Page MenuHome GnuPG
Feed Advanced Search

Dec 9 2021

Jakuje created T5726: Setting "compliance de-vs" in gpg.conf with libgcrypt 1.9.0 and newer causes confusing error messages.
Dec 9 2021, 5:33 PM · Not A Bug, libgcrypt, gnupg
Jakuje added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

It turned out that the new *.inp files are not part of the release tarball, which makes the tests from generated tarball fail. The attached patch should fix this issue.

Dec 9 2021, 5:06 PM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

Thank you, applied.

Dec 9 2021, 1:53 AM · FIPS, libgcrypt

Dec 8 2021

Jakuje added a comment to T5710: FIPS: disable DSA for FIPS.

Sorry for the noise. There were couple of other places which I missed initially and which are covered in the v2 patch which follows:

Dec 8 2021, 1:25 PM · FIPS, libgcrypt
Jakuje added a comment to T5710: FIPS: disable DSA for FIPS.

It turns out together with rCe96980022e5e some tests are failing in FIPS mode. The attached patch should handle the failures.

Dec 8 2021, 12:39 PM · FIPS, libgcrypt
gniibe closed T4951: Support point compression in Libgcrypt as Resolved.

Reading compressed point format has been done.
If writing support is needed, please open another task.

Dec 8 2021, 9:12 AM · Feature Request, libgcrypt
gniibe added a project to T5617: fips: Check library integrity before running selftests: Testing.
Dec 8 2021, 9:06 AM · FIPS, libgcrypt, Bug Report
gniibe added a project to T5714: tests: Do not run tests for algorithms that are not built-in: Testing.
Dec 8 2021, 9:03 AM · libgcrypt, Bug Report
gniibe added a project to T5723: libgcrypt: Remove random-fips.c: Testing.
Dec 8 2021, 9:03 AM · FIPS, libgcrypt
gniibe added a project to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: Testing.
Dec 8 2021, 9:00 AM · FIPS, libgcrypt, Feature Request
gniibe added a project to T5244: libgcrypt: Restrict MD5 use: Testing.
Dec 8 2021, 8:59 AM · Bug Report, FIPS, libgcrypt
gniibe triaged T5636: Run integrity checks + selftests from library constructor in FIPS as Normal priority.
Dec 8 2021, 8:57 AM · FIPS, libgcrypt, Bug Report
gniibe lowered the priority of T5576: New set of API for public key cryptography from High to Wishlist.
Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe added a comment to T5576: New set of API for public key cryptography.

This new API is not for FIPS directly (any more), as we introduced pk_hash_sign/verify for FIPS.

Dec 8 2021, 2:51 AM · libgcrypt, Feature Request
gniibe removed a subtask for T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation: T5576: New set of API for public key cryptography.
Dec 8 2021, 2:49 AM · FIPS, libgcrypt, Feature Request
gniibe removed a parent task for T5576: New set of API for public key cryptography: T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.
Dec 8 2021, 2:49 AM · libgcrypt, Feature Request
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

Pushed the backport.

Dec 8 2021, 2:48 AM · FIPS, libgcrypt, Feature Request
gniibe changed the status of T5710: FIPS: disable DSA for FIPS from Open to Testing.
Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe added a comment to T5710: FIPS: disable DSA for FIPS.

I have been convinced disabling DSA makes more sense.

Dec 8 2021, 1:54 AM · FIPS, libgcrypt
gniibe changed the status of T5723: libgcrypt: Remove random-fips.c from Open to Testing.

Done.
(Actually, it's not in the tarball.)

Dec 8 2021, 1:50 AM · FIPS, libgcrypt

Dec 7 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Hi jukivili,
I ran some basic tests and it did show the errors. I am in the process investigating what went wrong. In the meantime, i also included test result that I have used in my testing from bench-slope. In this test, I captured the message with 272 bytes buffer from the original libgcrypt repo and my optimized repo. Note that the bulk version of my code do 8x unrolling and the rest will do 16 bytes. So the first 2 128 bytes ran thru gcry_ppc_aes_gcm_encrypt and the rest of the 16 bytes thru gcm_ctr_encrypt (cipher-gcm.c).

