From a518057089c7f7b886b7b4142dea612896a2e063ff4d44aa83bd0dbce17fb10d Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 21 Sep 2018 09:20:12 +0000 Subject: [PATCH] Accepting request 635471 from home:kbabioch:branches:security:privacy - Update to version 1.0.8: First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637 and Werner Koch's draft RFC 4880bis) has been added by relying on the most recent version of LibTMCG. The threshold signature scheme and the threshold encryption are still limited to finite field cryptography (i.e. DSA and ElGamal). Moreover, the programs generate and recognize a few other new OpenPGP features (e.g. issuer fingerprint subpackets) from RFC 4880bis. Compressed messages are now decompressed by the program dkg-decrypt using zlib Compression Library (and optionally by library routines from libbzip2). This completes DKGPG's compatibility with other OpenPGP software, however, the prefered compression algorithm (i.e. "no compression") in self-signatures of generated keys is kept for now. Support for symmetric-key decryption by dkg-decrypt has been added too. The program dkg-verify now reads the signature from a file, if option "-s" is used. To keep track of later protocol changes, all interactive programs include a version identifier in their common ID of the reliable broadcast channel. Thus programs from previous releases will not communicate with those of this release. With the new programs dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature can be generated and verified, respectively. Last but not least, by the new option "-y" some programs (dkg-generate, dkg-decrypt, dkg-sign, dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too. The README file contains a configuration sample showing how to replace classic PGP by DKGPG in the famous mail user agent mutt based on this option. Please note that this feature is experimental and semantics may be changed later. - Added new build requirements: * zlib * bzip2 OBS-URL: https://build.opensuse.org/request/show/635471 OBS-URL: https://build.opensuse.org/package/show/security:privacy/dkgpg?expand=0&rev=10 --- dkgpg-1.0.7.tar.gz | 3 --- dkgpg-1.0.7.tar.gz.sig | 6 ------ dkgpg-1.0.8.tar.gz | 3 +++ dkgpg-1.0.8.tar.gz.sig | 6 ++++++ dkgpg.changes | 33 +++++++++++++++++++++++++++++++++ dkgpg.spec | 6 ++++-- 6 files changed, 46 insertions(+), 11 deletions(-) delete mode 100644 dkgpg-1.0.7.tar.gz delete mode 100644 dkgpg-1.0.7.tar.gz.sig create mode 100644 dkgpg-1.0.8.tar.gz create mode 100644 dkgpg-1.0.8.tar.gz.sig diff --git a/dkgpg-1.0.7.tar.gz b/dkgpg-1.0.7.tar.gz deleted file mode 100644 index 34aba3b..0000000 --- a/dkgpg-1.0.7.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:38675dd6b8078999a60b0b1df1182a115f11aa4f27398ce9cc58bef8f6ff6eae -size 622912 diff --git a/dkgpg-1.0.7.tar.gz.sig b/dkgpg-1.0.7.tar.gz.sig deleted file mode 100644 index f219d6e..0000000 --- a/dkgpg-1.0.7.tar.gz.sig +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iF0EABECAB0WIQR29zARMp0n2418P5dPWE64+yvhTwUCWzKFXQAKCRBPWE64+yvh -T+eaAJ0W5IZi9UsXgRt4mTKe9X01IHKblQCeK8tc+/fNg/YymVeftt18a/2jOZE= -=PEaK ------END PGP SIGNATURE----- diff --git a/dkgpg-1.0.8.tar.gz b/dkgpg-1.0.8.tar.gz new file mode 100644 index 0000000..78c2ee7 --- /dev/null +++ b/dkgpg-1.0.8.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3594a4ade2bbdfa1cdda7ffd4ce6c4d68b0d4eea823c5c5ab51f3e8249df37c4 +size 683474 diff --git a/dkgpg-1.0.8.tar.gz.sig b/dkgpg-1.0.8.tar.gz.sig new file mode 100644 index 0000000..4bd3cba --- /dev/null +++ b/dkgpg-1.0.8.tar.gz.sig @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iF0EABECAB0WIQR29zARMp0n2418P5dPWE64+yvhTwUCW5lfEgAKCRBPWE64+yvh +TzLCAJ0Rh+XVAZz3a/Xi2j5b9PvZfEGwJgCaAxEnuDMnyvrd919NolDT119EWMA= +=wbEG +-----END PGP SIGNATURE----- diff --git a/dkgpg.changes b/dkgpg.changes index 8f3cf2a..e96c5b7 100644 --- a/dkgpg.changes +++ b/dkgpg.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Thu Sep 13 07:13:51 UTC 2018 - Karol Babioch + +- Update to version 1.0.8: + First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637 + and Werner Koch's draft RFC 4880bis) has been added by relying on the + most recent version of LibTMCG. The threshold signature scheme and the + threshold encryption are still limited to finite field cryptography + (i.e. DSA and ElGamal). Moreover, the programs generate and recognize + a few other new OpenPGP features (e.g. issuer fingerprint subpackets) + from RFC 4880bis. Compressed messages are now decompressed by the + program dkg-decrypt using zlib Compression Library (and optionally by + library routines from libbzip2). This completes DKGPG's compatibility + with other OpenPGP software, however, the prefered compression algorithm + (i.e. "no compression") in self-signatures of generated keys is kept + for now. Support for symmetric-key decryption by dkg-decrypt has been + added too. The program dkg-verify now reads the signature from a file, + if option "-s" is used. To keep track of later protocol changes, all + interactive programs include a version identifier in their common ID of + the reliable broadcast channel. Thus programs from previous releases + will not communicate with those of this release. With the new programs + dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature + can be generated and verified, respectively. Last but not least, by the + new option "-y" some programs (dkg-generate, dkg-decrypt, dkg-sign, + dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too. + The README file contains a configuration sample showing how to replace + classic PGP by DKGPG in the famous mail user agent mutt based on this + option. Please note that this feature is experimental and semantics + may be changed later. +- Added new build requirements: + * zlib + * bzip2 + ------------------------------------------------------------------- Mon Jul 9 05:33:30 UTC 2018 - kbabioch@suse.com diff --git a/dkgpg.spec b/dkgpg.spec index dcd4652..9889c1d 100644 --- a/dkgpg.spec +++ b/dkgpg.spec @@ -17,7 +17,7 @@ Name: dkgpg -Version: 1.0.7 +Version: 1.0.8 Release: 0 Summary: Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP License: GPL-2.0-or-later @@ -28,9 +28,11 @@ Source2: https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{versi Source3: %{name}.keyring BuildRequires: gcc-c++ BuildRequires: gmp-devel >= 4.2 -BuildRequires: libTMCG-devel >= 1.3.13 +BuildRequires: libTMCG-devel >= 1.3.14 +BuildRequires: libbz2-devel BuildRequires: libgcrypt-devel >= 1.6 BuildRequires: libgpg-error-devel >= 1.12 +BuildRequires: zlib-devel %description The Distributed Privacy Guard (DKGPG) implements Distributed Key