- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Fri, Jan 30
Fri, Jan 30
• gniibe committed rCc41d4f502f1b: ecc: Make the PCT recoverable in FIPS mode and consistent with RSA. (authored by Jakuje).
ecc: Make the PCT recoverable in FIPS mode and consistent with RSA.
• gniibe committed rCfc19b27b5439: visibility: Check FIPS operational status for MD+Sign operation. (authored by Jakuje).
visibility: Check FIPS operational status for MD+Sign operation.
• gniibe committed rC397ff085749e: kdf: Update tests in regards to the allowed parameters in FIPS mode. (authored by Jakuje).
kdf: Update tests in regards to the allowed parameters in FIPS mode.
fips: Check return value from ftell
random: Remove unused SHA384 DRBGs.
• gniibe committed rCa51f0e66842a: fips: Add explicit indicators for md and mac algorithms. (authored by tobhe).
fips: Add explicit indicators for md and mac algorithms.
• gniibe committed rC0024db5afee8: fips: Unblock MD5 in fips mode but mark non-approved in indicator. (authored by tobhe).
fips: Unblock MD5 in fips mode but mark non-approved in indicator.
fips: Fix fips indicator function.
fips: Explicitly allow only some PK flags.
doc: Document the new FIPS indicators.
• gniibe committed rC051bbe84d889: fips: Mark gcry_pk_encrypt/decrypt function non-approved. (authored by Jakuje).
fips: Mark gcry_pk_encrypt/decrypt function non-approved.
• gniibe committed rC251f1749900e: fips: Explicitly disable overriding random in FIPS mode. (authored by Jakuje).
fips: Explicitly disable overriding random in FIPS mode.
• gniibe committed rC22cb410dd445: tests: Improve test coverage for FIPS service indicators. (authored by Jakuje).
tests: Improve test coverage for FIPS service indicators.
build: Update gpg-error.m4.
• gniibe committed rCf6f345fe89b0: fips: More elaborate way of getting FIPS pk flags indicators. (authored by • gniibe).
fips: More elaborate way of getting FIPS pk flags indicators.
m4: Update gpg-error.m4.
• gniibe committed rC4128f73d3a83: cipher: Enable the fast path to ChaCha20 only when supported. (authored by • gniibe).
cipher: Enable the fast path to ChaCha20 only when supported.
build: Allow build with -Oz.
• gniibe committed rCd41177937cea: random: Use getrandom only when it's appropriate. (authored by • gniibe).
random: Use getrandom only when it's appropriate.
• gniibe committed rCb863ec507dae: cipher:ecc: Fix public key computation for EdDSA. (authored by • gniibe).
cipher:ecc: Fix public key computation for EdDSA.
• gniibe committed rC31adc78fa503: cipher:ecc: Fix an error-path to release the KEY correctly. (authored by • gniibe).
cipher:ecc: Fix an error-path to release the KEY correctly.
• gniibe committed rC297c5a47837c: cipher:pubkey: Fix non-use of flexible array member. (authored by • gniibe).
cipher:pubkey: Fix non-use of flexible array member.
• gniibe committed rCd37ad2823f84: Remove out of core handler setting message in FIPS mode. (authored by • gniibe).
Remove out of core handler setting message in FIPS mode.
• gniibe committed rC2c8562ca5a49: cipher:kdf: Move FIPS mode check to _gcry_kdf_derive. (authored by • gniibe).
cipher:kdf: Move FIPS mode check to _gcry_kdf_derive.
build: Fix the notice in configure.ac.
• gniibe committed rC5547e5255c46: tests: Allow KDF measurement in FIPS mode. (authored by • gniibe).
tests: Allow KDF measurement in FIPS mode.
• gniibe committed rC8cdd0d353e19: cipher:pubkey: Check digest size which should not be zero. (authored by • gniibe).
cipher:pubkey: Check digest size which should not be zero.
• gniibe committed rC49e1e67f4e4e: sexp: String with \0 is considered "binary". (authored by • gniibe).
sexp: String with \0 is considered "binary".
• gniibe committed rC09ab61948845: build: Change the default for --with-libtool-modification. (authored by • gniibe).
build: Change the default for --with-libtool-modification.
• gniibe committed rC0ddc823e331c: build: New configure option --with-libtool-modification. (authored by • gniibe).
build: New configure option --with-libtool-modification.
• gniibe committed rC45c992020168: rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding. (authored by • gniibe).
rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding.
• gniibe committed rCe8072d8d3255: const-time: Use ct_not_memequal, instead. Tested with AVR. (authored by • gniibe).
const-time: Use ct_not_memequal, instead. Tested with AVR.
• gniibe committed rCfee1e63c7286: build: Check if arch is VAX or compiler is MSVC. (authored by • gniibe).
build: Check if arch is VAX or compiler is MSVC.
cipher: Fix ElGamal decryption.
• gniibe committed rCc98b5e4a1471: rsa: Use memmov_independently when unpadding. (authored by • gniibe).
rsa: Use memmov_independently when unpadding.
