rpms/gnupg2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

new upstream release

Browse Source 
- this release now includes the dirmngr which is obsoleted as separate package
This commit is contained in:
Tomas Mraz 2015-01-29 18:00:00 +01:00
parent 08169c02ae
commit c26cee9bfb
7 changed files with 91 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -16,3 +16,5 @@ gnupg-2.0.16.tar.bz2.sig
/gnupg-2.0.24.tar.bz2.sig /gnupg-2.0.24.tar.bz2.sig
/gnupg-2.0.25.tar.bz2 /gnupg-2.0.25.tar.bz2
/gnupg-2.0.25.tar.bz2.sig /gnupg-2.0.25.tar.bz2.sig
/gnupg-2.1.1.tar.bz2
/gnupg-2.1.1.tar.bz2.sig

78
gnupg-2.0.19-fips-algo.patch
View File

@ -1,78 +0,0 @@
diff -up gnupg-2.0.19/g10/encode.c.fips gnupg-2.0.19/g10/encode.c
--- gnupg-2.0.19/g10/encode.c.fips 2012-03-27 10:00:37.000000000 +0200
+++ gnupg-2.0.19/g10/encode.c 2012-11-22 15:51:23.314371267 +0100
@@ -732,7 +732,7 @@ encrypt_filter( void *opaque, int contro
if( efx->cfx.dek->algo == -1 ) {
/* because 3DES is implicitly in the prefs, this can only
* happen if we do not have any public keys in the list */
- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO;
+ efx->cfx.dek->algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO;
}
/* In case 3DES has been selected, print a warning if
diff -up gnupg-2.0.19/g10/gpg.c.fips gnupg-2.0.19/g10/gpg.c
--- gnupg-2.0.19/g10/gpg.c.fips 2012-11-22 15:51:23.308371138 +0100
+++ gnupg-2.0.19/g10/gpg.c 2012-11-22 15:51:23.315371289 +0100
@@ -1973,7 +1973,7 @@ main (int argc, char **argv)
opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_count = 0; /* Auto-calibrate when needed. */
- opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
+ opt.s2k_cipher_algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : CIPHER_ALGO_CAST5;
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.max_cert_depth = 5;
diff -up gnupg-2.0.19/g10/mainproc.c.fips gnupg-2.0.19/g10/mainproc.c
--- gnupg-2.0.19/g10/mainproc.c.fips 2012-03-27 10:00:37.000000000 +0200
+++ gnupg-2.0.19/g10/mainproc.c 2012-11-22 16:43:51.876084682 +0100
@@ -685,9 +685,11 @@ proc_plaintext( CTX c, PACKET *pkt )
often. There is no good way to specify what algorithms to
use in that case, so these three are the historical
answer. */
- gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
+ if( !gcry_fips_mode_active() )
+ gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
- gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
+ if( !gcry_fips_mode_active() )
+ gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
}
if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
/* This is a kludge to work around a bug in pgp2. It does only
@@ -2157,24 +2159,30 @@ proc_tree( CTX c, KBNODE node )
else if( !c->any.data ) {
/* detached signature */
free_md_filter_context( &c->mfx );
- if (gcry_md_open (&c->mfx.md, sig->digest_algo, 0))
- BUG ();
+ if (gcry_md_open (&c->mfx.md, sig->digest_algo, 0)) {
+ log_error("Digest algorithm not available probably due to FIPS mode.\n");
+ return;
+ }
if( !opt.pgp2_workarounds )
;
else if( sig->digest_algo == DIGEST_ALGO_MD5
&& is_RSA( sig->pubkey_algo ) ) {
/* enable a workaround for a pgp2 bug */
- if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0))
- BUG ();
+ if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0)) {
+ log_error("Digest algorithm not available probably due to FIPS mode.\n");
+ return;
+ }
}
else if( sig->digest_algo == DIGEST_ALGO_SHA1
&& sig->pubkey_algo == PUBKEY_ALGO_DSA
&& sig->sig_class == 0x01 ) {
/* enable the workaround also for pgp5 when the detached
* signature has been created in textmode */
- if (gcry_md_open (&c->mfx.md2, sig->digest_algo, 0 ))
- BUG ();
+ if (gcry_md_open (&c->mfx.md2, sig->digest_algo, 0 )) {
+ log_error("Digest algorithm not available.\n");
+ return;
+ }
}
#if 0 /* workaround disabled */
/* Here we have another hack to work around a pgp 2 bug

