We have our own changes for ltmain.sh and libtool.m4.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Sep 21 2021
Sep 21 2021
And update from automake 1.16:
It's better to update the set of files from libtool:
build-aux/ltmain.sh m4/libtool.m4 m4/ltoptions.m4 m4/ltsugar.m4 m4/ltversion.m4 m4/lt~obsolete.m4
Our libtool was 2.4.2 + Debian patches + our local changes.
Debian patches are:
https://salsa.debian.org/mckinstry/libtool/-/blob/debian/master/debian/patches/link_all_deplibs.patch
https://salsa.debian.org/mckinstry/libtool/-/blob/debian/master/debian/patches/netbsdelf.patch
Sep 17 2021
Sep 17 2021
While data template preparation for RSA-PSS is a bit tricky, it's simple with ECDSA.
Thanks for your comment.
Sep 16 2021
Sep 16 2021
Pushed my initial implementation: rC117f5c3f8028: experiment-pk_hash_sign/verify: Implement pk_hash_sign/verify.
I am doing an experiment to implement gcry_pk_hash_sign.
Two third patches are applied to master. (@werner those parts are typo fix and tests improvement, which we agreed to push.)
• gniibe committed rCfd116968ef2d: tests: Improve FIPS detection in curves test. (authored by Jakuje).
tests: Improve FIPS detection in curves test.
tests: Fix typo in comment
Sep 15 2021
Sep 15 2021
disable-brainpool.patch is a text of list of patches.
I think the first two could be applied.
@Jakuje Could you please upload them?
Sep 14 2021
Sep 14 2021
@onickolay No sorry needed. It was me, who cannot answer promptly.
The problem of (2), is local side-channel attacks to ElGamal encryption.
We evaluated the impact, mainly for the use case of GnuPG; ElGamal keys are not that popular any more. When such an attack is possible, easier attacks would be possible.
• gniibe committed rCd04b1be9edac: cipher: Fix support of sha512-224 and sha512-256. (authored by • gniibe).
cipher: Fix support of sha512-224 and sha512-256.
• gniibe committed rC422031a5943f: cipher: Support internal hashing with "prehash" for RSA PKCS#1. (authored by • gniibe).
cipher: Support internal hashing with "prehash" for RSA PKCS#1.
Sep 13 2021
Sep 13 2021
2021-09-13 Update:
- Signature operation tested: RSA-PSS, RSA-PKCS#1-v1.5, RSA-X9.31, ECDSA by NIST Curves, DSA (against CAVS test vectors in FIPS 186-4)
- Newly added features (also useful for standard API of sexp):
- Support of X9.31 signature scheme with RSA
- Support of supplying random "k" for DSA/ECDSA
- Digest mode ASN for SHA512-224 and SHA512-256 (required for RSA PKCS#1-v1.5)
- Newly added features (also useful for standard API of sexp):
Sep 10 2021
Sep 10 2021
• gniibe committed rE6b08dd09864e: gpgrt-config: Fix behavior when PKG_CONFIG_LIBDIR="". (authored by • gniibe).
gpgrt-config: Fix behavior when PKG_CONFIG_LIBDIR="".
• gniibe changed the status of T5595: gpgrt-config doesn't work well with PKG_CONFIG_LIBDIR="" and setting PKG_CONFIG_PATH from Open to Testing.
Sep 9 2021
Sep 9 2021
• gniibe added a comment to T5595: gpgrt-config doesn't work well with PKG_CONFIG_LIBDIR="" and setting PKG_CONFIG_PATH.
Here is a possible fix:
• gniibe triaged T5595: gpgrt-config doesn't work well with PKG_CONFIG_LIBDIR="" and setting PKG_CONFIG_PATH as High priority.
Sep 8 2021
Sep 8 2021
Sep 7 2021
Sep 7 2021
BTW, the reason of the name "pkey" is that because gcry_pk_ctl is already occupied.
It will be changed, if needed.
Today, I pushed an example for RSA-PSS.
Sep 6 2021
Sep 6 2021
• gniibe moved T5508: Allow hardware optimizations in FIPS from Backlog to Ready for release on the FIPS board.
