Page MenuHome GnuPG
Feed Advanced Search

Sun, Feb 15

werner added a comment to T8094: libgcrypt: EC least leak failure.

FWIW: Okay, gmime is still a wrapper around gpgme. After decryption it has the ability to get the used session key from the gpgme result structure. Thus, I have been on the wrong trail. The actual problem is not gpgme but more GnuPG's use of Libgcrypt or an actual regression in Libgcrypt. Well, Friday 13th.

Sun, Feb 15, 4:37 PM · Info Needed, libgcrypt, Bug Report

Sat, Feb 14

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

Any hints where to find the actual crypto code which uses libgcrypt?

Sat, Feb 14, 5:59 AM · Info Needed, libgcrypt, Bug Report

Fri, Feb 13

jrm added a comment to T8094: libgcrypt: EC least leak failure.

Maintainer of the FreeBSD notmuch port/package here. The steps below consistently trigger the problem on FreeBSD 16.0 (unreleased main branch), but there are no problems on FreeBSD 15.0. All my testing was on amd64.

Fri, Feb 13, 6:26 PM · Info Needed, libgcrypt, Bug Report
werner added a comment to T8094: libgcrypt: EC least leak failure.

Any hints where to find the actual crypto code which uses libgcrypt?

Fri, Feb 13, 10:16 AM · Info Needed, libgcrypt, Bug Report
gniibe raised the priority of T8094: libgcrypt: EC least leak failure from Low to High.
Fri, Feb 13, 9:32 AM · Info Needed, libgcrypt, Bug Report
gniibe added a comment to T8094: libgcrypt: EC least leak failure.

@thesamesam Thanks a lot.
I managed to replicate the failure somehow (for me, it fails at the importing the key).

Fri, Feb 13, 9:31 AM · Info Needed, libgcrypt, Bug Report
thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

I've attached notmuch-bug.log with debug-level guru commented out for gpg-agent:

Fri, Feb 13, 8:35 AM · Info Needed, libgcrypt, Bug Report
thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

I can reproduce it using Stuart's script from https://lists.gnupg.org/pipermail/gcrypt-devel/2026-February/006031.html.

Fri, Feb 13, 8:34 AM · Info Needed, libgcrypt, Bug Report
thesamesam added a comment to T8094: libgcrypt: EC least leak failure.
$ uname -a
Linux mop 6.18.10 #1 SMP PREEMPT_DYNAMIC Wed Feb 11 21:14:57 GMT 2026 x86_64 AMD Ryzen 9 3950X 16-Core Processor AuthenticAMD GNU/Linux
Fri, Feb 13, 8:22 AM · Info Needed, libgcrypt, Bug Report
gniibe added a project to T8094: libgcrypt: EC least leak failure: Info Needed.

Please tell us the information of your environment.
What the versions of gpg and gpg-agent?

Fri, Feb 13, 8:13 AM · Info Needed, libgcrypt, Bug Report
gniibe renamed T8094: libgcrypt: EC least leak failure from libgcrypt: EC least leak failure on 32-bit machine to libgcrypt: EC least leak failure.
Fri, Feb 13, 8:10 AM · Info Needed, libgcrypt, Bug Report
thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

We have seen the same thing on amd64 (x86_64) linux: https://bugs.gentoo.org/969501

Fri, Feb 13, 6:28 AM · Info Needed, libgcrypt, Bug Report

Wed, Feb 11

gniibe added a comment to T8094: libgcrypt: EC least leak failure.

No, OpenBSD's implementation of POSIX semaphore is different to NetBSD.
(It doesn't support PSHARED=1.)

Wed, Feb 11, 2:51 AM · Info Needed, libgcrypt, Bug Report
gniibe added a comment to T8094: libgcrypt: EC least leak failure.

Possibly, it is related to the NetBSD failure of T8065.
If importing the secret key fails (which invokes gpg-agent), decryption cannot be succeeded.
I will check OpenBSD implementation of POSIX semaphore, if it's similar to NetBSD one.

Wed, Feb 11, 2:41 AM · Info Needed, libgcrypt, Bug Report

Tue, Feb 10

werner triaged T8094: libgcrypt: EC least leak failure as Low priority.

According to the ML @gniibe tried to replicate the problem without success.

Tue, Feb 10, 10:53 AM · Info Needed, libgcrypt, Bug Report

Mon, Feb 9

gniibe created T8094: libgcrypt: EC least leak failure.
Mon, Feb 9, 9:58 AM · Info Needed, libgcrypt, Bug Report

Tue, Feb 3

werner closed T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem as Resolved.

Will go into 1.12.1

Tue, Feb 3, 4:43 PM · Solaris, Bug Report, libgcrypt
werner closed T8069: libgcrypt: NetBSD m68k as Resolved.

Thanks. Will go int the next version.

Tue, Feb 3, 4:43 PM · NetBSD, Feature Request, libgcrypt
gniibe claimed T8080: libgcrypt 1.12.0 regression: gcry_mpi_ec_curve_point.
Tue, Feb 3, 7:10 AM · libgcrypt, Bug Report

Mon, Feb 2

wiz added a comment to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.

Thank you, that did indeed fix the problem!

Mon, Feb 2, 6:11 PM · Solaris, Bug Report, libgcrypt

Sun, Feb 1

werner added projects to T8069: libgcrypt: NetBSD m68k: Feature Request, NetBSD.
Sun, Feb 1, 2:14 PM · NetBSD, Feature Request, libgcrypt
werner added projects to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem: Bug Report, Solaris.
Sun, Feb 1, 2:13 PM · Solaris, Bug Report, libgcrypt
jukivili added a comment to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.

Does following patch help?

Sun, Feb 1, 9:19 AM · Solaris, Bug Report, libgcrypt

Sat, Jan 31

wiz created T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.
Sat, Jan 31, 9:16 PM · Solaris, Bug Report, libgcrypt

Fri, Jan 30

wiz added a project to T8069: libgcrypt: NetBSD m68k: libgcrypt.
Fri, Jan 30, 2:57 PM · NetBSD, Feature Request, libgcrypt

Thu, Jan 29

werner closed T7226: libgcrypt 1.11.0 buid error on armhf with gcc-14 as Resolved.
Thu, Jan 29, 2:21 PM · FTBFS, arm, libgcrypt, Bug Report
werner closed T7220: The CF protection not enabled in libgcrypt as Resolved.
Thu, Jan 29, 2:20 PM · libgcrypt, Bug Report
werner closed T7519: libgcrypt: (EC)DSA signature generation should be constant-time as Resolved.
Thu, Jan 29, 2:20 PM · libgcrypt, Bug Report
werner closed T7889: libgcrypt: HAVE_BROKEN_MLOCK as Resolved.
Thu, Jan 29, 2:19 PM · backport, libgcrypt, Bug Report
werner closed T7640: ML-DSA for libgcrypt, a subtask of T6637: PQC for Libgcrypt, as Resolved.
Thu, Jan 29, 2:19 PM · PQC, libgcrypt
werner closed T7640: ML-DSA for libgcrypt as Resolved.
Thu, Jan 29, 2:19 PM · PQC, libgcrypt
werner closed T7338: Revamp the FIPS service indicator as Resolved.
Thu, Jan 29, 2:18 PM · libgcrypt, FIPS, Feature Request
werner updated the task description for T7643: Release Libgcrypt 1.12.0.
Thu, Jan 29, 12:48 PM · Release Info, libgcrypt
werner triaged T8067: Release Libgcrypt 1.12.1 as Low priority.
Thu, Jan 29, 12:47 PM · libgcrypt, Release Info