Page MenuHome GnuPG
Feed Advanced Search

Aug 16 2021

Jakuje added a comment to T5520: Fix tests in FIPS mode.

Tested the master on (faked) FIPS and non-FIPS Fedora and I created couple of more changes for master to work in FIPS mode:

Aug 16 2021, 4:16 PM · FIPS, libgcrypt, Bug Report
werner triaged T5523: jitter entropy RNG update as Normal priority.
Aug 16 2021, 11:08 AM · FIPS, libgcrypt
gniibe changed the status of T5244: libgcrypt: Restrict MD5 use from Open to Testing.

Since I think there is no reason why checking _gcry_enforced_fips_mode () here, I remove the check.

Aug 16 2021, 9:23 AM · Bug Report, FIPS, libgcrypt
gniibe added a comment to T5244: libgcrypt: Restrict MD5 use.

Applied by rC0f118c2dfb8e: cipher: Do not use of non-approved digests in FIPS mode.

Aug 16 2021, 4:40 AM · Bug Report, FIPS, libgcrypt

Aug 13 2021

werner changed the edit policy for libgcrypt.
Aug 13 2021, 11:08 PM
werner changed the edit policy for T5467: Release libgcrypt 1.8.9.
Aug 13 2021, 11:59 AM · libgcrypt, Release Info
werner placed T5467: Release libgcrypt 1.8.9 up for grabs.
Aug 13 2021, 11:59 AM · libgcrypt, Release Info
werner updated subscribers of T5402: Release Libgcrypt 1.9.4.
Aug 13 2021, 11:56 AM · Release Info, libgcrypt
werner changed the edit policy for T5402: Release Libgcrypt 1.9.4.
Aug 13 2021, 11:55 AM · Release Info, libgcrypt
werner placed T5402: Release Libgcrypt 1.9.4 up for grabs.
Aug 13 2021, 11:55 AM · Release Info, libgcrypt
jace888 claimed T5402: Release Libgcrypt 1.9.4.
Aug 13 2021, 11:41 AM · Release Info, libgcrypt
jace888 updated subscribers of T5467: Release libgcrypt 1.8.9.
Aug 13 2021, 11:40 AM · libgcrypt, Release Info
jace888 claimed T5467: Release libgcrypt 1.8.9.
Aug 13 2021, 11:39 AM · libgcrypt, Release Info

Aug 6 2021

gniibe triaged T5550: Fix check_binary_integrity as Normal priority.
Aug 6 2021, 9:37 AM · FIPS, libgcrypt

Aug 5 2021

gniibe updated the task description for T5547: Single thread support with newer GNU C library (2.34 or later).
Aug 5 2021, 8:31 AM · gpgrt
gniibe added a project to T5547: Single thread support with newer GNU C library (2.34 or later): libgcrypt.
Aug 5 2021, 8:30 AM · gpgrt

Aug 4 2021

gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Ah, I understand the point (at least, partially); My understanding is: With FIPS mode, at the module boundary (== libgcrypt), it ensures that all cipher/digest/etc. operations are done under the standard compliance, and it is considered wrong (violation) when non-FIPS mode operation (such as SHA-1) and FIPS mode operation are mixed.

Aug 4 2021, 5:39 AM · FIPS, libgcrypt, Feature Request

Aug 3 2021

Jakuje added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

In RHEL, we do not have anything about PCT so the PCT requirement is not completely clear to me: https://git.centos.org/rpms/libgcrypt/blob/c8s/f/SOURCES

Aug 3 2021, 1:33 PM · FIPS, libgcrypt, Feature Request
gniibe triaged T5541: Envvar LIBGCRYPT_FORCE_FIPS_MODE as Normal priority.
Aug 3 2021, 4:53 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T5540: Update fipsdrv and cavs_driver.pl.

SUSE has patches and version 3235 of cavs_driver.pl, bud it seems that it doesn't support DSA with Q+HASHALGO yet.

Aug 3 2021, 4:48 AM · FIPS, libgcrypt
gniibe triaged T5540: Update fipsdrv and cavs_driver.pl as Normal priority.
Aug 3 2021, 4:46 AM · FIPS, libgcrypt

Aug 1 2021

werner added a comment to T5490: gcry_pk_get_param aborts program with error on "Curve25519".

Hmm, do we need a backport?