94
gnupg-2.0.25-file-is-digest.patch → gnupg-2.1.1-file-is-digest.patch
View File

@ -1,7 +1,7 @@
diff -up gnupg-2.0.25/g10/gpg.c.file-is-digest gnupg-2.0.25/g10/gpg.c diff -up gnupg-2.1.1/g10/gpg.c.file-is-digest gnupg-2.1.1/g10/gpg.c
--- gnupg-2.0.25/g10/gpg.c.file-is-digest 2014-08-05 16:46:28.865869320 +0200 --- gnupg-2.1.1/g10/gpg.c.file-is-digest 2015-01-29 16:56:43.043680964 +0100
+++ gnupg-2.0.25/g10/gpg.c 2014-08-05 16:49:27.520063937 +0200 +++ gnupg-2.1.1/g10/gpg.c 2015-01-29 16:59:20.875250453 +0100
@@ -345,6 +345,7 @@ enum cmd_and_opt_values @@ -349,6 +349,7 @@ enum cmd_and_opt_values
oTTYtype, oTTYtype,
oLCctype, oLCctype,
oLCmessages, oLCmessages,
@ -9,34 +9,34 @@ diff -up gnupg-2.0.25/g10/gpg.c.file-is-digest gnupg-2.0.25/g10/gpg.c
oXauthority, oXauthority,
oGroup, oGroup,
oUnGroup, oUnGroup,
@@ -711,6 +712,7 @@ static ARGPARSE_OPTS opts[] = { @@ -730,6 +731,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"),
ARGPARSE_s_s (oPersonalCompressPreferences, ARGPARSE_s_s (oPersonalCompressPreferences,
"personal-compress-preferences", "@"), "personal-compress-preferences", "@"),
ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
+ ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"), + ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
/* Aliases. I constantly mistype these, and assume other people do /* Aliases. I constantly mistype these, and assume other people do
as well. */ as well. */
@@ -2003,6 +2005,7 @@ main (int argc, char **argv) @@ -2126,6 +2128,7 @@ main (int argc, char **argv)
set_homedir ( default_homedir () ); set_homedir (default_homedir ());
opt.passphrase_repeat=1; opt.passphrase_repeat = 1;
opt.emit_version = 1; /* Limit to the major number. */ opt.emit_version = 1; /* Limit to the major number. */
+ opt.file_is_digest=0; + opt.file_is_digest=0;
opt.list_options |= LIST_SHOW_UID_VALIDITY; /* Check whether we have a config file on the command line. */
opt.verify_options |= LIST_SHOW_UID_VALIDITY; orig_argc = argc;
@@ -2493,6 +2496,7 @@ main (int argc, char **argv) @@ -2630,6 +2633,7 @@ main (int argc, char **argv)
opt.verify_options&=~VERIFY_SHOW_PHOTOS;
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
case oForceV3Sigs: opt.force_v3_sigs = 1; break;
case oNoForceV3Sigs: opt.force_v3_sigs = 0; break;
+ case oFileIsDigest: opt.file_is_digest = 1; break; + case oFileIsDigest: opt.file_is_digest = 1; break;
case oForceV4Certs: opt.force_v4_certs = 1; break;
case oNoForceV4Certs: opt.force_v4_certs = 0; break;
case oForceMDC: opt.force_mdc = 1; break; case oForceMDC: opt.force_mdc = 1; break;
diff -up gnupg-2.0.25/g10/options.h.file-is-digest gnupg-2.0.25/g10/options.h case oNoForceMDC: opt.force_mdc = 0; break;
--- gnupg-2.0.25/g10/options.h.file-is-digest 2014-06-30 17:28:52.000000000 +0200 diff -up gnupg-2.1.1/g10/options.h.file-is-digest gnupg-2.1.1/g10/options.h
+++ gnupg-2.0.25/g10/options.h 2014-08-05 16:46:28.869869414 +0200 --- gnupg-2.1.1/g10/options.h.file-is-digest 2014-12-08 15:06:10.000000000 +0100
@@ -198,6 +198,7 @@ struct +++ gnupg-2.1.1/g10/options.h 2015-01-29 16:56:43.046681031 +0100
@@ -192,6 +192,7 @@ struct
int no_auto_check_trustdb; int no_auto_check_trustdb;
int preserve_permissions; int preserve_permissions;
int no_homedir_creation; int no_homedir_creation;
@ -44,23 +44,25 @@ diff -up gnupg-2.0.25/g10/options.h.file-is-digest gnupg-2.0.25/g10/options.h
struct groupitem *grouplist; struct groupitem *grouplist;
int mangle_dos_filenames; int mangle_dos_filenames;
int enable_progress_filter; int enable_progress_filter;
diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c diff -up gnupg-2.1.1/g10/sign.c.file-is-digest gnupg-2.1.1/g10/sign.c
--- gnupg-2.0.25/g10/sign.c.file-is-digest 2014-06-30 17:28:52.000000000 +0200 --- gnupg-2.1.1/g10/sign.c.file-is-digest 2014-12-15 09:44:05.000000000 +0100
+++ gnupg-2.0.25/g10/sign.c 2014-08-05 16:46:28.870869438 +0200 +++ gnupg-2.1.1/g10/sign.c 2015-01-29 17:12:20.820889554 +0100
@@ -665,8 +665,12 @@ write_signature_packets (SK_LIST sk_list @@ -706,8 +706,12 @@ write_signature_packets (SK_LIST sk_list