Dec 7 2021, 5:36 PM · patch, ppc, libgcrypt, Feature Request
werner set Due Date to Jan 17 2022, 12:00 AM on T5691: Release libgcrypt 1.10.0.
Dec 7 2021, 11:17 AM · FIPS, Release Info, libgcrypt
gniibe moved T5723: libgcrypt: Remove random-fips.c from Backlog to Next on the FIPS board.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe triaged T5723: libgcrypt: Remove random-fips.c as Normal priority.
Dec 7 2021, 11:15 AM · FIPS, libgcrypt
gniibe moved T5710: FIPS: disable DSA for FIPS from Backlog to Next on the FIPS board.
Dec 7 2021, 11:13 AM · FIPS, libgcrypt
gniibe added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

We have tests in gniibe/new-pk-api, which can be backported.

  • t-dsa
  • t-ecdsa
  • t-rsa-pss
  • t-rsa-15
Dec 7 2021, 6:02 AM · FIPS, libgcrypt, Feature Request
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied.

Dec 7 2021, 3:37 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

The patch has been applied.

Dec 7 2021, 2:35 AM · libgcrypt
gniibe added a project to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon: Testing.
Dec 7 2021, 2:12 AM · libgcrypt

Dec 6 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Thanks jukivili for the review.

Dec 6 2021, 3:37 PM · patch, ppc, libgcrypt, Feature Request
Jakuje added a comment to T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation.

I have just a note about this issue, that it would be helpful to exercise this new API in some tests. Right now, only the old API is tested.

Dec 6 2021, 12:38 PM · FIPS, libgcrypt, Feature Request
Jakuje added a comment to T5512: Implement service indicators.

It turns out that the asymmetric key operations are not yet properly enforced with the .disabled flag. While the other key crypto usually has some "open" api, where this can be simply captured, the pubkey API has several entry points and the "test_algo" is not enough to check for disabled key types.

Dec 6 2021, 11:56 AM · Feature Request, FIPS, libgcrypt
werner added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

Yeah, remove it.

Dec 6 2021, 11:28 AM · libgcrypt
Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you. My local tests (in emulated fips mode and normal mode) do not show any errors with current master branch.

Dec 6 2021, 11:03 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

And please let me know the change rC751fcadd34ed: random: Release memory in DRBG. affects t-secmem failure.

Dec 6 2021, 7:08 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

IIUC, one of the causes for the failure of secmem was resource release of DRBG memory.

Dec 6 2021, 3:34 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you for testing.

Dec 6 2021, 3:23 AM · FIPS, libgcrypt, Bug Report
gniibe claimed T5714: tests: Do not run tests for algorithms that are not built-in.

Applied. Thank you.

Dec 6 2021, 1:54 AM · libgcrypt, Bug Report

Dec 4 2021

jukivili added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Thanks, however I didn't see your email on mailing-list. Maybe the email got stuck on the way.

Dec 4 2021, 12:46 PM · patch, ppc, libgcrypt, Feature Request

Dec 3 2021

Jakuje added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.

Thanks. I did some git archeology and found the first mention of this in the following commit in 2011 without much details:

Dec 3 2021, 10:21 AM · libgcrypt, FIPS, Bug Report
gniibe added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.

Adding the case for == 0 only might be problematic, because I don't think it's an alias for a secure value; I think that == 0 means that it's up to libgcrypt to select the value (just like other generate_* functions).

Dec 3 2021, 9:14 AM · libgcrypt, FIPS, Bug Report
gniibe added a comment to T5523: jitter entropy RNG update.

Thank you, applied.

Dec 3 2021, 8:24 AM · FIPS, libgcrypt

Dec 2 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

I sent a copy to gcrypt-devel@gnupg.org. Hope this is the right process. Thanks.

Dec 2 2021, 5:47 PM · patch, ppc, libgcrypt, Feature Request
jukivili added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Please read doc/HACKING carefully on the process of sending DCO the right way.

Dec 2 2021, 5:31 PM · patch, ppc, libgcrypt, Feature Request
Jakuje added a comment to T5645: RSA/DSA keygen modification for FIPS/ACVP testing.

