Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Feb 7 2025

gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

This is needed for RFC6979 flag support.

0001-cipher-ec-dsa-Avoid-MPI-normalize-by-mpi_rshift.patch1 KBDownload

Feb 7 2025, 6:42 AM · libgcrypt, Bug Report
gniibe claimed T7519: libgcrypt: (EC)DSA signature generation should be constant-time.
Feb 7 2025, 6:37 AM · libgcrypt, Bug Report
gniibe created T7519: libgcrypt: (EC)DSA signature generation should be constant-time.
Feb 7 2025, 6:37 AM · libgcrypt, Bug Report

Feb 6 2025

gniibe committed rC35a6a6feb9dc: Fix _gcry_dsa_modify_k. (authored by gniibe).
Fix _gcry_dsa_modify_k.
Feb 6 2025, 8:42 AM
gniibe committed rEdbf1e0dc4722: gpgrt-config: Append default directory to PKG_CONFIG_PATH. (authored by gniibe).
gpgrt-config: Append default directory to PKG_CONFIG_PATH.
Feb 6 2025, 2:36 AM

Feb 3 2025

gniibe committed rW542d002295ab: Add Japanese Translation. (authored by gniibe).
Add Japanese Translation.
Feb 3 2025, 3:29 AM
gniibe committed rCff6c905bea7b: mpi: Rename _gcry_mpih_mod as the one of Least Leak Intended. (authored by gniibe).
mpi: Rename _gcry_mpih_mod as the one of Least Leak Intended.
Feb 3 2025, 1:28 AM
gniibe committed rC5c5089ba3620: mpi: Add _gcry_mpih_mul_lli as Least Leak Intended. (authored by gniibe).
mpi: Add _gcry_mpih_mul_lli as Least Leak Intended.
Feb 3 2025, 1:21 AM

Jan 31 2025

gniibe added a comment to T7490: libgcrypt: constant-time modular exponentiation.

The commit rC58c11aa8 is the improved version by k-ary exponentiation (while rC6dffd105e2e2 is 1-bit at a time) and using heap.

Jan 31 2025, 2:43 AM · libgcrypt
gniibe committed rC639b0fca1505: cipher:prime: Fix long standing bug for PRIME % 2 == 0. (authored by gniibe).
cipher:prime: Fix long standing bug for PRIME % 2 == 0.
Jan 31 2025, 2:14 AM

Jan 27 2025

gniibe committed rGPGMEPP8880b461a48a: build: With LD_LIBRARY_PATH defined, use --disable-new-dtags. (authored by gniibe).
build: With LD_LIBRARY_PATH defined, use --disable-new-dtags.
Jan 27 2025, 10:39 AM
gniibe committed rC9f0fd2656d7d: cipher: Check and mark non-compliant cipher modes in the SLI (authored by Lucas Mulling <lucas.mulling@suse.com>).
cipher: Check and mark non-compliant cipher modes in the SLI
Jan 27 2025, 1:05 AM

Jan 25 2025

gniibe added a comment to T7490: libgcrypt: constant-time modular exponentiation.

I created https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Ft7490/
The commit rC6dffd105e2e2 works for me.
It is a bit of exponent at time Montgomery exponentiation.
I don't put an optimization for the reduction as I don't know if it's OK for patent-wise (looks like expired, though).

Jan 25 2025, 3:04 AM · libgcrypt

Jan 22 2025

gniibe committed rEb6df31136813: Skip gpg-error-config-test.sh for specific incompatible pkg-config. (authored by gniibe).
Skip gpg-error-config-test.sh for specific incompatible pkg-config.
Jan 22 2025, 3:11 AM
gniibe changed the status of T7486: libgcrypt: Remove WindowsCE support from Open to Testing.
Jan 22 2025, 3:06 AM · libgcrypt
gniibe committed rW8a73ec62d5e1: Translate update (ja). (authored by gniibe).
Translate update (ja).
Jan 22 2025, 1:20 AM

Jan 21 2025

gniibe committed rC24a2ca672b21: Remove WindowsCE support. (authored by gniibe).
Remove WindowsCE support.
Jan 21 2025, 1:49 AM
gniibe triaged T7490: libgcrypt: constant-time modular exponentiation as Wishlist priority.
Jan 21 2025, 1:44 AM · libgcrypt
gniibe added a comment to T6425: improve pinentry behavior and texts in smart card context .