mk_notation_policy_etc (sig, NULL, sk); mk_notation_policy_etc (sig, NULL, pk);
} }
+ if (!opt.file_is_digest) { - hash_sigversion_to_magic (md, sig);
hash_sigversion_to_magic (md, sig); - gcry_md_final (md);
gcry_md_final (md); + if (!opt.file_is_digest) {
+ } else if (sig->version >= 4) { + hash_sigversion_to_magic (md, sig);
+ log_bug("file-is-digest doesn't work with v4 sigs\n"); + gcry_md_final (md);
+ } + } else if (sig->version >= 4) {
+ log_bug("file-is-digest doesn't work with v4 sigs\n");
+ }
rc = do_sign( sk, sig, md, hash_for (sk) ); rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
gcry_md_close (md); gcry_md_close (md);
@@ -723,6 +727,8 @@ sign_file( strlist_t filenames, int deta @@ -765,6 +769,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
SK_LIST sk_rover = NULL; SK_LIST sk_rover = NULL;
int multifile = 0; int multifile = 0;
u32 duration=0; u32 duration=0;
@ -69,7 +71,7 @@ diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c
pfx = new_progress_context (); pfx = new_progress_context ();
afx = new_armor_context (); afx = new_armor_context ();
@@ -739,7 +745,16 @@ sign_file( strlist_t filenames, int deta @@ -781,7 +787,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
fname = NULL; fname = NULL;
if( fname && filenames->next && (!detached || encryptflag) ) if( fname && filenames->next && (!detached || encryptflag) )
@ -87,7 +89,7 @@ diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c
if(encryptflag==2 if(encryptflag==2
&& (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
@@ -767,7 +782,7 @@ sign_file( strlist_t filenames, int deta @@ -802,7 +817,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
goto leave; goto leave;
/* prepare iobufs */ /* prepare iobufs */
@ -96,16 +98,16 @@ diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c
inp = NULL; /* we do it later */ inp = NULL; /* we do it later */
else { else {
inp = iobuf_open(fname); inp = iobuf_open(fname);
@@ -900,7 +915,7 @@ sign_file( strlist_t filenames, int deta @@ -940,7 +955,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
gcry_md_enable (mfx.md, hash_for(sk)); for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
} gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
- if( !multifile ) - if( !multifile )
+ if( !multifile && !opt.file_is_digest ) + if( !multifile && !opt.file_is_digest )
iobuf_push_filter( inp, md_filter, &mfx ); iobuf_push_filter( inp, md_filter, &mfx );
if( detached && !encryptflag && !RFC1991 ) if( detached && !encryptflag)
@@ -955,6 +970,8 @@ sign_file( strlist_t filenames, int deta @@ -995,6 +1010,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
write_status_begin_signing (mfx.md); write_status_begin_signing (mfx.md);
@ -114,7 +116,7 @@ diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c
/* Setup the inner packet. */ /* Setup the inner packet. */
if( detached ) { if( detached ) {
if( multifile ) { if( multifile ) {
@@ -995,6 +1012,45 @@ sign_file( strlist_t filenames, int deta @@ -1035,6 +1052,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
if( opt.verbose ) if( opt.verbose )
putc( '\n', stderr ); putc( '\n', stderr );
} }
@ -160,14 +162,14 @@ diff -up gnupg-2.0.25/g10/sign.c.file-is-digest gnupg-2.0.25/g10/sign.c
else { else {
/* read, so that the filter can calculate the digest */ /* read, so that the filter can calculate the digest */
while( iobuf_get(inp) != -1 ) while( iobuf_get(inp) != -1 )
@@ -1012,8 +1068,8 @@ sign_file( strlist_t filenames, int deta @@ -1052,8 +1108,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
/* write the signatures */ /* write the signatures */
rc = write_signature_packets (sk_list, out, mfx.md, rc = write_signature_packets (sk_list, out, mfx.md,
- opt.textmode && !outfile? 0x01 : 0x00, - opt.textmode && !outfile? 0x01 : 0x00,
- 0, duration, detached ? 'D':'S'); - 0, duration, detached ? 'D':'S', NULL);
+ sigclass, + sigclass,
+ timestamp, duration, detached ? 'D':'S'); + timestamp, duration, detached ? 'D':'S', NULL);
if( rc ) if( rc )
goto leave; goto leave;