Aug 1 2021, 10:59 AM · libgcrypt, Bug Report
werner triaged T5433: libgcrypt: Do not use SHA1 by default as Normal priority.
Aug 1 2021, 10:57 AM · FIPS, libgcrypt, Bug Report

Jul 31 2021

jukivili claimed T4486: Add AEAD mode AES-SIV to libgcrypt (RFC 5297).
Jul 31 2021, 12:36 PM · Feature Request, libgcrypt

Jul 29 2021

gniibe added a comment to T5520: Fix tests in FIPS mode.

As a start, I applied your patches.

Jul 29 2021, 7:38 AM · FIPS, libgcrypt, Bug Report
gniibe claimed T5508: Allow hardware optimizations in FIPS.
Jul 29 2021, 7:25 AM · FIPS, libgcrypt, Bug Report
gniibe changed the status of T5508: Allow hardware optimizations in FIPS from Open to Testing.
Jul 29 2021, 7:25 AM · FIPS, libgcrypt, Bug Report
gniibe changed the status of T5530: Add "prehash" support to DSA and ECDSA signing from Open to Testing.
Jul 29 2021, 5:00 AM · Restricted Project, FIPS, libgcrypt, Feature Request
gniibe changed the status of T5530: Add "prehash" support to DSA and ECDSA signing, a subtask of T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation, from Open to Testing.
Jul 29 2021, 5:00 AM · FIPS, libgcrypt, Feature Request

Jul 23 2021

gniibe triaged T5530: Add "prehash" support to DSA and ECDSA signing as Normal priority.
Jul 23 2021, 8:18 AM · Restricted Project, FIPS, libgcrypt, Feature Request
gniibe updated the task description for T5529: Support internal hashing for RSA-PSS.
Jul 23 2021, 7:36 AM · libgcrypt, Feature Request
gniibe updated the task description for T5529: Support internal hashing for RSA-PSS.
Jul 23 2021, 7:22 AM · libgcrypt, Feature Request
gniibe triaged T5529: Support internal hashing for RSA-PSS as Normal priority.
Jul 23 2021, 4:26 AM · libgcrypt, Feature Request

Jul 16 2021

gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

And... as long as I read the PCT patches, it is not needed to export those API to users.
It is only needed internally for PCT tests (at most).

Jul 16 2021, 10:12 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

I am considering API enhancement, for this task.

Jul 16 2021, 10:01 AM · FIPS, libgcrypt, Feature Request

Jul 13 2021

Jakuje added a comment to T5520: Fix tests in FIPS mode.

I went through the patches above + what I suggested in previous comments, tested everything against both upstream and libgcrypt in Fedora in FIPS mode. There were slight differences, some cases were already fixed in master, some needed to upstream some of our changes, but the result is 10 patches working in both FIPS and non-fips mode, hopefully enough annotated. If not, please, ask for clarifications.

Jul 13 2021, 11:25 PM · FIPS, libgcrypt, Bug Report

Jul 12 2021

werner set External Link to https://eprint.iacr.org/2021/923.pdf on T5328: On the (in)security of Elgamal in OpenPGP.
Jul 12 2021, 6:11 PM · side-channel, CVE, libgcrypt
Jakuje added a comment to T5512: Implement service indicators.

I went through the OpenSSL drafts. The module boundary in OpenSSL will be separate fips.so object and only non-deprecated functions of OpenSSL 3.0 will be FIPS compliant. There is a global state, that will allow only approved algorithms and modes and there will be API to query the FIPS mode status using OSSL_PARAM_get* functions, but we still have some unknowns so I hope we will know more on the next meeting.

Jul 12 2021, 3:42 PM · Feature Request, FIPS, libgcrypt
gniibe created T5523: jitter entropy RNG update.
Jul 12 2021, 11:36 AM · FIPS, libgcrypt
werner assigned T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation to gniibe.
Jul 12 2021, 11:20 AM · FIPS, libgcrypt, Feature Request
werner raised the priority of T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation from Normal to High.
Jul 12 2021, 11:20 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T4873: Enable AES GCM in FIPS mode.

(OpenSSL for FIPS support is a bit tricky, which is described in README-FIPS.md in their distribution. It offers OpenSSL FIPS provider as shared library fips.so.)

Jul 12 2021, 3:38 AM · FIPS, libgcrypt, Feature Request

Jul 9 2021

gniibe added a comment to T5512: Implement service indicators.

