Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Dec 15 2021

gniibe added a comment to T5740: gpg error check fails.

So, please show us gpg-error-config-test.log by your build.

Dec 15 2021, 3:04 PM · gpgrt, Bug Report

Dec 14 2021

gniibe moved T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:20 AM · FIPS, libgcrypt, Feature Request
gniibe moved T5710: FIPS: disable DSA for FIPS from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:20 AM · FIPS, libgcrypt
gniibe moved T5723: libgcrypt: Remove random-fips.c from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:19 AM · FIPS, libgcrypt
gniibe moved T5523: jitter entropy RNG update from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:19 AM · FIPS, libgcrypt
gniibe removed a project from T5576: New set of API for public key cryptography: FIPS.
Dec 14 2021, 11:18 AM · libgcrypt, Feature Request
gniibe updated the task description for T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:49 AM · www.gnupg.org, libgcrypt
gniibe updated the task description for T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:47 AM · www.gnupg.org, libgcrypt
gniibe renamed T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope from web,libgcrypt: Publish our stance what kind of attacks are under our scope to web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:42 AM · www.gnupg.org, libgcrypt
gniibe created T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:41 AM · www.gnupg.org, libgcrypt

Dec 13 2021

gniibe committed rEe17cf023d894: build: Detect a system with musl, as a variant of GNU System. (authored by gniibe).
build: Detect a system with musl, as a variant of GNU System.
Dec 13 2021, 6:33 AM
gniibe committed rEf15c06951bb9: build: Fix have_lock_optimization code for 'guessing yes'. (authored by gniibe).
build: Fix have_lock_optimization code for 'guessing yes'.
Dec 13 2021, 6:33 AM
gniibe updated the task description for T5731: libgcrypt,w32: Possible API change for include file(s).
Dec 13 2021, 5:28 AM · libgcrypt
gniibe triaged T5731: libgcrypt,w32: Possible API change for include file(s) as Normal priority.
Dec 13 2021, 5:27 AM · libgcrypt
gniibe claimed T5730: During make, compile error under Ubuntu 21.10.

Thank you for your report.

Dec 13 2021, 3:13 AM · gpgme, Bug Report

Dec 10 2021

gniibe committed rG61ac580a2075: gpg: Emit compatible Ed25519 signature. (authored by gniibe).
gpg: Emit compatible Ed25519 signature.
Dec 10 2021, 8:32 AM
gniibe added a project to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata: Restricted Project.
Dec 10 2021, 7:45 AM · gnupg (gpg23), Bug Report
gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

Adding comments, fixing "const" qualifier, I pushed the change.

Dec 10 2021, 7:44 AM · gnupg (gpg23), Bug Report
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Thank you, applied.

Dec 10 2021, 6:55 AM · FIPS, libgcrypt, Feature Request
gniibe committed rC02583e1216bc: tests: Include the new input files for tests (authored by Jakuje).
tests: Include the new input files for tests
Dec 10 2021, 6:55 AM

Dec 9 2021

gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

A patch created:

0001-gpg-Emit-compatible-Ed25519-signature.patch3 KBDownload

Dec 9 2021, 7:30 AM · gnupg (gpg23), Bug Report
gniibe committed rC7d8403b59a10: tests,fips: Align the use of variable in_fips_mode. (authored by gniibe).
tests,fips: Align the use of variable in_fips_mode.
Dec 9 2021, 1:53 AM
gniibe committed rC5b82f4b4dbf3: Adjust tests for proper disablement of non-approve PK operations (authored by Jakuje).
Adjust tests for proper disablement of non-approve PK operations
Dec 9 2021, 1:53 AM
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

Thank you, applied.

Dec 9 2021, 1:53 AM · FIPS, libgcrypt

Dec 8 2021

gniibe added a comment to T5331: Possibly incompatible Ed25519 signature between other implementations and 2.3-bata.

GnuPG 2.2 does:

  • In g10/sign.c:do_sign, it keeps leading zeros for Ed25519 signature, as opaque MPI
  • In g10/build-packet.c:do_signature which calls gpg_mpi_write to output the (opaque) MPI, leading zeros are removed.
Dec 8 2021, 12:20 PM · gnupg (gpg23), Bug Report
gniibe added a comment to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.

Let me explain concretely.

Dec 8 2021, 12:18 PM · gpgrt, Bug Report
gniibe closed T4951: Support point compression in Libgcrypt as Resolved.

