Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jan 11 2022

gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

Patch applied, doc updated.
No change of FSM diagram.

Jan 11 2022, 6:34 AM · Feature Request, FIPS, libgcrypt
gniibe committed rC2a8b3fed1a80: fips: Provide a mechanizm to put libgcrypt in non-FIPS mode. (authored by gniibe).
fips: Provide a mechanizm to put libgcrypt in non-FIPS mode.
Jan 11 2022, 6:34 AM
gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

I pushed the change: rC383866f014f2: cipher: Keep original behavior of Key Unwrap when not extended.

Jan 11 2022, 5:39 AM · Feature Request, libgcrypt
gniibe added a project to T5712: Yubikey 5 NFC only recognized immediately after it is inserted: Documentation.
Jan 11 2022, 5:32 AM · Documentation, Bug Report
gniibe claimed T5762: libgpg-error: permit auto-introspection on non-glibc platforms like musl.
Jan 11 2022, 5:24 AM · gpgrt, Bug Report
gniibe added a comment to T5762: libgpg-error: permit auto-introspection on non-glibc platforms like musl.

Thank you for forwarding from Debian.

Jan 11 2022, 5:23 AM · gpgrt, Bug Report
gniibe committed rC383866f014f2: cipher: Keep original behavior of Key Unwrap when not extended. (authored by gniibe).
cipher: Keep original behavior of Key Unwrap when not extended.
Jan 11 2022, 3:10 AM

Jan 6 2022

gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

Now, unwrapping supports both cases (KW and KWP).

Jan 6 2022, 1:09 AM · Feature Request, libgcrypt

Jan 5 2022

gniibe committed rC746b8e29969b: cipher: Add an API to retrieve unwrapped key length for KWP. (authored by gniibe).
cipher: Add an API to retrieve unwrapped key length for KWP.
Jan 5 2022, 4:14 AM

Jan 4 2022

gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

For unwrapping, it is good if we can support "automatic" unwrapping, apply W^-1 and check the first 8 octets to see if it's KW or KWP.

Jan 4 2022, 1:01 PM · Feature Request, libgcrypt
gniibe added a project to T5748: Adding poll/ppoll to NPTH: Restricted Project.
Jan 4 2022, 12:58 PM · npth, Feature Request
gniibe claimed T5541: Envvar LIBGCRYPT_FORCE_FIPS_MODE.
Jan 4 2022, 11:17 AM · Feature Request, FIPS, libgcrypt
gniibe edited projects for T5747: Provide a way to request non-FIPS service in FIPS mode, added: Feature Request; removed Bug Report.
Jan 4 2022, 11:17 AM · Feature Request, FIPS, libgcrypt
gniibe claimed T5747: Provide a way to request non-FIPS service in FIPS mode.
Jan 4 2022, 11:16 AM · Feature Request, FIPS, libgcrypt
gniibe moved T5747: Provide a way to request non-FIPS service in FIPS mode from Backlog to Next on the FIPS board.
Jan 4 2022, 11:16 AM · Feature Request, FIPS, libgcrypt
gniibe moved T5636: Run integrity checks + selftests from library constructor in FIPS from Next to Ready for release on the FIPS board.
Jan 4 2022, 11:16 AM · FIPS, libgcrypt, Bug Report
gniibe moved T5512: Implement service indicators from Next to Ready for release on the FIPS board.
Jan 4 2022, 11:16 AM · Feature Request, FIPS, libgcrypt
gniibe moved T5692: New entropy gatherer using the genentropy system call. from Next to Ready for release on the FIPS board.
Jan 4 2022, 11:15 AM · libgcrypt, FIPS
gniibe moved T5759: Rename rndlinux module to rndoldlinux from Backlog to Next on the FIPS board.
Jan 4 2022, 11:07 AM · libgcrypt, FIPS
gniibe removed a project from T5759: Rename rndlinux module to rndoldlinux: Restricted Project.
Jan 4 2022, 10:56 AM · libgcrypt, FIPS
gniibe triaged T5759: Rename rndlinux module to rndoldlinux as Normal priority.
Jan 4 2022, 10:55 AM · libgcrypt, FIPS
gniibe renamed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed from scd: reader_port to scd: loop forever with reader_port, when open_pcsc_reader failed.
Jan 4 2022, 7:03 AM · gnupg (gpg23), scd
gniibe claimed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.
Jan 4 2022, 7:02 AM · gnupg (gpg23), scd
gniibe committed rGf9c9938b28b6: scd,pcsc: Fix error handling for a reader with reader-port. (authored by gniibe).
scd,pcsc: Fix error handling for a reader with reader-port.
Jan 4 2022, 7:02 AM
gniibe added a comment to T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.