Just FYI, NSS offers following API:

Jul 9 2021, 8:11 AM · Feature Request, FIPS, libgcrypt

Jul 8 2021

Jakuje added a comment to T4873: Enable AES GCM in FIPS mode.

I have couple of references from libssh:

Jul 8 2021, 2:57 PM · FIPS, libgcrypt, Feature Request
werner added a comment to T4873: Enable AES GCM in FIPS mode.

gniibe: Can you please check what openssl does exactly. The problem is that we currently have no permanent state for Libgcrypt (i.e. something stored on disk per user or even better global)

Jul 8 2021, 2:29 PM · FIPS, libgcrypt, Feature Request
werner added a comment to T4873: Enable AES GCM in FIPS mode.

FWIW: Unfortunately everyone is moving to GCM, even Outlook. While GnuPG was evaluated by the German BSI we had discussions about this and their evaluators were wary about GCM due to its brittleness thus our use of OCB was very welcomed. OTOH, another approved product meanwhile comes with GCM for S/MIME and thus it seems thatGCM is accepted.

Jul 8 2021, 2:20 PM · FIPS, libgcrypt, Feature Request
Jakuje added a comment to T5521: Use of conscious language.

There is no point in questioning whether a couple of words change racism or any other human problems of these days. It will not.

Jul 8 2021, 10:38 AM · gnupg24, Won't Fix, Feature Request, gnupg (gpg23), libgcrypt
Jakuje added a comment to T5520: Fix tests in FIPS mode.

I was so far testing with changes on top of our patches.

Jul 8 2021, 10:26 AM · FIPS, libgcrypt, Bug Report
Jakuje added a comment to T4873: Enable AES GCM in FIPS mode.

Right. The AES-GCM was not allowed in FIPS mode until recently and I think now it is acceptable only for certain protocols (TLS, SSH), which guarantee that the IV is handled "correctly". As mentioned by gniibe, the requirements is that one should not be able to set IV to any specific value. The IV should be incremented automatically inside of the library (with some mask length + some generator configuration), somehow similarly as it is done with openssl, which would probably requite a new API in libgcrypt.

Jul 8 2021, 10:09 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5520: Fix tests in FIPS mode.

With `/etc/gcrypt/fips_enabled/', make check fails by:

Jul 8 2021, 6:50 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T4873: Enable AES GCM in FIPS mode.

If I understand correctly, to conform FIPS, we need to ensure Key/IV pair uniqueness (See "Implementation Guidance for FIPS 140-3", Annex C. "C.H Key/IV Pair Uniqueness Requirements from SP 800-38D").
Use of the API to set IV by any value may be considered bad.

Jul 8 2021, 3:55 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5520: Fix tests in FIPS mode.

Update: still ./basic --fips fails (for me), because of GCM (18 errors).
Need to fix T4873: Enable AES GCM in FIPS mode.

Jul 8 2021, 2:58 AM · FIPS, libgcrypt, Bug Report

Jul 7 2021

werner triaged T5521: Use of conscious language as Wishlist priority.

Sorry, this is not acceptable to me. <rant>You don't change racism by avoid words which are may be connected to racism. Master is a term used for example to indicate that a person is proficient in her profession. Slave is (in theory) a historic term to describe, well slaves. That is humans who are non-free and are not allowed to control their lives - like the majority of humans these days - they are just called different and the methods of suppression are different than in the past. In fact a Roman slave (but not a medieval bondsman) had well defined and esteemed rights not something the majority of US citizen with a dark skin has in practice. Term abolished, racism abolished, works as good as freeing the US slaves in the 1856, the 1960, or still today. It did not work. Mr. Kings hope has not yet realized itself and is now maybe farther away than we all had hoped in the second half of the last century. Don't cover facts by changing words used in a very different context.</rant>

Jul 7 2021, 5:48 PM · gnupg24, Won't Fix, Feature Request, gnupg (gpg23), libgcrypt
jukivili added a comment to T5520: Fix tests in FIPS mode.

That crcalgo can be any digest algorithm and SHA256 seems best option to me.

Jul 7 2021, 5:29 PM · FIPS, libgcrypt, Bug Report
Jakuje created T5521: Use of conscious language.
Jul 7 2021, 5:00 PM · gnupg24, Won't Fix, Feature Request, gnupg (gpg23), libgcrypt
Jakuje added a comment to T5520: Fix tests in FIPS mode.