For command line, reported issues have been fixed; Confusions for wrong errors are gone, it correctly reports appropriate errors of:

  • GPG_ERR_PIN_BLOCKED
  • GPG_ERR_NO_RESET_CODE
  • GPG_ERR_BAD_PIN
Jan 21 2025, 1:21 AM · gnupg24 (gnupg-2.4.5), scd, Bug Report, Restricted Project
gniibe added a comment to T6910: pinentry: Possibly add pinentry-gtk with GTK 4, and Drop pinentry-gtk-2.

Do you think it's too difficult for a beginner to write a pinentry-gtk4?

Jan 21 2025, 1:10 AM

Jan 20 2025

gniibe committed rGb1857a2836c9: gpg: Fix handling with no CRC armor. (authored by gniibe).
gpg: Fix handling with no CRC armor.
Jan 20 2025, 7:16 AM
gniibe changed the status of T7071: gpg: Support of No CRC in ASCII armor from Open to Testing.

Reported gnupg channel on IRC.
An ascii armored file in question was: https://github.com/syncthing/syncthing/releases/download/v1.29.2/sha256sum.txt.asc

Jan 20 2025, 7:13 AM · gnupg, Bug Report
gniibe added a comment to T7071: gpg: Support of No CRC in ASCII armor.

Fixed in: rGb1857a2836c9: gpg: Fix handling with no CRC armor.

Jan 20 2025, 7:11 AM · gnupg, Bug Report
gniibe reopened T7071: gpg: Support of No CRC in ASCII armor as "Open".

When CHECKCRC == 0 (no CRC), ->any_data was not set, resulted

	no valid OpenPGP data found.

wrongly.

Jan 20 2025, 7:10 AM · gnupg, Bug Report

Jan 17 2025

gniibe reopened T3269: (Constant-time) modular reduction, a subtask of T3264: Possible RSA improvement, as Open.
Jan 17 2025, 7:01 AM · libgcrypt
gniibe reopened T3269: (Constant-time) modular reduction as "Open".

Re-open, so that I can pursue constant-time modular exponentiation.

Jan 17 2025, 7:01 AM · libgcrypt

Jan 15 2025

gniibe committed rKb2fccb07a321: build,tests: Remove WindowsCE support. (authored by gniibe).
build,tests: Remove WindowsCE support.
Jan 15 2025, 11:30 AM
gniibe committed rPc93e640fa8ca: build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS. (authored by gniibe).
build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.
Jan 15 2025, 8:08 AM
gniibe committed rMfa17f2aaedb5: build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS. (authored by gniibe).
build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.
Jan 15 2025, 7:56 AM
gniibe renamed T7486: libgcrypt: Remove WindowsCE support from libksba, libgcrypt: Remove WindowsCE support to libgcrypt: Remove WindowsCE support.
Jan 15 2025, 7:53 AM · libgcrypt
gniibe removed a project from T7486: libgcrypt: Remove WindowsCE support: libksba.
Jan 15 2025, 7:53 AM · libgcrypt
gniibe triaged T7486: libgcrypt: Remove WindowsCE support as Wishlist priority.
Jan 15 2025, 7:44 AM · libgcrypt
gniibe committed rG6c01d97b1756: build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS. (authored by gniibe).
build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.
Jan 15 2025, 7:43 AM
gniibe committed rE71756ce37351: build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS. (authored by gniibe).
build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.
Jan 15 2025, 7:35 AM

Jan 14 2025

gniibe committed rE0f4fe2edf5e5: spawn: Care about closefrom/close call is interrupted. (authored by gniibe).
spawn: Care about closefrom/close call is interrupted.
Jan 14 2025, 7:33 AM
gniibe changed the status of T7478: _gpg_close_all_fds hangs on nwer Linux systems in a simple chroot w/o /proc/self/fd from Open to Testing.