13
gnupg-2.1.1-fips-algo.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up gnupg-2.1.1/g10/mainproc.c.fips gnupg-2.1.1/g10/mainproc.c
--- gnupg-2.1.1/g10/mainproc.c.fips 2015-01-29 17:19:49.266031504 +0100
+++ gnupg-2.1.1/g10/mainproc.c 2015-01-29 17:27:13.938088122 +0100
@@ -719,7 +719,8 @@ proc_plaintext( CTX c, PACKET *pkt )
according to 2440, so hopefully it won't come up that often.
There is no good way to specify what algorithms to use in
that case, so these there are the historical answer. */
- gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
+ if (!gcry_fips_mode_active())
+ gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
gcry_md_enable (c->mfx.md, DIGEST_ALGO_SHA1);
}
if (DBG_HASHING)

8
gnupg-2.0.20-ocsp-keyusage.patch → gnupg-2.1.1-ocsp-keyusage.patch
View File

@ -1,11 +1,11 @@
diff -up gnupg-2.0.20/sm/certlist.c.keyusage gnupg-2.0.20/sm/certlist.c diff -up gnupg-2.1.1/sm/certlist.c.keyusage gnupg-2.1.1/sm/certlist.c
--- gnupg-2.0.20/sm/certlist.c.keyusage 2013-05-10 14:55:49.000000000 +0200 --- gnupg-2.1.1/sm/certlist.c.keyusage 2014-11-27 11:51:36.000000000 +0100
+++ gnupg-2.0.20/sm/certlist.c 2013-05-15 14:15:57.420276618 +0200 +++ gnupg-2.1.1/sm/certlist.c 2015-01-29 17:30:57.117135497 +0100
@@ -146,10 +146,9 @@ cert_usage_p (ksba_cert_t cert, int mode @@ -146,10 +146,9 @@ cert_usage_p (ksba_cert_t cert, int mode
if (mode == 5) if (mode == 5)
{ {
- if (use != ~0 - if (use != ~0
- && (have_ocsp_signing - && (have_ocsp_signing
- || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN - || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
- |KSBA_KEYUSAGE_CRL_SIGN)))) - |KSBA_KEYUSAGE_CRL_SIGN))))