Thank you for checking and for revised patch. I tested your patch and it works fine for the basic test up until this failure with the crcalgo:

basic: algo 316, crcalgo: 3, gcry_md_open failed: Invalid digest algorithm
basic: algo 317, crcalgo: 3, gcry_md_open failed: Invalid digest algorithm

These are GCRY_MD_SHAKE128 and GCRY_MD_SHAKE256, but the md used here is actually GCRY_MD_RMD160 which is hardcoded and not allowed in FIPS.

Jul 7 2021, 3:15 PM · FIPS, libgcrypt, Bug Report
werner added a comment to T5520: Fix tests in FIPS mode.

That reminds me that we we should replace libgcrypt's internal debug functions by those from gpgrt. We have a dependency for gpgrt anyway and thus we should avoid code duplication. Sure we will keep the existsing public functions but that is easy given that gpgrt comes with gpgrt_logv since 1.28 which we can make mandatory (currently libgcrypt requires 1.27 (from 2017, with 1.28 is from 2018)

Jul 7 2021, 9:24 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5520: Fix tests in FIPS mode.

I applied rC297d31294333: tests: Fix messages to STDERR when FIPS mode is enabled.. Please note that your intention to change check_digests is right, but your patch actually didn't; When a MD algo is not supported, gcry_md_test_algo returns != 0 (an error code), and it "continues" to next entry (before the change).

Jul 7 2021, 8:19 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5520: Fix tests in FIPS mode.

Thank you for your report.

Jul 7 2021, 8:07 AM · FIPS, libgcrypt, Bug Report
gniibe claimed T5520: Fix tests in FIPS mode.
Jul 7 2021, 4:42 AM · FIPS, libgcrypt, Bug Report

Jul 6 2021

jukivili closed T5510: libgcrypt: incorrect computation for secp192r1 as Resolved.
Jul 6 2021, 6:02 PM · libgcrypt, Bug Report
werner triaged T5520: Fix tests in FIPS mode as High priority.
Jul 6 2021, 3:33 PM · FIPS, libgcrypt, Bug Report
werner added a project to T5520: Fix tests in FIPS mode: FIPS.
Jul 6 2021, 1:46 PM · FIPS, libgcrypt, Bug Report
Jakuje created T5520: Fix tests in FIPS mode.
Jul 6 2021, 12:03 PM · FIPS, libgcrypt, Bug Report
werner added a comment to T5433: libgcrypt: Do not use SHA1 by default.

With the planned new context aware pubkey functions we technically could do this change w/o an ABI break.

Jul 6 2021, 7:57 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5433: libgcrypt: Do not use SHA1 by default from Backlog to For 1.10 on the libgcrypt board.
Jul 6 2021, 6:33 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5508: Allow hardware optimizations in FIPS from Backlog to For 1.10 on the libgcrypt board.
Jul 6 2021, 6:33 AM · FIPS, libgcrypt, Bug Report

Jul 5 2021

gniibe added a comment to T5512: Implement service indicators.

Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program:
https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf

Jul 5 2021, 8:50 AM · Feature Request, FIPS, libgcrypt

Jul 2 2021

jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Got a new bug with regression range ccfa9f2c1427b40483984198c3df41f8057f69f8:6dfab8cfb94ccb485a15b13df3c499cbb06fddf2

curve=23 secp256r1
point=04555555ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff73a865e2e128733884fb82ce625ade822f7d8a59a4dcc09266966cf1bf082856
bignum=2020ff2020202020202020202020202020202020202020202020202020202020
nettle: 0 045549408909dd3e772d7d669f8fba2248d334b54be3d18833223d944a328948c76198ac3b29712256dcd9ce1a09471f04267684e1edd45910d61d0b7847db2d58
gcrypt: 0 047a6ec0df23082c8ce54c2b536d76b30464f4e1e690bb77665d298f05f0bee6806e7db3377141cc71ee30dcb8ffb7240bc3ecf29132ab5eb4ae03c067cea0d561
Jul 2 2021, 12:43 AM · libgcrypt, Bug Report

Jul 1 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Got a new bug with regression range ccfa9f2c1427b40483984198c3df41f8057f69f8:6dfab8cfb94ccb485a15b13df3c499cbb06fddf2

Jul 1 2021, 10:19 PM · libgcrypt, Bug Report

Jun 30 2021

jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Thanks a lot.