• gniibe committed rC45945be8f3c3: const-time: Add ct_memmov_cond, fix _gcry_mpih_set_cond. (authored by • gniibe).
const-time: Add ct_memmov_cond, fix _gcry_mpih_set_cond.
• gniibe committed rC892bc25ff74b: Use single constant-time memory comparison implementation (authored by jukivili).
Use single constant-time memory comparison implementation
• gniibe committed rC5e9ba851948f: const-time: always avoid comparison operator for byte comparison (authored by jukivili).
const-time: always avoid comparison operator for byte comparison
• gniibe committed rC3583e2ebcad5: rsa, elgamal: avoid logical not operator in constant-time code (authored by jukivili).
rsa, elgamal: avoid logical not operator in constant-time code
• gniibe committed rC3fa1b81c92e5: const-time: prefix global symbols with _gcry_ (authored by jukivili).
const-time: prefix global symbols with _gcry_
• gniibe committed rC7f0eb519897b: mpih_set_cond: restore EM leakage mitigation (authored by jukivili).
mpih_set_cond: restore EM leakage mitigation
• gniibe committed rC9c0984ed2c55: const-time: ct_memmov_cond: switch to use dual mask approach (authored by jukivili).
const-time: ct_memmov_cond: switch to use dual mask approach
• gniibe committed rC15cd08ae4c1e: mpih-const-time: use global vzero/vone variable (authored by jukivili).
mpih-const-time: use global vzero/vone variable
mpiutil: use global vone and vzero
ec-nist: use global vone and vzero
• gniibe committed rC2ed340744746: ec-nist: avoid unintentional conditional branch by comparison (authored by jukivili).
ec-nist: avoid unintentional conditional branch by comparison
• gniibe committed rC9acddd8b95e1: mpih_cmp_ui: avoid unintentional conditional branch (authored by jukivili).
mpih_cmp_ui: avoid unintentional conditional branch
• gniibe committed rC237523b49f42: ec: avoid unintentional condition branches for 25519, 448 and 256k1 (authored by jukivili).
ec: avoid unintentional condition branches for 25519, 448 and 256k1
• gniibe committed rC01e7052cb245: const-time: add functions for generating masks from 0/1 input (authored by jukivili).
const-time: add functions for generating masks from 0/1 input
• gniibe committed rC74588de441fd: mpih-const-time: use constant-time comparisons conditional add/sub/abs (authored by jukivili).
mpih-const-time: use constant-time comparisons conditional add/sub/abs
• gniibe committed rC11973c2219da: mpih_mod: avoid unintentional conditional branch (authored by jukivili).
mpih_mod: avoid unintentional conditional branch
mpi: Fix ECC computation on hppa.
• gniibe committed rC28afad4517c7: random:jent: Fix for jent_rng_is_initialized. (authored by • gniibe).
random:jent: Fix for jent_rng_is_initialized.
• gniibe committed rC67b528721e88: random:jent: Fix build with address sanitizer. (authored by • gniibe).
random:jent: Fix build with address sanitizer.
• gniibe committed rCf3bad2deb024: cipher:kyber: No change ABI/API for gcry_kem_genkey. (authored by • gniibe).
cipher:kyber: No change ABI/API for gcry_kem_genkey.
• gniibe committed rC1a82b26055e6: mpi: Use secure MPI in _gcry_mpi_assign_limb_space. (authored by • gniibe).
mpi: Use secure MPI in _gcry_mpi_assign_limb_space.
• gniibe committed rC889126dde923: secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN. (authored by • gniibe).
secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.
• gniibe committed rC506219f031fd: Merge branch 'master' into LIBGCRYPT-1.11-BRANCH (authored by • gniibe).
Merge branch 'master' into LIBGCRYPT-1.11-BRANCH
• gniibe committed rCa6267ad91dcd: Merge commit '4876a1a4' into LIBGCRYPT-1.11-BRANCH (authored by • gniibe).
Merge commit '4876a1a4' into LIBGCRYPT-1.11-BRANCH
• gniibe committed rCd9ebc6c4e8b5: cipher:kem:ecc: Support secp256k1 by KEM API. (authored by • gniibe).
cipher:kem:ecc: Support secp256k1 by KEM API.
• gniibe committed rCf7e06f8a29fc: cipher:kem: Provide each enum constant as macro. (authored by • gniibe).
cipher:kem: Provide each enum constant as macro.
build: Allow build with no Kyber.
• gniibe committed rCd54d834eb434: build: More changes to allow build with no Kyber. (authored by • gniibe).
build: More changes to allow build with no Kyber.
cipher:ecc: Silence GCC 15 warning.
• gniibe committed rC448693047fac: cipher:rsa: Fix missing initialization in generate_fips. (authored by • gniibe).
cipher:rsa: Fix missing initialization in generate_fips.
• gniibe committed rCaced8fd23236: mpi: Provide the function prototype of __udiv_qrnnd. (authored by • gniibe).
mpi: Provide the function prototype of __udiv_qrnnd.