Fixed in: rE0f4fe2edf5e5: spawn: Care about closefrom/close call is interrupted.

Jan 14 2025, 7:12 AM · Linux, gnupg, gpgrt, Bug Report
gniibe added a comment to T7478: _gpg_close_all_fds hangs on nwer Linux systems in a simple chroot w/o /proc/self/fd.

@werner I read the code of gpgme/src/posix-io.c. I understand the two points:

  • For the correctness sake, the possible interrupted closefrom should be handled.
  • we can share the code with closefrom case and non-closefrom case.
Jan 14 2025, 6:55 AM · Linux, gnupg, gpgrt, Bug Report
gniibe committed rG137481fa1002: agent: Fix a memory leak. (authored by Sorah Fukumori <her@sorah.jp>).
agent: Fix a memory leak.
Jan 14 2025, 3:28 AM

Jan 10 2025

gniibe closed T6338: kleo: Japanese Translation, a subtask of T6337: libkleo: Japanese Translation, as Resolved.
Jan 10 2025, 8:04 AM · kleopatra, Bug Report
gniibe closed T6338: kleo: Japanese Translation as Resolved.

One year later, I also did translation work for kleo and libkleo, which are pushed by Andre.
So, closing this task.

Jan 10 2025, 8:04 AM · Restricted Project, kleopatra, Bug Report
gniibe closed T7436: Allow ssh to sign data larger than the assuan line length. as Resolved.

Fixed in 2.5.2.

Jan 10 2025, 8:00 AM · ssh, Feature Request, gnupg26
gniibe closed T7457: gpg --full-gen-key doesn't show list of keys on card (regression) as Resolved.

Fixed in 2.5.3.

Jan 10 2025, 7:59 AM · gnupg26, gnupg24, Bug Report
gniibe closed T7291: scdaemon randomly hangs when trying to access a token as Resolved.

Fixed in 2.5.2.

Jan 10 2025, 7:51 AM · scd
gniibe committed rGddff3b01f4bc: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Jan 10 2025, 7:04 AM
gniibe committed rG6b233c6704df: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Jan 10 2025, 7:00 AM

Jan 9 2025

gniibe committed rC42e8858566e3: build: Improve __thread specifier check. (authored by gniibe).
build: Improve __thread specifier check.
Jan 9 2025, 2:36 AM

Jan 8 2025

gniibe committed rEe3e793302b67: spawn: Use closefrom when available. (authored by gniibe).
spawn: Use closefrom when available.
Jan 8 2025, 9:08 AM
gniibe added a comment to T7478: _gpg_close_all_fds hangs on nwer Linux systems in a simple chroot w/o /proc/self/fd.

Thank you for your report.

Jan 8 2025, 7:49 AM · Linux, gnupg, gpgrt, Bug Report
gniibe committed rA70d454e1ff48: w32: Enable "w32_error" for assuan_sock_get_flag. (authored by gniibe).
w32: Enable "w32_error" for assuan_sock_get_flag.
Jan 8 2025, 1:04 AM
gniibe merged task T7177: libassuan-3.0.1: Errant declaration of putc_unlocked in src/assuan-defs.h causes a Darwin build to fail into T7246: libassuan 3.0.1: putc_unlocked() is re-defined unconditionally.
Jan 8 2025, 12:51 AM · MacOS, gpgrt, Bug Report
gniibe merged T7177: libassuan-3.0.1: Errant declaration of putc_unlocked in src/assuan-defs.h causes a Darwin build to fail into T7246: libassuan 3.0.1: putc_unlocked() is re-defined unconditionally.
Jan 8 2025, 12:51 AM · libassuan, MacOS, Bug Report
gniibe added a comment to T7177: libassuan-3.0.1: Errant declaration of putc_unlocked in src/assuan-defs.h causes a Darwin build to fail.