Reading compressed point format has been done.
If writing support is needed, please open another task.

Dec 8 2021, 9:12 AM · Feature Request, libgcrypt
gniibe added a project to T5215: gnugp1: Fix build errors with gcc-10: Restricted Project.
Dec 8 2021, 9:10 AM · gnupg (gpg14), patch, Bug Report
gniibe added a project to T5393: gnupg coverity static analysis reports: Restricted Project.
Dec 8 2021, 9:09 AM · gnupg (gpg23), Bug Report
gniibe added a project to T5572: gnupg1: Missing extern-inline.m4 for gl_EXTERN_INLINE: Restricted Project.
Dec 8 2021, 9:07 AM · gnupg (gpg14)
gniibe added a project to T5579: libksba parallel build error (windows): Restricted Project.
Dec 8 2021, 9:07 AM · libksba, Bug Report
gniibe added a project to T5617: fips: Check library integrity before running selftests: Restricted Project.
Dec 8 2021, 9:06 AM · FIPS, libgcrypt, Bug Report
gniibe closed T5623: gpg2 hangs on many tasks on OpenIndiana (Illumos) as Resolved.
Dec 8 2021, 9:06 AM · Solaris, gnupg (gpg23)
gniibe renamed T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS from libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl to libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS.
Dec 8 2021, 9:05 AM · gpgrt, Bug Report
gniibe added a project to T5699: libgpg-error 1.43 fails t-lock-single-thread test on x86_64 with musl and macOS: Restricted Project.
Dec 8 2021, 9:04 AM · gpgrt, Bug Report
gniibe added a project to T5714: tests: Do not run tests for algorithms that are not built-in: Restricted Project.
Dec 8 2021, 9:03 AM · libgcrypt, Bug Report
gniibe added a project to T5723: libgcrypt: Remove random-fips.c: Restricted Project.
Dec 8 2021, 9:03 AM · FIPS, libgcrypt
gniibe added a project to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: Restricted Project.
Dec 8 2021, 9:00 AM · FIPS, libgcrypt, Feature Request
gniibe added a project to T5244: libgcrypt: Restrict MD5 use: Restricted Project.
Dec 8 2021, 8:59 AM · Bug Report, FIPS, libgcrypt
gniibe triaged T5636: Run integrity checks + selftests from library constructor in FIPS as Normal priority.
Dec 8 2021, 8:57 AM · FIPS, libgcrypt, Bug Report
gniibe lowered the priority of T5576: New set of API for public key cryptography from High to Wishlist.
Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe added a comment to T5576: New set of API for public key cryptography.

This new API is not for FIPS directly (any more), as we introduced pk_hash_sign/verify for FIPS.

Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe removed a subtask for T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: T5576: New set of API for public key cryptography.
Dec 8 2021, 2:49 AM · FIPS, libgcrypt, Feature Request
gniibe removed a parent task for T5576: New set of API for public key cryptography: T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.
Dec 8 2021, 2:49 AM · libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Pushed the backport.

Dec 8 2021, 2:48 AM · FIPS, libgcrypt, Feature Request
gniibe committed rCa0a2b6796f58: tests: Add tests for gcry_pk_hash_sign/verify API. (authored by gniibe).
tests: Add tests for gcry_pk_hash_sign/verify API.
Dec 8 2021, 2:48 AM
gniibe changed the status of T5710: FIPS: disable DSA for FIPS from Open to Testing.
Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

I have been convinced disabling DSA makes more sense.

Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe committed rCea362090fc11: fips: Disable DSA in FIPS mode. (authored by Jakuje).
fips: Disable DSA in FIPS mode.
Dec 8 2021, 1:52 AM
gniibe changed the status of T5723: libgcrypt: Remove random-fips.c from Open to Testing.

Done.
(Actually, it's not in the tarball.)