• gniibe committed rC013bcc18676d: Add missing abiversion tag for PowerPC assembly (authored by jukivili).
Add missing abiversion tag for PowerPC assembly
• gniibe committed rC210562de650d: Add missing machine tags for PowerPC assembly (authored by jukivili).
Add missing machine tags for PowerPC assembly
• gniibe committed rCc720dd8927a5: poly1305-p10le: use '.rodata' section for read-only data (authored by jukivili).
poly1305-p10le: use '.rodata' section for read-only data
• gniibe committed rCdb55dfb74e64: Mark nonstring use cases with __nonstring__ attribute. (authored by • gniibe).
Mark nonstring use cases with __nonstring__ attribute.
• gniibe committed rCae80106fb9d3: random:jent: Fix for jent_rng_is_initialized. (authored by • gniibe).
random:jent: Fix for jent_rng_is_initialized.
• gniibe committed rC5b260f28d2a5: random:jent: Fix build with address sanitizer. (authored by • gniibe).
random:jent: Fix build with address sanitizer.
mpi: Fix redefinition of types.
• gniibe committed rCa7aa18fff3cc: secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN. (authored by • gniibe).
secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.
• gniibe committed rC172968f52174: mpi: Introduce mpi_tfr and use it for point_tfr. (authored by • gniibe).
mpi: Introduce mpi_tfr and use it for point_tfr.
t-kem: fix test loop iteration
• gniibe committed rC06b590e6e537: cipher:aria: Fix compiler error on NetBSD. (authored by collinfunk).
cipher:aria: Fix compiler error on NetBSD.
• gniibe committed rC100efe24af52: Update autogen.sh and gpg-error.m4 from upstream. (authored by • werner).
Update autogen.sh and gpg-error.m4 from upstream.
• gniibe committed rCd0da36c1e5fe: Update autogen.sh also for test(1) -o adjustment. (authored by • werner).
Update autogen.sh also for test(1) -o adjustment.
• gniibe committed rC3e4eda9fe475: Adjust scripts for test(1) operator -a removal (authored by • werner).
Adjust scripts for test(1) operator -a removal
• gniibe committed rCb17ed8d1af20: mceliece6688128f: fix stack overflow crash on win64/wine (authored by jukivili).
mceliece6688128f: fix stack overflow crash on win64/wine
• gniibe committed rCf4fda2acfaed: mceliece6688128f: fix UBSAN runtime errors (authored by jukivili).
mceliece6688128f: fix UBSAN runtime errors
• gniibe committed rC1aca19b89768: cipher-xts: harden mask generation against branch optimization (authored by jukivili).
cipher-xts: harden mask generation against branch optimization
• gniibe committed rCefa0e8fdee5c: rijndael: harden mask generation against branch optimization (authored by jukivili).
rijndael: harden mask generation against branch optimization
• gniibe committed rC689d0b1396d4: mpih-pow: harden condition calculation against branch optimization (authored by jukivili).
mpih-pow: harden condition calculation against branch optimization
• gniibe committed rC0df884de5e3c: kyber: harden mask generation against branch optimization (authored by jukivili).
kyber: harden mask generation against branch optimization
• gniibe committed rCcf1165c26ac8: sntrup761: harden mask generation against branch optimization (authored by jukivili).
sntrup761: harden mask generation against branch optimization
• gniibe committed rC7ff58b28726e: sntrup761: use const-time helpers for memory comparison and cond move (authored by jukivili).
sntrup761: use const-time helpers for memory comparison and cond move
• gniibe committed rC9e1ee6efea9d: mceliece6688128f: harden mask generation against branch optimization (authored by jukivili).
mceliece6688128f: harden mask generation against branch optimization
• gniibe committed rC379a0baffa85: const-time: add 64-bit fast paths for const-time buffer functions (authored by jukivili).
const-time: add 64-bit fast paths for const-time buffer functions
• gniibe committed rC3a281e0b045a: mceliece6688128f: use const-time helper for memory comparison (authored by jukivili).
mceliece6688128f: use const-time helper for memory comparison
Add stack burning for PQC algorithms
• gniibe committed rC5ba143d51f37: cipher:kyber: Apply a change from upstream. (authored by • gniibe).
cipher:kyber: Apply a change from upstream.
• gniibe committed rC520c699c82e4: mpi: Use secure MPI in _gcry_mpi_assign_limb_space. (authored by • gniibe).
mpi: Use secure MPI in _gcry_mpi_assign_limb_space.
• gniibe committed rCc6e0658004b5: fips,cipher: Fix the regression with disabled public-key algo. (authored by • gniibe).
fips,cipher: Fix the regression with disabled public-key algo.
Thank you for your report.
TL;DR
This ticket was created because building static-linked gpgv shows warnings from glibc for getpwnam and getpwuid.
Basically, we can/should ignore the warnings from glibc at link time (for normal use cases), because it is irrelevant.
Thu, Jan 29
Thu, Jan 29
Wed, Jan 28
Wed, Jan 28
Fix build with libassuan 2.