Let me get back to this once more as one of the parts for RSA was initially missed:

diff -up libgcrypt-1.8.4/cipher/rsa.c.fips-keygen libgcrypt-1.8.4/cipher/rsa.c
--- libgcrypt-1.8.4/cipher/rsa.c.fips-keygen	2017-11-23 19:16:58.000000000 +0100
+++ libgcrypt-1.8.4/cipher/rsa.c	2019-02-12 14:29:25.630513971 +0100
@@ -696,7 +696,7 @@ generate_x931 (RSA_secret_key *sk, unsig
Dec 2 2021, 4:34 PM · libgcrypt, FIPS, Bug Report
Jakuje created T5714: tests: Do not run tests for algorithms that are not built-in.
Dec 2 2021, 2:21 PM · libgcrypt, Bug Report
Jakuje added a comment to T5523: jitter entropy RNG update.

I went through some more testing and noticed one missing file in the release tarball, that prevents building libgcrypt now. Should be fixed with the attached patch.

Dec 2 2021, 12:32 PM · FIPS, libgcrypt
Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

I did go through a bit more testing too and the selftests still initialize and use the secure memory (and the t-secmem fails in FIPS mode if we invoke selftests from constructor). Now from run_random_selftests() -> _gcry_random_selftest() -> drbg_healthcheck() -> _gcry_rngdrbg_healthcheck_one(). So this means that we either need to de-initialize secure memory after the constructor selftests or prevent its initialization as I suggested in some of the previous comments.

Dec 2 2021, 12:29 PM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5512: Implement service indicators.

For the part 1, I created: T5710: FIPS: disable DSA for FIPS

Dec 2 2021, 1:16 AM · Feature Request, FIPS, libgcrypt
gniibe updated subscribers of T5710: FIPS: disable DSA for FIPS.

This is the patch from @Jakuje

Dec 2 2021, 1:14 AM · FIPS, libgcrypt
gniibe triaged T5710: FIPS: disable DSA for FIPS as Normal priority.
Dec 2 2021, 1:12 AM · FIPS, libgcrypt

Dec 1 2021

gniibe added a comment to T5512: Implement service indicators.

Also, applied the part 2, improving basic.c.

Dec 1 2021, 6:46 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T5512: Implement service indicators.

Applied the part 3, the 3DES is no-FIPS patch.

Dec 1 2021, 6:19 AM · Feature Request, FIPS, libgcrypt

Nov 30 2021

gniibe moved T5512: Implement service indicators from Backlog to Next on the FIPS board.
Nov 30 2021, 11:06 AM · Feature Request, FIPS, libgcrypt
gniibe renamed T5706: libgcrypt: random: Remove the feature getting randomness from random daemon from libgcrypt: random: Remove access to random daemon to libgcrypt: random: Remove the feature getting randomness from random daemon.
Nov 30 2021, 10:57 AM · libgcrypt
gniibe added a comment to T5512: Implement service indicators.

Applied the part 4, the indicator patch.

Nov 30 2021, 10:54 AM · Feature Request, FIPS, libgcrypt
gniibe added a project to T5692: New entropy gatherer using the genentropy system call.: Testing.
Nov 30 2021, 10:49 AM · libgcrypt, FIPS
gniibe closed T5433: libgcrypt: Do not use SHA1 by default as Wontfix.

The change for pubkey-util.c is not needed any more, because

  • T5665 handles new functions rejects use of SHA-1 as approved signature.
  • pubkey-util.c is used by gcry_pk_sign and gcry_pk_verify.
Nov 30 2021, 10:48 AM · FIPS, libgcrypt, Bug Report
gniibe triaged T5706: libgcrypt: random: Remove the feature getting randomness from random daemon as Normal priority.
Nov 30 2021, 5:11 AM · libgcrypt
gniibe requested review of D544: Deprecation of random daemon part 1 (remove use of random daemon).
Nov 30 2021, 5:09 AM · libgcrypt

Nov 26 2021

Jakuje added a comment to T5512: Implement service indicators.

I do not like the idea of using the get_config interface for this. It should be easily usable by applications to check for single cipher/mode so int/bool return values would be preferred against the string ones (which are now used in the get_config). I am not sure if getting all the configuration in one string blob would be any use (except for some auditing) either.

Nov 26 2021, 12:22 PM · Feature Request, FIPS, libgcrypt

Nov 25 2021

gniibe added a project to T5637: Use poll for libgcrypt (support more than 1024 fds): Testing.
Nov 25 2021, 3:31 AM · libgcrypt, Feature Request

Nov 23 2021

dannytsen added a comment to T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le.