Dec 8 2021, 1:50 AM · FIPS, libgcrypt
gniibe committed rC5521cac32d75: random: Remove random-fips.c from repo. (authored by gniibe).
random: Remove random-fips.c from repo.
Dec 8 2021, 1:50 AM

Dec 7 2021

gniibe moved T5723: libgcrypt: Remove random-fips.c from Backlog to Next on the FIPS board.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe triaged T5723: libgcrypt: Remove random-fips.c as Normal priority.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe moved T5710: FIPS: disable DSA for FIPS from Backlog to Next on the FIPS board.
Dec 7 2021, 11:13 AM · FIPS, libgcrypt
gniibe committed rC05472c1882df: build: cipher/Makefile.am, doc/Makefile.am: add a missing space (authored by Alexander Kanavin <alex.kanavin@gmail.com>).
build: cipher/Makefile.am, doc/Makefile.am: add a missing space
Dec 7 2021, 8:08 AM
gniibe committed rG4cf8bdb04855: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Dec 7 2021, 8:07 AM
gniibe committed rG14de7b1e5904: gpg: Accept Ed25519 private key in SOS which reserves leading zeros. (authored by gniibe).
gpg: Accept Ed25519 private key in SOS which reserves leading zeros.
Dec 7 2021, 8:07 AM
gniibe triaged T5721: gpg22: Update *.m4 to prefer use of gpgrt-config and *.pc to *-config as Wishlist priority.
Dec 7 2021, 8:00 AM · gnupg (gpg22)
gniibe renamed T5034: dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config from dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, ang gpg-error-config to dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config.
Dec 7 2021, 7:54 AM
gniibe added a project to T5120: Incompatible Ed25519 secret key (no-encryption): Restricted Project.
Dec 7 2021, 7:43 AM · gnupg (gpg22), Bug Report
gniibe added a comment to T5120: Incompatible Ed25519 secret key (no-encryption).

For GnuPG 2.2, it's better to be conservative (least change of behavior, if any).

Dec 7 2021, 7:17 AM · gnupg (gpg22), Bug Report
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

We have tests in gniibe/new-pk-api, which can be backported.

  • t-dsa
  • t-ecdsa
  • t-rsa-pss
  • t-rsa-15
Dec 7 2021, 6:02 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied.

Dec 7 2021, 3:37 AM · Feature Request, FIPS, libgcrypt
gniibe committed rC8ca3fe07d03e: md: Fix disabled check. (authored by gniibe).
md: Fix disabled check.
Dec 7 2021, 3:35 AM
gniibe committed rCe96980022e5e: Properly enforce disablement in other pubkey API (authored by Jakuje).
Properly enforce disablement in other pubkey API
Dec 7 2021, 3:32 AM
gniibe committed rCbea8b9672c3c: tests: Add paren for readability. (authored by gniibe).
tests: Add paren for readability.
Dec 7 2021, 3:32 AM
gniibe committed rC3152a565d9a4: md: Fix checking to use ->disabled instead of ->fips directly. (authored by gniibe).
md: Fix checking to use ->disabled instead of ->fips directly.
Dec 7 2021, 3:32 AM
gniibe added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

The patch has been applied.

Dec 7 2021, 2:35 AM · libgcrypt
gniibe committed rE7fac8e02d80d: configure: Add missing check for logging (authored by Jakuje).
configure: Add missing check for logging
Dec 7 2021, 2:18 AM
gniibe committed rC754ad5815b5b: random: Remove use of experimental random daemon. (authored by gniibe).
random: Remove use of experimental random daemon.
Dec 7 2021, 2:13 AM
gniibe added a project to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon: Restricted Project.
Dec 7 2021, 2:12 AM · libgcrypt
gniibe claimed T5720: The libgpg-error is using old inet_addr() unconditionally.

Thank you, applied.

Dec 7 2021, 1:56 AM · gpgrt, Bug Report

Dec 6 2021

gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

And please let me know the change rC751fcadd34ed: random: Release memory in DRBG. affects t-secmem failure.

Dec 6 2021, 7:08 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

IIUC, one of the causes for the failure of secmem was resource release of DRBG memory.

Dec 6 2021, 3:34 AM · FIPS, libgcrypt, Bug Report
gniibe committed rC751fcadd34ed: random: Release memory in DRBG. (authored by gniibe).
random: Release memory in DRBG.
Dec 6 2021, 3:31 AM
gniibe committed rC5425052f38cd: fips: Factor out check_fips_system_setting function. (authored by gniibe).
fips: Factor out check_fips_system_setting function.
Dec 6 2021, 3:31 AM
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you for testing.

Dec 6 2021, 3:23 AM · FIPS, libgcrypt, Bug Report
gniibe committed rCb14aaf1a2dc7: cipher,tests: Consitent use of #if/#endif for algo selection. (authored by gniibe).
cipher,tests: Consitent use of #if/#endif for algo selection.
Dec 6 2021, 1:55 AM
gniibe claimed T5714: tests: Do not run tests for algorithms that are not built-in.