I created an experimental branch:
https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Fnew-pk-api/
Sep 2 2021
Sep 2 2021
Sep 1 2021
Sep 1 2021
• gniibe set External Link to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102151 on T5556: Use of offsetof is better for allocation of flexible array.
I filed a bug report to GCC, with modified test case.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102151
Aug 30 2021
Aug 30 2021
• gniibe closed T5365: --with-libgpg-error-prefix doesn't affect gpgrt-config path detection as Resolved.
Aug 27 2021
Aug 27 2021
common: Fix put_membuf.
Fixed for (1): Now it writes correct record with valid checksum and flag.
• gniibe committed rG0b64c27446c6: kbx: Fix checksum computation for no UBID entry on disk. (authored by • gniibe).
kbx: Fix checksum computation for no UBID entry on disk.
common: Fix put_membuf.
• gniibe changed the status of T5572: gnupg1: Missing extern-inline.m4 for gl_EXTERN_INLINE from Open to Testing.
• gniibe committed rG9ad423d7218c: gpg: Avoid use of COMMON section for all cases. (authored by • gniibe).
gpg: Avoid use of COMMON section for all cases.
• gniibe committed rGb3c130eb25a6: build: Add m4/extern-inline.m4 from gnulib. (authored by • gniibe).
build: Add m4/extern-inline.m4 from gnulib.
• gniibe committed rGa831f80e044a: tools: Fix for RISC OS which doesn't allow COMMON section. (authored by • gniibe).
tools: Fix for RISC OS which doesn't allow COMMON section.
• gniibe committed rG467f057ad15c: gpg: Use sigdescr_np for newer GNU C library. (authored by • gniibe).
gpg: Use sigdescr_np for newer GNU C library.
Code for avoiding the COMMON section has been there, because of RISC OS.
I think that it will be easier to enable that for all (but not for RISC OS only).
build: Fix removal of AC_TYPE_SIGNAL.
• gniibe committed rGd5f9481186ea: common: Fix get_signal_name for GNU/Linux. (authored by • gniibe).
common: Fix get_signal_name for GNU/Linux.
po: Update Japanese Translation.
Aug 26 2021
Aug 26 2021
• gniibe committed rE2b476b3ebc1d: tests: Add a test for locking when single thread. (authored by • gniibe).
tests: Add a test for locking when single thread.
• gniibe committed rGc4ba712736dd: common: Fix get_signal_name for GNU/Linux. (authored by • gniibe).
common: Fix get_signal_name for GNU/Linux.
I understand your problem.
Added a test, and tested with glibc 2.32 by manual editing config.h for USE_POSIX_THREADS_FROM_LIBC.
Works correctly.
Aug 25 2021
Aug 25 2021
To fix this, rG48251cf9a7d3: gpg: Improve generation of keys stored on card (brainpool,cv25519). for GnuPG 2.3 should be backported.
Closing, as downstream ticket has been closed.
Fixed in libgcrypt 1.9.4.
Fixed in 2.3.2.
• gniibe closed T5530: Add "prehash" support to DSA and ECDSA signing, a subtask of T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation, as Resolved.
• gniibe closed T5529: Support internal hashing for RSA-PSS, a subtask of T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation, as Resolved.
• gniibe changed the status of T5415: YubiKey no longer recognized in GnuPG 2.3.1 on macOS 10.15.7 from Open to Testing.
It must be fixed in 2.3.2. If not, please report.
Aug 24 2021
Aug 24 2021
t-fam.c: In function 'main':
t-fam.c:34:14: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
34 | aad0->next = NULL;
| ^
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:35:13: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
35 | aad0->len = 2;
| ~~~~~~~~~~^~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:36:15: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
36 | aad0->flags = 0;
| ~~~~~~~~~~~~^~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t-fam.c:37:18: warning: array subscript 'struct arg_and_data_s[0]' is partly outside array bounds of 'unsigned char[22]' [-Warray-bounds]
37 | aad0->print_fd = fd;
| ~~~~~~~~~~~~~~~^~~~
t-fam.c:30:10: note: referencing an object of size 22 allocated by 'malloc'
30 | aad0 = malloc (offsetof (struct arg_and_data_s, arg) + 2);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~For GCC 11, modified version of struct arg_and_data_s has an issue for x86_64.