The problem was the error handling.
I didn't apply the patch directly, but improved the code paths.

Jan 4 2022, 7:02 AM · gnupg (gpg23), scd
gniibe triaged T5758: scd: loop forever with reader_port, when open_pcsc_reader failed as Normal priority.
Jan 4 2022, 6:44 AM · gnupg (gpg23), scd
gniibe accepted D547: Fixed reader-port infinite loop.
Jan 4 2022, 6:42 AM
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

And I'm testing following:

Jan 4 2022, 6:40 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

The "at first" change done.

Jan 4 2022, 6:40 AM · Feature Request, FIPS, libgcrypt
gniibe committed rC034e4402dade: fips: Use flags.fips to check algo availability. (authored by gniibe).
fips: Use flags.fips to check algo availability.
Jan 4 2022, 6:13 AM
gniibe committed rCf9ba07942b10: cipher: Use const for *_spec_t, if possible. (authored by gniibe).
cipher: Use const for *_spec_t, if possible.
Jan 4 2022, 6:13 AM
gniibe committed rCc49ff1f46436: doc: Fix previous commit. (authored by gniibe).
doc: Fix previous commit.
Jan 4 2022, 6:13 AM
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

At first, I think that we need to change the way how libgcrypt rejects non-approved cipher/md/mac/pk.

Jan 4 2022, 3:30 AM · Feature Request, FIPS, libgcrypt
gniibe committed rC11ef7b50a708: doc: Update doc/gcrypt.texi for random/. (authored by gniibe).
doc: Update doc/gcrypt.texi for random/.
Jan 4 2022, 2:45 AM
gniibe added a project to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support: Restricted Project.
Jan 4 2022, 12:56 AM · Feature Request, libgcrypt

Jan 3 2022

gniibe committed rC2914f169f954: cipher: Add support of Key wrap with padding (KWP). (authored by gniibe).
cipher: Add support of Key wrap with padding (KWP).
Jan 3 2022, 7:41 AM

Dec 24 2021

gniibe added a project to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support: libgcrypt.
Dec 24 2021, 9:20 AM · Feature Request, libgcrypt
gniibe triaged T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support as Wishlist priority.
Dec 24 2021, 9:20 AM · Feature Request, libgcrypt
gniibe added a comment to D546: build: Find correct version string for Python >= 3.10.

Thank you for submitting the patch.

Dec 24 2021, 2:24 AM · Python, Feature Request, gpgme

Dec 23 2021

gniibe lowered the priority of T5748: Adding poll/ppoll to NPTH from High to Normal.
Dec 23 2021, 1:22 AM · npth, Feature Request

Dec 22 2021

gniibe updated the task description for T5749: Ed25519: Signature (R,S), where S=0 is possible for EdDSA.
Dec 22 2021, 12:11 PM · gnupg
gniibe created T5749: Ed25519: Signature (R,S), where S=0 is possible for EdDSA.
Dec 22 2021, 12:10 PM · gnupg
gniibe committed rPac338b99fd63: build: Fix configure.ac for newer autoconf/automake. (authored by gniibe).
build: Fix configure.ac for newer autoconf/automake.
Dec 22 2021, 5:42 AM
gniibe committed rG85db1b1a3b16: build: Remove unused old m4 files. (authored by gniibe).
build: Remove unused old m4 files.
Dec 22 2021, 5:32 AM
gniibe committed rPTHe73ae33adfbc: build: Remove unused m4/sys_socket_h.m4. (authored by gniibe).
build: Remove unused m4/sys_socket_h.m4.
Dec 22 2021, 4:45 AM
gniibe committed rPTHb5ecd8d2c6fd: posix: Add npth_poll/npth_ppoll. (authored by gniibe).
posix: Add npth_poll/npth_ppoll.
Dec 22 2021, 4:45 AM
gniibe committed rE973dbdbfc901: build: Recover and update *.m4. (authored by gniibe).
build: Recover and update *.m4.
Dec 22 2021, 3:42 AM
gniibe committed rK51b565054096: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 3:40 AM
gniibe committed rG6b4441a7de9d: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 2:40 AM
gniibe committed rE980e4410bb0a: build: Remove obsolete m4 files. (authored by gniibe).
build: Remove obsolete m4 files.
Dec 22 2021, 2:19 AM
gniibe committed rA66d5fe281c8d: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 2:17 AM
gniibe committed rC3204c3827e98: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 2:03 AM
gniibe committed rT2f2a787ac6b4: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 1:56 AM
gniibe triaged T5748: Adding poll/ppoll to NPTH as High priority.
Dec 22 2021, 1:51 AM · npth, Feature Request
gniibe committed rM0636e229d7ed: build: Update for newer autoconf. (authored by gniibe).
build: Update for newer autoconf.
Dec 22 2021, 1:51 AM

