We have our own changes for ltmain.sh and libtool.m4.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Sep 21 2021
And update from automake 1.16:
It's better to update the set of files from libtool:
build-aux/ltmain.sh m4/libtool.m4 m4/ltoptions.m4 m4/ltsugar.m4 m4/ltversion.m4 m4/lt~obsolete.m4
Our libtool was 2.4.2 + Debian patches + our local changes.
Debian patches are:
https://salsa.debian.org/mckinstry/libtool/-/blob/debian/master/debian/patches/link_all_deplibs.patch
https://salsa.debian.org/mckinstry/libtool/-/blob/debian/master/debian/patches/netbsdelf.patch
Sep 17 2021
While data template preparation for RSA-PSS is a bit tricky, it's simple with ECDSA.
Thanks for your comment.
Sep 16 2021
Pushed my initial implementation: rC117f5c3f8028: experiment-pk_hash_sign/verify: Implement pk_hash_sign/verify.
I am doing an experiment to implement gcry_pk_hash_sign.
Two third patches are applied to master. (@werner those parts are typo fix and tests improvement, which we agreed to push.)
Sep 15 2021
disable-brainpool.patch is a text of list of patches.
I think the first two could be applied.
@Jakuje Could you please upload them?
Sep 14 2021
@onickolay No sorry needed. It was me, who cannot answer promptly.
The problem of (2), is local side-channel attacks to ElGamal encryption.
We evaluated the impact, mainly for the use case of GnuPG; ElGamal keys are not that popular any more. When such an attack is possible, easier attacks would be possible.
Sep 13 2021
2021-09-13 Update:
- Signature operation tested: RSA-PSS, RSA-PKCS#1-v1.5, RSA-X9.31, ECDSA by NIST Curves, DSA (against CAVS test vectors in FIPS 186-4)
- Newly added features (also useful for standard API of sexp):
- Support of X9.31 signature scheme with RSA
- Support of supplying random "k" for DSA/ECDSA
- Digest mode ASN for SHA512-224 and SHA512-256 (required for RSA PKCS#1-v1.5)
- Newly added features (also useful for standard API of sexp):
Sep 10 2021
Sep 9 2021
Here is a possible fix:
Sep 8 2021
Sep 7 2021
BTW, the reason of the name "pkey" is that because gcry_pk_ctl is already occupied.
It will be changed, if needed.
Today, I pushed an example for RSA-PSS.
Sep 6 2021
I created an experimental branch:
https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Fnew-pk-api/
Sep 2 2021
Sep 1 2021
I filed a bug report to GCC, with modified test case.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102151
Aug 30 2021
Aug 27 2021
Fixed for (1): Now it writes correct record with valid checksum and flag.
Code for avoiding the COMMON section has been there, because of RISC OS.
I think that it will be easier to enable that for all (but not for RISC OS only).
Aug 26 2021
I understand your problem.
Added a test, and tested with glibc 2.32 by manual editing config.h for USE_POSIX_THREADS_FROM_LIBC.
Works correctly.
Aug 25 2021
To fix this, rG48251cf9a7d3: gpg: Improve generation of keys stored on card (brainpool,cv25519). for GnuPG 2.3 should be backported.
Closing, as downstream ticket has been closed.
Fixed in libgcrypt 1.9.4.
Fixed in 2.3.2.
It must be fixed in 2.3.2. If not, please report.
Aug 24 2021
t-fam.c: In function 'main': t-fam.c:34:14: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds] 34 | aad0->next = NULL; | ^ t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc' 30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ t-fam.c:35:13: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds] 35 | aad0->len = 2; | ~~~~~~~~~~^~~ t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc' 30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ t-fam.c:36:15: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds] 36 | aad0->flags = 0; | ~~~~~~~~~~~~^~~ t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc' 30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ t-fam.c:37:18: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds] 37 | aad0->print_fd = fd; | ~~~~~~~~~~~~~~~^~~~ t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc' 30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For GCC 11, modified version of struct arg_and_data_s has an issue for x86_64.
Aug 23 2021
Here is the place:
https://dev.gnupg.org/source/gnupg/browse/master/g10/pubkey-enc.c$151
In GnuPG 2.3, the procedure of decryption has been changed;
It now collects all ENC_TO packet, keeping it to ->PKENC_LIST field, and then process ENCRYPTED packet with the list.
For the use case of struct arg_and_data_s in gpgme, which may allocate zero-sized ARG[], it seems that GCC 11 interprets it as an invalid use.
Aug 20 2021
While I don't know if runtime integrity check is required or not by FIPS 140,
I checked OpenSSL, and it has such a check in openssl/providers/fips. The FIPS module configuration file which has the module checksum by HMAC is generated by openssl fipsinstall command.
Ah... I realized that HMAC integrity check with dladdr (using address of constant string) might work (at some point) to determine the filename of libgcrypt.so, when/if glibc implementation allows searching with address of constant string. So, my claim "never worked" was wrong.
Aug 19 2021
Aug 18 2021
For use of SHA-1:
Aug 17 2021
For tests with FIPS mode enabled, I manually create the file .libgcrypt.so.20.hmac under src/.libs.
I pushed my further change.
Also, applied and pushed your changes.