Fixed in rA69069bc63e6b: Remove an declaration for an unused function.

Jan 8 2025, 12:49 AM · MacOS, gpgrt, Bug Report

Jan 6 2025

gniibe closed T6523: gpgscm: call-with-io deadlock when larger stderr output, a subtask of T6512: keyboxd with data pipe, as Resolved.
Jan 6 2025, 7:32 AM · gnupg26, Bug Report
gniibe closed T6523: gpgscm: call-with-io deadlock when larger stderr output as Resolved.
Jan 6 2025, 7:32 AM · gnupg26, Bug Report
gniibe closed T7180: gpgme: Use gpgrt_b64dec as Resolved.
Jan 6 2025, 7:31 AM · gpgme
gniibe committed rC5e925e6c3484: fips,cipher: Fix memory leak for gcry_pk_hash_sign. (authored by gniibe).
fips,cipher: Fix memory leak for gcry_pk_hash_sign.
Jan 6 2025, 4:15 AM

Dec 30 2024

gniibe committed rPb415f3108921: build: Fix warning about obsolete pinentry-emacs. (authored by gniibe).
build: Fix warning about obsolete pinentry-emacs.
Dec 30 2024, 5:28 AM
gniibe claimed T7470: pinentry warns about obsolete pinentry-emacs for --disable-pinentry-emacs.

Thank you. Fixed in: rPb415f3108921: build: Fix warning about obsolete pinentry-emacs.

Dec 30 2024, 2:56 AM · pinentry, Bug Report

Dec 27 2024

gniibe committed rC53c97483b17f: fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS mode. (authored by gniibe).
fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS mode.
Dec 27 2024, 1:27 AM
gniibe committed rCd71c88f78a4f: tests: Add more tests to tests/t-fips-service-ind. (authored by gniibe).
tests: Add more tests to tests/t-fips-service-ind.
Dec 27 2024, 1:26 AM
gniibe committed rCc6a092abbe7b: fips,ecc: Add rejecting or marking for gcry_pk_get_curve. (authored by gniibe).
fips,ecc: Add rejecting or marking for gcry_pk_get_curve.
Dec 27 2024, 1:26 AM

Dec 23 2024

gniibe committed rCa776b692669a: fips,cipher: Add behavior not to reject but mark non-compliant. (authored by gniibe).
fips,cipher: Add behavior not to reject but mark non-compliant.
Dec 23 2024, 7:01 AM

Dec 20 2024

gniibe closed T7169: libgpg-error 1.50 build issue (spawn-posix.c:345:5: error: use of undeclared identifier 'environ') as Resolved.

This problem has gone in libgpg-error 1.51, since the implementation doesn't use environ any more.

Dec 20 2024, 6:49 AM · gpgrt, MacOS, Bug Report
gniibe committed rGd32a315418a3: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Dec 20 2024, 3:56 AM
gniibe committed rGab8a2408a390: scd: Use gpgrt_spawn_actions_set_env_rev to have clean semantics. (authored by gniibe).
scd: Use gpgrt_spawn_actions_set_env_rev to have clean semantics.
Dec 20 2024, 3:53 AM
gniibe committed rCd060dd58b828: fips: Rejection by GCRYCTL_FIPS_REJECT_NON_FIPS, not by open flags. (authored by gniibe).
fips: Rejection by GCRYCTL_FIPS_REJECT_NON_FIPS, not by open flags.
Dec 20 2024, 2:50 AM
gniibe closed T7071: gpg: Support of No CRC in ASCII armor as Resolved.
Dec 20 2024, 1:17 AM · gnupg, Bug Report

