Note:
When we change the allocation, hmac256.c will not be standalone any more (as commented in the head of the file), and we will need to change the compile-command line to include libgpg-error.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Apr 11 2018
Apr 10 2018
I check this report again.
The test is single thread, IIUC.
Apr 5 2018
Hmmm, needs to be investigated.
For secmem.c this is on purpose. For the others we should fix that.
Thanks. Indeed this should also use the x... wrappers. It is not severe because this value is only used as a fixed constant.
Thus we won't fix it in 1.8 but should do this 1.9.
Apr 4 2018
Mar 20 2018
Feb 10 2018
Jan 31 2018
Jan 30 2018
Jan 16 2018
Jan 15 2018
I already talked with the upstream author and we figured a possible problem due to an non-locked use of the core function. The cause of this is
unsigned char *tmpval = ec->mem + ec->memlocation; *tmpval = (*tmpval + 1) & 0xff; ec->memlocation = ec->memlocation + ec->memblocksize - 1; ec->memlocation = ec->memlocation % wrap;
which is non-atomic and will thus leads to the out-of-bounds deref. The EC object may only be used by one thread at a time.
It is reproducible on my Debian (stretch). I'm going to minimize the case.
Jan 14 2018
Have posted in gcrypt-devel mailer.. thanks
Jan 13 2018
Jan 12 2018
Will be posting it in gcrypt-devel shortly.
Hope you've got the problem with the current naming conventions for arguments and the result by going them. We should either document the arguments properly or change the code as i have pointed out. Since the iterations argument used properly in the case PBKDF2 (type8) within the same wrapper api gcry_kdf_derive.
I would also suggest to discuss this at the gcrypt-devel list so that you can get get comments from others as well.
Your are looking at the libgcrypt code. Unfortunately that does not help us. What I would like to see are two protocol implementations, using sccryptone with libgcrypt and one with anoter scruypt implementation. Do they both work? If so, there is no bug in libgcrypt's code - at best the parameter have been given different names and we can point other name use in the docs.
Here's what i got from 1.8.1 code (downloaded from gnupg).
tests/t-kdf uses test vectors from an I-D and obviously works fine. Maybe that I-D has a different parameter naming than what is used in your examples. I simply can't say without researching the whole thing. Please let t me know a concrete bug where that KDF is not compatible with other implementations. As an example here is one of our test vectors:
Jan 11 2018
The segfault from an openSUSE machine looks the same:
Okay, so on Suse we have the same problem w/o the somewhat intrusive changes of Fedora. The inetresting thing is that segv code part is the same as used in Linux.
The issue also occurs on openSUSE Tumbleweed:
libgpg-error is version 1.27: https://src.fedoraproject.org/rpms/libgpg-error/tree/f27
You can find the patches applied to libgcrypto here: https://src.fedoraproject.org/rpms/libgcrypt/tree/f27
Thanks for the report. I have a few questions, though
Which version of libgpg-error are you using?
What are the changes Fedora made to libgcrypt (and libgpg-error)?
Which CPU, what compile options and which compiler version?
Can you repeat this with a stock libgcrypt and libgpg-error?
Dec 12 2017
Great, many thanks.
The fatal bug you reported can happen if the process is running out of secure memory. In general it should return an error but there is one place where we assumed the allocation would always succeed. This has meanwhile changed in the repo and will go into 1.8.2 However, this is not the real problem you have but just a wrong error behaviour.
Dec 11 2017
Version 1.8.1. The full output is
Which libgcrypt version are you using (gpg --version shows it)
Nov 16 2017
Add the tag of npth (forgotten).
Nov 15 2017
Done for libassuan
Nov 9 2017
Right, we can't do anything in Libgcrypt except for adding a way to return the open fds. This is the usual problem with libraries and the required closing of fds before an exec. Anyway the FIPS mode is questionable because it has not been adjusted for many years and does not take account newer requirements.
ECDH on Curve25519 is fully supported in libgcrypt. You can see GnuPG supports ECDH on Curve25519.