Hi Werner, Here is the DCO. Thanks.

Nov 23 2021, 3:51 PM · patch, ppc, libgcrypt, Feature Request
Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you. Extending the semantics of GCRYCTL_CLOSE_RANDOM_DEVICE sounds good to me. I think the deinit functions were created initially especially not to change the semantics of existing code using GCRYCTL_CLOSE_RANDOM_DEVICE, but I agree that it will probably not be an issue.

Nov 23 2021, 9:59 AM · FIPS, libgcrypt, Bug Report
werner triaged T5700: libgcrypt: bulk AES-GCM acceleration for ppc64le as Normal priority.

FWIW: We need a DCO; see doc/HACKING.

Nov 23 2021, 9:06 AM · patch, ppc, libgcrypt, Feature Request

Nov 22 2021

gniibe removed a project from T5637: Use poll for libgcrypt (support more than 1024 fds): gpgme.
Nov 22 2021, 6:21 AM · libgcrypt, Feature Request
gniibe edited projects for T5637: Use poll for libgcrypt (support more than 1024 fds), added: libgcrypt; removed gpgrt.
Nov 22 2021, 6:20 AM · libgcrypt, Feature Request

Nov 19 2021

gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Part 1 was applied. Part 3, Part 4, and Part 7 are irrelevant now, because we now have rndgetentropy which doesn't use device.

Nov 19 2021, 8:50 AM · FIPS, libgcrypt, Bug Report

Nov 18 2021

jukivili added a comment to T5694: poly1305-s390x.S is compiled despite --disable-asm.

Following patch should prevent assembly files being built at all with --disable-asm:

Nov 18 2021, 8:51 AM · libgcrypt, Bug Report
jukivili added a comment to T5694: poly1305-s390x.S is compiled despite --disable-asm.

Thanks for your report.

Nov 18 2021, 8:27 AM · libgcrypt, Bug Report
jukivili claimed T5694: poly1305-s390x.S is compiled despite --disable-asm.
Nov 18 2021, 8:17 AM · libgcrypt, Bug Report
gniibe added a comment to T5523: jitter entropy RNG update.

Fixed, with using normal memory for ->mem.

Nov 18 2021, 8:12 AM · FIPS, libgcrypt
gniibe added a comment to T5523: jitter entropy RNG update.

->mem is just used to measure the difference of memory access.

Nov 18 2021, 7:56 AM · FIPS, libgcrypt
gniibe added a comment to T5523: jitter entropy RNG update.

It found that newer jitterentropy uses larger mem (128KiB), while older uses 2KiB.

Nov 18 2021, 7:33 AM · FIPS, libgcrypt

Nov 17 2021

gniibe added a project to T5523: jitter entropy RNG update: Testing.

Pushed to master.

Nov 17 2021, 7:03 AM · FIPS, libgcrypt

Nov 16 2021

wrobelda added a comment to T5694: poly1305-s390x.S is compiled despite --disable-asm.

Additionally, poly1305-s390x.S is being compiled despite running/targeting a PC system:

Nov 16 2021, 1:31 PM · libgcrypt, Bug Report
werner added a comment to T5512: Implement service indicators.

We could use a new mode #define GCRY_GET_CONFIG_FIPS 1 with gcry_get_config:

Nov 16 2021, 1:21 PM · Feature Request, FIPS, libgcrypt
werner triaged T5694: poly1305-s390x.S is compiled despite --disable-asm as Normal priority.
Nov 16 2021, 1:10 PM · libgcrypt, Bug Report
Jakuje added a comment to T5512: Implement service indicators.

With just implicit indicators, we would have to block all non-approved cipher modes and kdfs including the OCB mode and skcrypt, which would probably make gnupg2 unusable in FIPS mode, which is not our intention.