Dec 19 2024

gniibe committed rCb4eb23dc01a4: Fix the previous change. (authored by gniibe).
Fix the previous change.
Dec 19 2024, 6:19 AM
gniibe committed rCe52adf0948c6: fips: Introduce GCRYCTL_FIPS_REJECT_NON_FIPS. (authored by gniibe).
fips: Introduce GCRYCTL_FIPS_REJECT_NON_FIPS.
Dec 19 2024, 3:42 AM
gniibe committed rCedb43bc29004: fips,cipher: Implement FIPS service indicator for gcry_pk_hash_ API. (authored by gniibe).
fips,cipher: Implement FIPS service indicator for gcry_pk_hash_ API.
Dec 19 2024, 3:42 AM
gniibe committed rC60db2a175d12: fips,md: gcry_md_copy should care about FIPS service indicator. (authored by gniibe).
fips,md: gcry_md_copy should care about FIPS service indicator.
Dec 19 2024, 3:42 AM

Dec 17 2024

gniibe committed rCcfd2d2f41ad4: tests,fips: Add gcry_cipher_open tests. (authored by gniibe).
tests,fips: Add gcry_cipher_open tests.
Dec 17 2024, 6:01 AM
gniibe committed rCb59bde31ded9: tests,fips: Move KDF tests to t-fips-service-ind. (authored by gniibe).
tests,fips: Move KDF tests to t-fips-service-ind.
Dec 17 2024, 6:01 AM
gniibe committed rC132f346232b3: tests,fips: Rename t-fips-service-ind. (authored by gniibe).
tests,fips: Rename t-fips-service-ind.
Dec 17 2024, 6:01 AM
gniibe committed rCc4f75014cb8a: tests,fips: Add gcry_mac_open tests. (authored by gniibe).
tests,fips: Add gcry_mac_open tests.
Dec 17 2024, 6:01 AM
gniibe committed rC69a5d0ed18a3: fips,cipher: Implement new FIPS service indicator for cipher_open. (authored by gniibe).
fips,cipher: Implement new FIPS service indicator for cipher_open.
Dec 17 2024, 6:01 AM
gniibe committed rCfcb0c7004b0b: fips,mac: Implement new FIPS service indicator for gcry_mac_open. (authored by gniibe).
fips,mac: Implement new FIPS service indicator for gcry_mac_open.
Dec 17 2024, 6:01 AM

Dec 16 2024

gniibe added a comment to T7456: libassuan: Windows: assuan_sock_bind error.

Here is a patch to support "w32_error" for assuan_sock_get_flag function.

0001-w32-Enable-w32_error-for-assuan_sock_get_flag.patch5 KBDownload

Dec 16 2024, 6:53 AM · libassuan, Windows
gniibe committed rC917fc6000dfe: fips,tests: Add tests for md_open/write/read/close for t-digest. (authored by gniibe).
fips,tests: Add tests for md_open/write/read/close for t-digest.
Dec 16 2024, 2:42 AM
gniibe committed rC9757e280794f: fips,md: Implement new FIPS service indicator for gcry_md_open API. (authored by gniibe).
fips,md: Implement new FIPS service indicator for gcry_md_open API.
Dec 16 2024, 2:42 AM
gniibe committed rC4799914966a7: fips: Change the internal API for new FIPS service indicator. (authored by gniibe).
fips: Change the internal API for new FIPS service indicator.
Dec 16 2024, 2:42 AM
gniibe committed rG893e5e7c6f4c: agent: Clean up for the refactoring. (authored by gniibe).
agent: Clean up for the refactoring.
Dec 16 2024, 2:20 AM
gniibe committed rGaa36f6ae8bae: gpg: Fix key generation with existing key from card. (authored by gniibe).
gpg: Fix key generation with existing key from card.
Dec 16 2024, 2:10 AM
gniibe changed the status of T7457: gpg --full-gen-key doesn't show list of keys on card (regression) from Open to Testing.
Dec 16 2024, 2:00 AM · gnupg26, gnupg24, Bug Report
gniibe claimed T7457: gpg --full-gen-key doesn't show list of keys on card (regression).

It's a bug I introduced when fixing T7309.
Fixed in rGaa36f6ae8bae: gpg: Fix key generation with existing key from card.