• gniibe committed rG3ed5f566fc05: gpg: Report the status of NO_SECKEY for decryption. (authored by • gniibe).
gpg: Report the status of NO_SECKEY for decryption.
Aug 23 2021
Aug 23 2021
• gniibe added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.
Here is the place:
https://dev.gnupg.org/source/gnupg/browse/master/g10/pubkey-enc.c$151
• gniibe added a comment to T5562: GnuPG behaves inconsistently across versions when a secret key is not found during decryption.
In GnuPG 2.3, the procedure of decryption has been changed;
It now collects all ENC_TO packet, keeping it to ->PKENC_LIST field, and then process ENCRYPTED packet with the list.
For the use case of struct arg_and_data_s in gpgme, which may allocate zero-sized ARG[], it seems that GCC 11 interprets it as an invalid use.
• gniibe committed rC581e04386d87: cipher: Use offsetof for allocation of gcry_md_context. (authored by • gniibe).
cipher: Use offsetof for allocation of gcry_md_context.
• gniibe added projects to T5556: Use of offsetof is better for allocation of flexible array: libgcrypt, gpgme, gnupg (gpg23).
Aug 20 2021
Aug 20 2021
• gniibe committed rG1565baa93ae3: scd: Don't release the context until list_finish for PC/SC. (authored by • gniibe).
scd: Don't release the context until list_finish for PC/SC.
While I don't know if runtime integrity check is required or not by FIPS 140,
I checked OpenSSL, and it has such a check in openssl/providers/fips. The FIPS module configuration file which has the module checksum by HMAC is generated by openssl fipsinstall command.
Ah... I realized that HMAC integrity check with dladdr (using address of constant string) might work (at some point) to determine the filename of libgcrypt.so, when/if glibc implementation allows searching with address of constant string. So, my claim "never worked" was wrong.
Aug 19 2021
Aug 19 2021
• gniibe committed rCc9acca865ba4: hmac: Don't have the second implementation of hmac256. (authored by • gniibe).
hmac: Don't have the second implementation of hmac256.
• gniibe committed rCc11788e5641b: fips: Don't use gcry_check_version for integrity check any more. (authored by • gniibe).
fips: Don't use gcry_check_version for integrity check any more.
• gniibe committed rCf02dc5235e47: fips: Use a .rodata1 section integrity check with hmac256. (authored by • gniibe).
fips: Use a .rodata1 section integrity check with hmac256.
• gniibe committed rC24aaded244a2: build: Generate hash for integrity check with hmac256 (2). (authored by • gniibe).
build: Generate hash for integrity check with hmac256 (2).
Aug 18 2021
Aug 18 2021
• gniibe committed rC3c89aad4a0d7: build: Generate hash for integrity check with hmac256. (authored by • gniibe).
build: Generate hash for integrity check with hmac256.
• gniibe committed rCcbbdc015bf52: cipher: Fix the order of fields of gcry_md_context. (authored by • gniibe).
cipher: Fix the order of fields of gcry_md_context.
• gniibe committed rC07c21dd7d134: hmac: Fix hmac256 command option handling. (authored by • gniibe).
hmac: Fix hmac256 command option handling.
hmac: Use xfree.
For use of SHA-1:
Aug 17 2021
Aug 17 2021
For tests with FIPS mode enabled, I manually create the file .libgcrypt.so.20.hmac under src/.libs.
I pushed my further change.
Also, applied and pushed your changes.
dsa: Drop dead code
• gniibe committed rC6e40fca72635: tests: Generating large-enough DSA keys works in FIPS mode (authored by Jakuje).
tests: Generating large-enough DSA keys works in FIPS mode
• gniibe committed rC034055ffdca2: rsa: Do not allow 1024 RSA keys in FIPS mode (authored by Jakuje).
rsa: Do not allow 1024 RSA keys in FIPS mode
• gniibe committed rC588b8bb6ef09: tests: Avoid confusing 'success' on error message (authored by Jakuje).
tests: Avoid confusing 'success' on error message
• gniibe committed rC2ae56abd0eb6: fips: Fix tests in fips mode and non-fips mode. (authored by • gniibe).
fips: Fix tests in fips mode and non-fips mode.