Jun 30 2021, 4:54 PM · libgcrypt, Bug Report

Jun 29 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=23 secp256r1
point=040000ffffffff0000000000000000000000000000000000000000000000000000cfe26d107a5134d6feb38ce3577075bdc7aa70ff7523d3b203c8a973f2d3dc8e
bignum=0000000000ff0000000400000000000000000000005d00003277002000010000
mbedtls: 0 04fd351b304ad50f36153d8193c4bbf7d4c3bee26e5af52a9c70133edfa62c273e05da8312615436e9c81b5b0624e68667233ace6307afc8056eae85049ca63226
gcrypt: 0 04d6915640b8ba3918f129c108f52f571ec28c1c89ad710b43928c3bd942eb29d8bf181e997b502abf12cf3606eb46379c59fd396bda7b45cdc75d429b2b37b15f
Jun 29 2021, 8:57 PM · libgcrypt, Bug Report
catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=24 secp384r1
point=0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffc1b0d6f8fb7f2de5b8875645b64042ae20f119f3e1cfefc0215857eeae5f4a8fca737057d69a42c44d958e7cfcc77ce6b
bignum=ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52972
mbedtls: 0 0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffce4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
gcrypt: 0 04fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0100000000000000fffffffbe4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
Jun 29 2021, 8:53 PM · libgcrypt, Bug Report

Jun 28 2021

jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

P192, P224, P256 and P384 are affected.

Jun 28 2021, 10:03 PM · libgcrypt, Bug Report
catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Is secp192r1 only curve that is giving wrong results?

Jun 28 2021, 8:40 PM · libgcrypt, Bug Report
jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Attached patch should fix the issue:

Jun 28 2021, 8:03 PM · libgcrypt, Bug Report
jukivili added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Thanks for reporting. There is two commits in that commit range, including https://dev.gnupg.org/rC9d909cb67e70fd792926ac1e2ab305b2cc96bc27 which adds fast reduction for NIST curves. So obviously something is wrong there. Is secp192r1 only curve that is giving wrong results?

Jun 28 2021, 5:34 PM · libgcrypt, Bug Report
werner triaged T5512: Implement service indicators as High priority.
Jun 28 2021, 1:27 PM · Feature Request, FIPS, libgcrypt
Jakuje created T5512: Implement service indicators.
Jun 28 2021, 12:28 PM · Feature Request, FIPS, libgcrypt

Jun 27 2021

catenacyber created T5510: libgcrypt: incorrect computation for secp192r1.
Jun 27 2021, 10:15 PM · libgcrypt, Bug Report

Jun 25 2021

werner closed T5162: Import problem due to disabled brainpool curves as Wontfix.

This will not be fixed. Brainpool is a standard feature of Libgcrypt and thus this is a bug in the used Libgcrypt installation. Note that although I recently fixed a new regression test for this case, I do not think that it is a good idea to add extra code for a broken Libgcrypt.

Jun 25 2021, 11:21 AM · Bug Report, libgcrypt, gnupg (gpg22)
werner triaged T5508: Allow hardware optimizations in FIPS as High priority.
Jun 25 2021, 8:55 AM · FIPS, libgcrypt, Bug Report

Jun 24 2021

Jakuje created T5508: Allow hardware optimizations in FIPS.
Jun 24 2021, 8:04 PM · FIPS, libgcrypt, Bug Report
TRex58 added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Thanks werner. That helps us to know that such test failure is not a deep issue that would push us to not deliver this version of gnupg on AIX.

Jun 24 2021, 3:56 PM · gnupg, Fedora, libgcrypt, Bug Report

Jun 22 2021

werner closed T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1 as Resolved.

With the next release you will get only a warning:

gnupg-2.2/common/t-sexputil.c:467: test 0 failed: Unknown elliptic curve - ignored
This is likely due to a patched version of Libgcrypt with removed support for Brainpool curves
Jun 22 2021, 12:32 PM · gnupg, Fedora, libgcrypt, Bug Report

Jun 21 2021

werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Sorry for the expired certificate.