Dec 21 2021

gniibe committed rG82b289328d85: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Dec 21 2021, 2:13 AM
gniibe committed rGc3db27fa8520: agent: Fix comment for .po generation. (authored by gniibe).
agent: Fix comment for .po generation.
Dec 21 2021, 2:13 AM
gniibe committed rDe2b04c5b8a7d: security: Address our stance for libgcrypt Threat Model. (authored by gniibe).
security: Address our stance for libgcrypt Threat Model.
Dec 21 2021, 1:18 AM
gniibe edited projects for T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG, added: gnupg (gpg22); removed gnupg.
Dec 21 2021, 1:06 AM · Restricted Project, Bug Report, gnupg (gpg23)

Dec 20 2021

gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

So, this is the patch. Note that this is for master.

diff --git a/g10/keygen.c b/g10/keygen.c
index 7f15027a2..a452ab6d6 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -5619,7 +5619,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
           pk = find_kbnode (pub_root, PKT_PUBLIC_KEY)->pkt->pkt.public_key;
Dec 20 2021, 11:37 AM · Restricted Project, Bug Report, gnupg (gpg23)
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

I think that the change for T5685 introduced the issue.

Dec 20 2021, 3:32 AM · Restricted Project, Bug Report, gnupg (gpg23)
gniibe added a comment to T5685: Clear stale --trusted-key records from the trustdb.
Dec 20 2021, 3:31 AM · gnupg

Dec 17 2021

gniibe committed rTc2900c4f1d2b: build,w32: Fix configure script. (authored by gniibe).
build,w32: Fix configure script.
Dec 17 2021, 9:42 AM
gniibe committed rA576fbb033805: build,w32: Update configure script. (authored by gniibe).
build,w32: Update configure script.
Dec 17 2021, 9:34 AM
gniibe added a comment to T5731: libgcrypt,w32: Possible API change for include file(s).

GnuPG needs to be fixed. Done by rGe08225030dfb: w32: Prepare for the case gcrypt.h will not include winsock2.h..

Dec 17 2021, 5:41 AM · libgcrypt
gniibe committed rGa9b95b20a8c3: dirmngr: Fix ldap-url.c. (authored by gniibe).
dirmngr: Fix ldap-url.c.
Dec 17 2021, 5:39 AM
gniibe committed rGe08225030dfb: w32: Prepare for the case gcrypt.h will not include winsock2.h. (authored by gniibe).
w32: Prepare for the case gcrypt.h will not include winsock2.h.
Dec 17 2021, 5:39 AM
gniibe added a comment to T5692: New entropy gatherer using the genentropy system call..

Thank you for comments on random/rndlinux.c.

Dec 17 2021, 2:12 AM · libgcrypt, FIPS
gniibe added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

Pushed another patch to clarify the semantics of --enable-random-daemon;
It's only for building gcryptrnd and the test program getrandom.

Dec 17 2021, 1:46 AM · libgcrypt
gniibe committed rC27d945084f69: random: Keep --enable-random-daemon, but not its use from runtime. (authored by gniibe).
random: Keep --enable-random-daemon, but not its use from runtime.
Dec 17 2021, 1:45 AM
gniibe added a comment to T5706: libgcrypt: random: Remove the feature getting randomness from random daemon.

Good catch. I pushed the change to remove use of random daemon remained.

Dec 17 2021, 1:36 AM · libgcrypt
gniibe committed rC14f5d73e2731: random: Remove random-daemon use remained. (authored by gniibe).
random: Remove random-daemon use remained.
Dec 17 2021, 1:32 AM
gniibe committed rC45974d877539: fips: Add constructor to run selftests. (authored by gniibe).
fips: Add constructor to run selftests.
Dec 17 2021, 1:09 AM
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Thank you for your quick testing.

Dec 17 2021, 1:09 AM · FIPS, libgcrypt, Bug Report
gniibe committed rE8d2bd9a0d4bb: tests: Fix gpg-error-config-test for PKG_CONFIG_LIBDIR. (authored by gniibe).
tests: Fix gpg-error-config-test for PKG_CONFIG_LIBDIR.
Dec 17 2021, 12:53 AM
gniibe added a project to T5740: gpg error check fails: Restricted Project.