Applied. Thank you.

Dec 6 2021, 1:54 AM · libgcrypt, Bug Report
gniibe committed rCb601ef4dc9f9: tests: Unbreak tests with SM4 disabled (authored by Jakuje).
tests: Unbreak tests with SM4 disabled
Dec 6 2021, 1:49 AM
gniibe committed rC57b61b0f4f1b: tests: Conditionalize other algorithms that might not be built-in (authored by Jakuje).
tests: Conditionalize other algorithms that might not be built-in
Dec 6 2021, 1:49 AM
gniibe closed T5657: dirmngr: libdns sends malformed dns requests as Resolved.

Fixed in 2.2.33.

Dec 6 2021, 1:01 AM · Info Needed, Bug Report, dns, dirmngr
gniibe changed the status of T5393: gnupg coverity static analysis reports from Open to Testing.
Dec 6 2021, 12:59 AM · gnupg (gpg23), Bug Report
gniibe abandoned D541: w32: Support poll with FD backend.

An application should use syshd, instead.

Dec 6 2021, 12:58 AM
gniibe closed T5644: Heuristic for default reader detection as Resolved.
Dec 6 2021, 12:57 AM · Restricted Project, Feature Request, gnupg (gpg22)

Dec 3 2021

gniibe committed rCe4a450d1d966: rsa: Allow e=0 to select 65537 for keygeneration under X931. (authored by gniibe).
rsa: Allow e=0 to select 65537 for keygeneration under X931.
Dec 3 2021, 9:18 AM
gniibe added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.

Adding the case for == 0 only might be problematic, because I don't think it's an alias for a secure value; I think that == 0 means that it's up to libgcrypt to select the value (just like other generate_* functions).

Dec 3 2021, 9:14 AM · libgcrypt, FIPS, Bug Report
gniibe committed rC78ce1f9e0afe: random: Add missing header file to the release tarball (authored by Jakuje).
random: Add missing header file to the release tarball
Dec 3 2021, 8:25 AM
gniibe added a comment to T5523: jitter entropy RNG update.

Thank you, applied.

Dec 3 2021, 8:24 AM · FIPS, libgcrypt

Dec 2 2021

gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.

What would be setting those? And how do I disable it?

Dec 2 2021, 8:00 AM · MacOS, pinentry, Bug Report
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.

A possibility is that gpg-agent which invokes pinentry happens have COLUMNS and LINES defined, then, pinentry misbehaves.

Dec 2 2021, 6:36 AM · MacOS, pinentry, Bug Report
gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.

Thanks again for further information.

Dec 2 2021, 6:10 AM · MacOS, pinentry, Bug Report
gniibe added a comment to T5512: Implement service indicators.

For the part 1, I created: T5710: FIPS: disable DSA for FIPS

Dec 2 2021, 1:16 AM · Feature Request, FIPS, libgcrypt
gniibe updated subscribers of T5710: FIPS: disable DSA for FIPS.

This is the patch from @Jakuje

libgcrypt-fips-DSA-disable.patch1 KBDownload

Dec 2 2021, 1:14 AM · FIPS, libgcrypt
gniibe triaged T5710: FIPS: disable DSA for FIPS as Normal priority.
Dec 2 2021, 1:12 AM · FIPS, libgcrypt

Dec 1 2021

gniibe added a comment to T5693: GPG sign in corrupts larger terminal sizing.

So, the solution is to build pinentry with newer ncurses. As I wrote in another comment, it's adding a single line to the formula.

Dec 1 2021, 2:41 PM · MacOS, pinentry, Bug Report
gniibe added a comment to T5512: Implement service indicators.

Also, applied the part 2, improving basic.c.

Dec 1 2021, 6:46 AM · Feature Request, FIPS, libgcrypt
gniibe committed rCbff9ed54285b: tests: Fix basic.c to show useful information on error. (authored by gniibe).
tests: Fix basic.c to show useful information on error.
Dec 1 2021, 6:45 AM
gniibe committed rCc8d2b0069e3c: tests: Improve error checking in regards to FIPS (authored by Jakuje).
tests: Improve error checking in regards to FIPS
Dec 1 2021, 6:45 AM
gniibe committed rC23a58b779e31: Disable 3DES in FIPS mode (authored by Jakuje).
Disable 3DES in FIPS mode
Dec 1 2021, 6:19 AM
First
Prev
Next