Dec 16 2024, 2:00 AM · gnupg26, gnupg24, Bug Report

Dec 13 2024

gniibe committed rAcc6c29735d59: w32: Fix errno for assuan_sock_bind failure. (authored by gniibe).
w32: Fix errno for assuan_sock_bind failure.
Dec 13 2024, 6:23 AM
gniibe changed the status of T7456: libassuan: Windows: assuan_sock_bind error from Open to Testing.
Dec 13 2024, 3:20 AM · libassuan, Windows
gniibe triaged T7456: libassuan: Windows: assuan_sock_bind error as Normal priority.
Dec 13 2024, 2:29 AM · libassuan, Windows

Dec 12 2024

gniibe added a comment to T7368: dirmngr/dns.c files to compile due to type-mismatch caused by missing _XOPEN_SOURCE on Solaris and derivatives.

IIUC, simpler solution would be modifying m4/socklen.m4 adding Solaris variant specific code.
Tweaking _XOPEN_SOURCE requires the change of Autoconf (if done correctly), which would be larger surgery.

Dec 12 2024, 7:46 AM · gnupg26, dns, Solaris, Bug Report
gniibe committed rC47ed744465ae: cipher: Add script to re-generate mceliece6688128f.c. (authored by jas).
cipher: Add script to re-generate mceliece6688128f.c.
Dec 12 2024, 7:09 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

Here are changes for gcry_md_open and its friends.

0001-fips-Change-the-internal-API-for-new-FIPS-service-in.patch4 KBDownload

Dec 12 2024, 6:43 AM · libgcrypt, FIPS, Feature Request
gniibe added a comment to T7338: Revamp the FIPS service indicator.

My idea in https://dev.gnupg.org/T7338#195529 doesn't work well when a function call is done multiple times.
Assuming SUCCESS, and marking all non-compliant places in the code works, and it would be good because libgcrypt so far maintains non-compliant path with rejection.

Dec 12 2024, 3:09 AM · libgcrypt, FIPS, Feature Request

Dec 11 2024

gniibe committed rC28327dba6b5f: kdf: Fix memory cost overflow in Argon2 KDF. (authored by gmazyland).
kdf: Fix memory cost overflow in Argon2 KDF.
Dec 11 2024, 8:22 AM
gniibe committed rC75744f721d8d: tests: Fix comment in t-thread-local. (authored by gniibe).
tests: Fix comment in t-thread-local.
Dec 11 2024, 5:54 AM

Dec 10 2024

gniibe committed rC41cbcc0f0e78: tests: Extend tests/t-digest to test hmac too. (authored by gniibe).
tests: Extend tests/t-digest to test hmac too.
Dec 10 2024, 8:00 AM
gniibe committed rC06f6aafedc9f: tests: Fix t-digest for a minimal configuration. (authored by gniibe).
tests: Fix t-digest for a minimal configuration.
Dec 10 2024, 8:00 AM

Dec 9 2024

gniibe committed rC7faf542f1573: fips,tests: Add t-digest. (authored by gniibe).
fips,tests: Add t-digest.
Dec 9 2024, 6:38 AM
gniibe added a comment to T7338: Revamp the FIPS service indicator.

Pushed the change for adding hash tests in rC7faf542f1573: fips,tests: Add t-digest.

Dec 9 2024, 6:34 AM · libgcrypt, FIPS, Feature Request

Dec 6 2024

gniibe added a comment to T7338: Revamp the FIPS service indicator.

It seems that the internal API (as of 2024-12-06) is not enough.
Now, we have _gcry_md_hash_buffer function with the new FIPS service indicator.
It's used for public key crypto, too.
The compliance for hash function is a part of public key crypto, but not all.

Dec 6 2024, 6:54 AM · libgcrypt, FIPS, Feature Request
gniibe committed rC3478caac62c7: fips,md: Implement new FIPS service indicator for gcry_md_hash_*. (authored by gniibe).
fips,md: Implement new FIPS service indicator for gcry_md_hash_*.
Dec 6 2024, 6:41 AM
First
Prev
Next