The patch worked, thank you very much.

Dec 17 2021, 12:53 AM · gpgrt, Bug Report

Dec 16 2021

gniibe added a comment to T5740: gpg error check fails.

Thank you for the log.

Dec 16 2021, 9:25 AM · gpgrt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

libgcrypt-constructor.patch2 KBDownload

Dec 16 2021, 5:20 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Here is the change remained:

diff --git a/src/fips.c b/src/fips.c
index bcadc5f2..5499aee8 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -82,6 +82,12 @@ static void fips_new_state (enum module_states new_state);
Dec 16 2021, 5:19 AM · FIPS, libgcrypt, Bug Report
gniibe added a comment to T5636: Run integrity checks + selftests from library constructor in FIPS.

Before rebasing, I pushed a change to simplify access to no_secure_memory variable by rC209d98dcf66b: Simplify the logic for no_secure_memory..

Dec 16 2021, 5:13 AM · FIPS, libgcrypt, Bug Report
gniibe committed rC209d98dcf66b: Simplify the logic for no_secure_memory. (authored by gniibe).
Simplify the logic for no_secure_memory.
Dec 16 2021, 3:53 AM
gniibe added a project to T5512: Implement service indicators: Restricted Project.
Dec 16 2021, 1:18 AM · Feature Request, FIPS, libgcrypt

Dec 15 2021

gniibe claimed T5740: gpg error check fails.
Dec 15 2021, 3:31 PM · gpgrt, Bug Report
gniibe committed rEf5e043ad271f: build: Update configure.ac for newer autoconf. (authored by gniibe).
build: Update configure.ac for newer autoconf.
Dec 15 2021, 3:25 PM
gniibe added a comment to T5740: gpg error check fails.

So, please show us gpg-error-config-test.log by your build.

Dec 15 2021, 3:04 PM · gpgrt, Bug Report

Dec 14 2021

gniibe moved T4894: FIPS: RSA/DSA/ECDSA are missing hashing operation from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:20 AM · FIPS, libgcrypt, Feature Request
gniibe moved T5710: FIPS: disable DSA for FIPS from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:20 AM · FIPS, libgcrypt
gniibe moved T5723: libgcrypt: Remove random-fips.c from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:19 AM · FIPS, libgcrypt
gniibe moved T5523: jitter entropy RNG update from Next to Ready for release on the FIPS board.
Dec 14 2021, 11:19 AM · FIPS, libgcrypt
gniibe removed a project from T5576: New set of API for public key cryptography: FIPS.
Dec 14 2021, 11:18 AM · libgcrypt, Feature Request
gniibe updated the task description for T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:49 AM · www.gnupg.org, libgcrypt
gniibe updated the task description for T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:47 AM · www.gnupg.org, libgcrypt
gniibe renamed T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope from web,libgcrypt: Publish our stance what kind of attacks are under our scope to web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:42 AM · www.gnupg.org, libgcrypt
gniibe created T5734: web,libgcrypt: Publish our stance what kind of attacks are **not** under our scope.
Dec 14 2021, 7:41 AM · www.gnupg.org, libgcrypt

Dec 13 2021

gniibe committed rEe17cf023d894: build: Detect a system with musl, as a variant of GNU System. (authored by gniibe).
build: Detect a system with musl, as a variant of GNU System.
Dec 13 2021, 6:33 AM
gniibe committed rEf15c06951bb9: build: Fix have_lock_optimization code for 'guessing yes'. (authored by gniibe).
build: Fix have_lock_optimization code for 'guessing yes'.
Dec 13 2021, 6:33 AM
gniibe updated the task description for T5731: libgcrypt,w32: Possible API change for include file(s).
Dec 13 2021, 5:28 AM · libgcrypt
gniibe triaged T5731: libgcrypt,w32: Possible API change for include file(s) as Normal priority.
Dec 13 2021, 5:27 AM · libgcrypt
gniibe claimed T5730: During make, compile error under Ubuntu 21.10.

Thank you for your report.

Dec 13 2021, 3:13 AM · gpgme, Bug Report

Dec 10 2021

gniibe committed rG61ac580a2075: gpg: Emit compatible Ed25519 signature. (authored by gniibe).
gpg: Emit compatible Ed25519 signature.
Dec 10 2021, 8:32 AM
First
Prev
Next