33
gnupg2.spec
View File

@ -1,7 +1,7 @@
Summary: Utility for secure communication and data storage Summary: Utility for secure communication and data storage
Name: gnupg2 Name: gnupg2
Version: 2.0.25 Version: 2.1.1
Release: 2%{?dist} Release: 1%{?dist}
License: GPLv3+ License: GPLv3+
Group: Applications/System Group: Applications/System
@ -12,9 +12,9 @@ Source1: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.
Patch1: gnupg-2.0.20-insttools.patch Patch1: gnupg-2.0.20-insttools.patch
Patch3: gnupg-2.0.20-secmem.patch Patch3: gnupg-2.0.20-secmem.patch
# non-upstreamable patch adding file-is-digest option needed for Copr # non-upstreamable patch adding file-is-digest option needed for Copr
Patch4: gnupg-2.0.25-file-is-digest.patch Patch4: gnupg-2.1.1-file-is-digest.patch
Patch5: gnupg-2.0.20-ocsp-keyusage.patch Patch5: gnupg-2.1.1-ocsp-keyusage.patch
Patch6: gnupg-2.0.19-fips-algo.patch Patch6: gnupg-2.1.1-fips-algo.patch
URL: http://www.gnupg.org/ URL: http://www.gnupg.org/
@ -23,14 +23,14 @@ BuildRequires: bzip2-devel
BuildRequires: curl-devel BuildRequires: curl-devel
BuildRequires: docbook-utils BuildRequires: docbook-utils
BuildRequires: gettext BuildRequires: gettext
BuildRequires: libassuan-devel >= 2.0.0 BuildRequires: libassuan-devel >= 2.1.0
BuildRequires: libgcrypt-devel >= 1.4 BuildRequires: libgcrypt-devel >= 1.6.0
BuildRequires: libgpg-error-devel => 1.4 BuildRequires: libgpg-error-devel >= 1.16
BuildRequires: libksba-devel >= 1.0.2 BuildRequires: libksba-devel >= 1.3.0
BuildRequires: openldap-devel BuildRequires: openldap-devel
BuildRequires: libusb-devel BuildRequires: libusb-devel
BuildRequires: pcsc-lite-libs BuildRequires: pcsc-lite-libs
BuildRequires: pth-devel BuildRequires: npth-devel
BuildRequires: readline-devel ncurses-devel BuildRequires: readline-devel ncurses-devel
BuildRequires: zlib-devel BuildRequires: zlib-devel
@ -46,6 +46,9 @@ Provides: gnupg = %{version}-%{release}
Obsoletes: gnupg <= 1.4.10 Obsoletes: gnupg <= 1.4.10
%endif %endif
Provides: dirmngr = %{version}-%{release}
Obsoletes: dirmngr < 1.2.0-1
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
%package smime %package smime
@ -87,13 +90,14 @@ to the base GnuPG package
# it can use other implementations too (including non-pcsc ones). # it can use other implementations too (including non-pcsc ones).
%global pcsclib %(basename $(ls -1 %{_libdir}/libpcsclite.so.? 2>/dev/null ) 2>/dev/null ) %global pcsclib %(basename $(ls -1 %{_libdir}/libpcsclite.so.? 2>/dev/null ) 2>/dev/null )
sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/{scdaemon,pcsc-wrapper}.c sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c
%build %build
%configure \ %configure \
--disable-rpath \ --disable-rpath \
--disable-gpgtar \
--enable-standard-socket --enable-standard-socket
# need scratch gpg database for tests # need scratch gpg database for tests
@ -166,6 +170,9 @@ fi
%{_bindir}/gpg-agent %{_bindir}/gpg-agent
%{_bindir}/gpgconf %{_bindir}/gpgconf
%{_bindir}/gpgparsemail %{_bindir}/gpgparsemail
%{_bindir}/g13
%{_bindir}/dirmngr
%{_bindir}/dirmngr-client
%if 0%{?rhel} > 5 %if 0%{?rhel} > 5
%{_bindir}/gpg %{_bindir}/gpg
%{_bindir}/gpgv %{_bindir}/gpgv
@ -196,6 +203,10 @@ fi
%changelog %changelog
* Thu Jan 29 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.1-1
- new upstream release
- this release now includes the dirmngr which is obsoleted as separate package
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.25-2 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

4
sources
View File

@ -1,2 +1,2 @@
048d8de797125f1d8e6cf3bdff9e2d12 gnupg-2.0.25.tar.bz2 9a314c3dcef0a091de90b6aa4d467db5 gnupg-2.1.1.tar.bz2
d474ba42cba833734c6196b7e6f5d853 gnupg-2.0.25.tar.bz2.sig 90128fcb4a2fefa81576666361b36aab gnupg-2.1.1.tar.bz2.sig