 8334 in rnp_tests_test_ffi_export_revocation_Test::TestBody()() 8328 assert_rnp_success(rnp_key_export_revocation(key_handle, output, 0,...

ronaldtse avatar ronaldtse

bug

CI: RNP CMake/CPack scripts export dependencies on the privately defined entities

RNP CMake/CPack scripts export dependencies on INTERFACE_LINK_LIBRARIES ```JSON-C::JSON-C``` and ```Botan2::Botan2``` targets that are valid only within the scope of RNP CI scripts and are not supported by json-c and botan2...

maxirmx avatar maxirmx

bug
continuous integration

Undocumented CLI command `--verify-cat`

## Description There is an undocumented `rnp` command `--verify-cat` https://github.com/rnpgp/rnp/blob/ec1c75bab1bed19268ba6b47bf07e63b196c7cda/src/rnp/rnp.cpp#L177 not mentioned anywhere, neither in `man 1 rnp` nor in usage message. And I have no idea what is it...

antonsviridenko avatar antonsviridenko

bug
documentation
cli

Refactor out crypto.cpp

## Description Currently it has just 3 functions which could be moved to the methods of `pgp_key_material_t`/`pgp_key_pkt_t`.

ni4 avatar ni4

Refactor Botan backend to use C++ classes instead of FFI.

## Description As we moved to C++ we don't have a need to use FFI and may use Botan classes directly.

ni4 avatar ni4

Possible hang in CI or rnp code.

1 comment

## Description It seems to be caused by CI itself, but let's keep an eye on it here: ``` 2023-02-18T10:59:58.4122825Z Start 256: cli_tests-Misc ... ... 2023-02-18T11:49:58.4472245Z test_aead_last_chunk_zero_length (__main__.Misc) ... /__w/rnp/rnp/builds/rnp-build/src/rnpkeys/rnpkeys...

ni4 avatar ni4

Check whether importing of secret key with material correctly replaces GPG offline key stub.

## Description If we have secret key with 'offline' secret key material (i.e. cut out or stored on smartcard), importing secret key with 'online' material should replace the offline stub.

ni4 avatar ni4

Check public key while tweaking Curve25519 secret key bits.

## Description It appears that there are/were implementations which may calculate public key from secret using the non-tweaked (not zeroed) bits. This could lead to incompatibilities and other problems after...

ni4 avatar ni4

Make sure that tests correctly run with ENABLE_BLOWFISH: Off

## Description It appears that not all tests correctly handle case with ENABLE_BLOWFISH: Off. The same could apply to the ENABLE_CAST5 and ENABLE_RIPEMD160

ni4 avatar ni4

When comparing fingerprints, you may also want to compare the version

1 comment

The issuer fingerprint subpacket [is defined](https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-07#section-5.2.3.32) as: ``` (1 octet key version number, N octets of fingerprint) ``` When comparing the issuer fingerprint with a key fingerprint, the version should...

nwalfield avatar nwalfield

Metadata

190
Stars
54
Forks
Watchers

Owner

verified publisher icon rnpgp

Metadata

RNP: high performance C++ OpenPGP library used by Mozilla Thunderbird

Back