Jun 21 2021, 10:48 PM · gnupg, Fedora, libgcrypt, Bug Report
TRex58 added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Fix: "I Know so few about gnupg, thus I'm not sure I COULD add test cases, probably not. "

Jun 21 2021, 7:42 PM · gnupg, Fedora, libgcrypt, Bug Report
TRex58 added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Hi,
The site now shows: "NET::ERR_CERT_DATE_INVALID" and I have a limited access to the web page.
Thanks for you explanation. However, I now so few about gnupg, thus I'm not sure I cannot add test cases, probably not. I'll see later if we have to provide on AIX a behavior different than the one of RedHat. Meanwhile, about your last proposal, yes it would be very useful to detect the case, print a warning, and skip the test. That would be helpful. Moreover, if the test deals with smartcards, we do not have on AIX, thus this test is very probably not useful in our environment.

Jun 21 2021, 7:40 PM · gnupg, Fedora, libgcrypt, Bug Report
werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

The thing is that I added a test for a new function which uses standard curves of Libgcrypt. But here we are again at the RedHat mess: They support the NIST curves but they removed support for Brainpool curves. Both are very similiar curves just different parameters. Brainpool is just in Europe out of fear that the NIST curves are rigged by the the NSA. Now, why RedHat removed Brainpool is probably just a legal dept thing who didn't have a clue. The tin foil hats probably see a different reason.

Jun 21 2021, 5:00 PM · gnupg, Fedora, libgcrypt, Bug Report
TRex58 added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.
  • a patch change within scd/apdu.c dealing with a call of: pcsc_connect() since code has changed between the 2 versions: may this be the cause of the failure? (Edited: hummm this patch seems no more required. And I have the same failure without it).
Jun 21 2021, 4:40 PM · gnupg, Fedora, libgcrypt, Bug Report
TRex58 added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Hi Werner,

Jun 21 2021, 4:30 PM · gnupg, Fedora, libgcrypt, Bug Report
werner added a comment to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1.

Supported curves should be listed by

gpg --list-config --with-colons curve
Jun 21 2021, 2:47 PM · gnupg, Fedora, libgcrypt, Bug Report
werner added projects to T5502: gnupg 2.2.28 : test t-sexputil fails on Fedora 33 and AIX 7.1: libgcrypt, Fedora, gnupg.

I am not sure about Fedora, but RedHat used to remove ECC support from Libgcrypt; GnuPG requires these curves. As long as you don't use ECC you things will work despite of this failed test. The test is new to check and does not anticipate a broken Libgcrypt.

Jun 21 2021, 2:44 PM · gnupg, Fedora, libgcrypt, Bug Report

Jun 17 2021

werner added a comment to T5433: libgcrypt: Do not use SHA1 by default.

That patch consists an ABI change. We might consider this for 1.10 but we can't do such a change in 1.9.

Jun 17 2021, 11:44 AM · FIPS, libgcrypt, Bug Report
werner claimed T5490: gcry_pk_get_param aborts program with error on "Curve25519".

Thanks for the report. Will soon be fixed.

Jun 17 2021, 9:21 AM · libgcrypt, Bug Report

Jun 16 2021

rmculpepper created T5490: gcry_pk_get_param aborts program with error on "Curve25519".
Jun 16 2021, 7:27 PM · libgcrypt, Bug Report
werner added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Some ideas:

  • the someflags thing will probably just be a reserved parameter
  • If DATA is not NULL but an MD is set the sign function should fail
  • Should ownership of MD be moved to the CTX?
Jun 16 2021, 11:11 AM · FIPS, libgcrypt, Feature Request
Jakuje added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

In an email from @werner couple days back, I got a suggestion that we could use hashing tied to the context, rather than this one-shot call tied only to digests. I circled back this suggestion to Stephan and he confirmed that it should be fine from the FIPS point of view so I am posting the suggested API here too:

ctx = gcry_pk_new (someflags)
md = gcry_md_open (...)
gcry_ctx_set_md (md);
gcry_pk_sign_ext (ctx, result, data, skey)
[...]
gcry_ctx_release (ctx);
Jun 16 2021, 10:52 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

OK. I think that the patch at SUSE is updated one which works.
As I understand correctly, this is a kind of very old patch, which intended to work around old libgcrypt limitation of RSA PSS.

Jun 16 2021, 10:34 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

I think that {D1476} is still a sketch (not real code which works). I would guess an intended use, but it's good to have concrete example program which uses the feature being added.

Jun 16 2021, 8:45 AM · FIPS, libgcrypt, Feature Request