Lower layer routines (point addition and point duplication) are not implemented, though.
That's because ECDH only requires point multiplication and it is better to implement point multiplication by Montgomery Ladder for Curve25519.
Fixed both for master and 1.8 branch.
Nov 8 2017
Nov 1 2017
How about adding support with private in keyparam?
- (genkey(rsa(nbit 2048)(d xxxx)(p xxxx)(q xxxx)(u xxxx))) ; Only p and q, is OK
- (genkey(ecc(curve cv25519)(flags djb-tweak comp)(d xxx)))
Oct 26 2017
Thanks for the list
Here is the list:
- libgcrypt
- libassuan
- ntbtls
- gpgme : autogen.sh is ready
- npth
Oct 25 2017
Thanks for the information.
Closing, as I pushed rC94b84360ca55: Add OID information for SM3..
CESI also publishes a complete white pager documenting OID assignment in details. See http://www.cesi.cn/201612/1688.html and download the pdf. Search "10197" and I see the following info:
OK, I found: http://www.oidchina.cn/oid/release/1.2.156.10197.
站点: 国家OID注册中心
数字OID: 10197
中文OID:
英文OID: sca10197
应用范围: 密码标准化技术委员会
I use: 1.2.156.10197.1.401
Oct 24 2017
I am now examining OID allocation.
I'll add the OID of SM3 into sm3.c.
Oct 21 2017
Oct 17 2017
In T3454#104310, @gniibe wrote:This is my note.
If it is intended to be used to OpenPGP, GCRY_MD_SM3 should be assigned in OpenPGP standard.
In T3454#104309, @gniibe wrote:Thank you. The diff doesn't include sm3.c. Could you please update?
This is my note.
If it is intended to be used to OpenPGP, GCRY_MD_SM3 should be assigned in OpenPGP standard.
Thank you. The diff doesn't include sm3.c. Could you please update?
This is the review request link: https://dev.gnupg.org/D449
Sep 21 2017
Closing due to compiler error.
Sep 14 2017
Aug 29 2017
I recall something about this on our mailing list.
Pushed for master.
Aug 27 2017
I prepared Libgcrypt for the 1.9 series, thus feel free to merge your patches to master anytime you like.
Aug 23 2017
Bonus: less memory usage and performance improvement.
Aug 21 2017
Aug 20 2017
Aug 17 2017
Aug 16 2017
Aug 7 2017
Done in a7bd2cbd.
Aug 4 2017
Please ask any Unix sysadmin for help. Paid support is available from the companies listed here: https://gnupg.org/service.html and there are lot of others.
Hi Werner,
Aug 3 2017
The platform is illumos, a fork of OpenSolaris.
No response.
Aug 2 2017
Thanks for the update, any fix for above issues not able make and make install
I don't know. We only provide binary packages for Windows.
could you tell me how to download direct binary pkg which we can directly install for solaris 10
below also failed to make .
HI Werner,
Aug 1 2017
No, it's not. It still misses "-O" entirely.
It's solved!
Jul 31 2017
getting same error with 1.7 version also.
Could you please help me on this, any fix do you have for this kind of issue.
not able to apply given patch in my unix box, please find the below output.
Jul 30 2017
Could you please provide me the dyñamic library path to set my profile Solaris 10 command
Jul 29 2017
On Sat, 29 Jul 2017 15:12, noreply@dev.gnupg.org said:
could you please guide me order to install below libraries and I will update you once I apply that patch .
Also could you please guide me the order to install these libraries to solaris box.
I am installing as below order:
npth-1.5
libgpg-error-1.27.tar
libgcrypt-1.8.0.tar
libassuan-2.4.3.tar
libksba-1.3.5.tar
gnupg-2.1.21.tar
You can apply this patch by first navigating to libgcrypt-1.8 path and then giving following command (you need 'patch' tool to be installed):
please guide me how to add this patch in solaris 10 os version
In libgcrypt, _gcry_md_extract has different return type in gcrypt-int.h than in md.c. Does attached patch solve the problem?