Nov 16 2021, 1:10 PM · Feature Request, FIPS, libgcrypt
gniibe moved T5665: libgcrypt : Restrict message digest use for FIPS 140-3 from Next to Done on the FIPS board.
Nov 16 2021, 11:22 AM · FIPS, Bug Report, libgcrypt
gniibe moved T5692: New entropy gatherer using the genentropy system call. from Backlog to Next on the FIPS board.
Nov 16 2021, 11:22 AM · libgcrypt, FIPS
gniibe added a project to T5665: libgcrypt : Restrict message digest use for FIPS 140-3: Testing.
Nov 16 2021, 11:20 AM · FIPS, Bug Report, libgcrypt
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

In the documentation, I found:

Nov 16 2021, 10:58 AM · FIPS, libgcrypt, Bug Report

Nov 15 2021

wrobelda created T5694: poly1305-s390x.S is compiled despite --disable-asm.
Nov 15 2021, 10:16 PM · libgcrypt, Bug Report
werner triaged T5692: New entropy gatherer using the genentropy system call. as Normal priority.
Nov 15 2021, 7:30 PM · libgcrypt, FIPS
werner triaged T5691: Release libgcrypt 1.10.0 as Low priority.
Nov 15 2021, 7:22 PM · FIPS, Release Info, libgcrypt
wrobelda added a comment to T5365: --with-libgpg-error-prefix doesn't affect gpgrt-config path detection.

Also, and I should maybe have opened with it, the issues vcpkg has with your build system are currently tracked here, while my effort to build gpg-error natively (i.e. without relying on ShiftMediaProject fork) on all platforms is here.

Nov 15 2021, 11:27 AM · MacOS, gpgrt, Cross-Compiler, libgcrypt
wrobelda added a comment to T5365: --with-libgpg-error-prefix doesn't affect gpgrt-config path detection.

Let me clarify the use case of gpg-error.m4.

gpg-error.m4 is for GnuPG and its friends, where we cannot assume availability of pkg-config. Its capability is limited, and we don't pursue 100% compatibility of pkg-config.

Nov 15 2021, 11:16 AM · MacOS, gpgrt, Cross-Compiler, libgcrypt
gniibe added a comment to T5365: --with-libgpg-error-prefix doesn't affect gpgrt-config path detection.

Let me clarify the use case of gpg-error.m4.

Nov 15 2021, 2:30 AM · MacOS, gpgrt, Cross-Compiler, libgcrypt
wrobelda added a comment to T5365: --with-libgpg-error-prefix doesn't affect gpgrt-config path detection.

If it is new, it may be the change of this commit rC8e3cd4c4677c: build: Update gpg-error.m4.

Nov 15 2021, 1:22 AM · MacOS, gpgrt, Cross-Compiler, libgcrypt

Nov 11 2021

Jakuje added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

I just wanted to add one more note that i just found out that the tests --disable-hwf or gcry_control GCRYCTL_DISABLE_HWF have no effect in case the global_init() is called from constructor.

Nov 11 2021, 12:08 PM · FIPS, libgcrypt, Bug Report

Nov 10 2021

gniibe added a project to T5610: macOS 11 or newer support: Update libtool: gpgme.

Also applied to gpgme.

Nov 10 2021, 3:07 AM · gpgme, MacOS, ntbtls, npth, libksba, libassuan, libgcrypt, gpgrt
gniibe added a comment to T5610: macOS 11 or newer support: Update libtool.

Since there is no problem with libgpg-error 1.43, I applied it to other libraries: npth, libassuan, libksba, and ntbtls.

Nov 10 2021, 3:04 AM · gpgme, MacOS, ntbtls, npth, libksba, libassuan, libgcrypt, gpgrt
gniibe added a comment to T5512: Implement service indicators.

I'll fix regressions: failures of pubkey and pkcs1v2.

Nov 10 2021, 2:09 AM · Feature Request, FIPS, libgcrypt

Nov 9 2021

werner added a comment to T5523: jitter entropy RNG update.

Yes, keep the internal SHA-3.

Nov 9 2021, 11:33 AM · FIPS, libgcrypt
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

We will have rnd-getentropy.c

Nov 9 2021, 11:16 AM · FIPS, libgcrypt, Bug Report
gniibe claimed T5636: Run integrity checks + selftests from library constructor in FIPS.
Nov 9 2021, 11:08 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5636: Run integrity checks + selftests from library constructor in FIPS from Backlog to Next on the FIPS board.
Nov 9 2021, 11:08 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5512: Implement service indicators.

Applied and pushed symmetric algo for basic.

Nov 9 2021, 7:37 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Let me clean up rndlinux.c for current use case, at first.

Nov 9 2021, 7:07 AM · FIPS, libgcrypt, Bug Report