Page MenuHome GnuPG

Jakuje (Jakub Jelen)
User

Projects

User Details

User Since
Jan 6 2021, 10:04 AM (204 w, 11 h)
Availability
Available

Recent Activity

Aug 7 2024

Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

I do not have Aarch64 machine at hand so what I did was building the package with changes on the build system with previous patches and checking the correct flag are in place (previously in RHEL10, but now in Fedora):

Aug 7 2024, 10:09 AM · libgcrypt, Bug Report

Aug 5 2024

Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

Thanks! Verified this builds on aarch64 correctly and generates the right flags on the output:

Hardened: /builddir/build/BUILDROOT/libgcrypt-1.11.0-3.el10.aarch64/usr/lib64/libgcrypt.so.20.5.0: Overall: PASS.
Aug 5 2024, 9:40 PM · libgcrypt, Bug Report
Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

Tested in our build environment and indeed, just this patch does not solve the issue for aarch64.

Aug 5 2024, 11:50 AM · libgcrypt, Bug Report

Jul 29 2024

Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

Recent changes fixed the issue for the x86_64 builds, but I see similar symptoms in the aarch64 build now. Annocheck reports the following failures:

Hardened: /usr/lib64/libgcrypt.so.20.5.0: FAIL: dynamic-tags test because the BTI_PLT flag is missing from the dynamic tags 
Hardened: /usr/lib64/libgcrypt.so.20.5.0: info: For more information visit: https://sourceware.org/annobin/annobin.html/Test-dynamic-tags.html
Hardened: /usr/lib64/libgcrypt.so.20.5.0: FAIL: property-note test because properly formatted .note.gnu.property not found (it is needed for branch protection support) 
Hardened: /usr/lib64/libgcrypt.so.20.5.0: info: For more information visit: https://sourceware.org/annobin/annobin.html/Test-property-note.html

I do not have aarch64 machine at hand now to investigate this further, but this sounds like orthogonal functionality to the CET on Intel.

Jul 29 2024, 3:18 PM · libgcrypt, Bug Report

Jul 27 2024

Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

Thank you. With this patch the IBT flags are present on the shared object and CF protection test passes.

Jul 27 2024, 8:40 AM · libgcrypt, Bug Report

Jul 26 2024

Jakuje added a comment to T7220: The CF protection not enabled in libgcrypt.

Thank you for having a look into this!

Jul 26 2024, 3:25 PM · libgcrypt, Bug Report

Jul 25 2024

Jakuje created T7221: Disable -O flag munging when the libgcrypt is not compiled with rndjent.
Jul 25 2024, 1:52 PM · libgcrypt, Bug Report
Jakuje created T7220: The CF protection not enabled in libgcrypt.
Jul 25 2024, 11:54 AM · libgcrypt, Bug Report

Jul 24 2024

Jakuje created T7218: pinentry memory leak.
Jul 24 2024, 10:27 AM · pinentry, Bug Report

Jul 15 2024

Jakuje created T7201: More memory leaks in gnupg.
Jul 15 2024, 9:12 PM · gnupg, Bug Report

Jul 4 2024

Jakuje created T7186: Fix tpm2d key import after recent changes.
Jul 4 2024, 2:05 PM · gnupg, Bug Report

Jun 21 2024

Jakuje added a comment to T7167: The libgcrypt 1.11.0 tests fail on s390x.

Oh, I did not notice the change as I clicked to the patch from mail notification. Trying now with the updated one:

Jun 21 2024, 11:34 AM · libgcrypt, s390, Bug Report
Jakuje added a comment to T7167: The libgcrypt 1.11.0 tests fail on s390x.

Running scratch build on s390x: https://koji.fedoraproject.org/koji/taskinfo?taskID=119376728 with the proposed change. The failure is now:

Jun 21 2024, 9:57 AM · libgcrypt, s390, Bug Report

Jun 20 2024

Jakuje added a comment to T7167: The libgcrypt 1.11.0 tests fail on s390x.

Thank you for having a look into that. If I see right, Fedora has a real s390 hardware for builders so I can verify the fix when available.

Jun 20 2024, 9:43 AM · libgcrypt, s390, Bug Report

Jun 19 2024

Jakuje created T7167: The libgcrypt 1.11.0 tests fail on s390x.
Jun 19 2024, 2:36 PM · libgcrypt, s390, Bug Report

May 29 2024

Jakuje added a comment to T7136: libgcrypt: Implement constant-time RSA decryption (Marvin attack fix).

I left review comments in gitlab.

May 29 2024, 3:03 PM · libgcrypt, Bug Report

May 28 2024

Jakuje created T7136: libgcrypt: Implement constant-time RSA decryption (Marvin attack fix).
May 28 2024, 7:07 PM · libgcrypt, Bug Report
Jakuje added a comment to T7129: Fix static reports by static analyser in gnugp.

In PATCH GnuPG 12/15] sm: Avoid use of uninitialized variable I can't see where ERR was not initialized.

May 28 2024, 5:28 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
Jakuje added a comment to T7129: Fix static reports by static analyser in gnugp.

Fair enough. This is more theoretical and could happen only on huge reads. Using ssize_t for read() return value is safe option, but really does not make sense to adhere to it in cases where the reads must be smaller.

May 28 2024, 4:23 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report

May 21 2024

Jakuje added a comment to T7130: Fix static reports by static analyser in libgcrypt.

Right, thats my understanding from reading of the RFC that the padding should be strictly < 8B. We can reword though.

May 21 2024, 11:53 AM · libgcrypt, Bug Report
Jakuje added a comment to T7130: Fix static reports by static analyser in libgcrypt.

The report went like this

Error: OVERRUN (CWE-119):
libgcrypt-1.10.3/cipher/cipher-aeswrap.c:303: cond_at_most: Checking "plen > 8U" implies that "plen" may be up to 8 on the false branch.
libgcrypt-1.10.3/cipher/cipher-aeswrap.c:305: cond_between: Checking "plen" implies that "plen" is between 1 and 8 (inclusive) on the true branch.
libgcrypt-1.10.3/cipher/cipher-aeswrap.c:309: assignment: Assigning: "i" = "0".
libgcrypt-1.10.3/cipher/cipher-aeswrap.c:310: overrun-local: Overrunning array "t" of 16 bytes at byte offset 16 using index "8U + plen + i" (which evaluates to 16).
#  308|   
#  309|                 for (i = 0; i < 16 - (8+plen); i++)
#  310|->                 if (t[8+plen+i])
#  311|                     {
#  312|                       err = GPG_ERR_CHECKSUM;

but looking again, it is wrong as it did not reflect the end condition for the cycle, which obviously means the cycle does not run. Sorry for the noise.

May 21 2024, 11:44 AM · libgcrypt, Bug Report
Jakuje added a comment to T7129: Fix static reports by static analyser in gnugp.

Thanks for running the analyzer. We need to have a closer look at the suggested fixes. For example initializing a variable needs a reason and should not be done as a general precaution because that may hide other errors.

May 21 2024, 11:23 AM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report

May 20 2024

Jakuje renamed T7129: Fix static reports by static analyser in gnugp from Fix static reports by static analyser to Fix static reports by static analyser in gnugp.
May 20 2024, 7:13 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report
Jakuje created T7130: Fix static reports by static analyser in libgcrypt.
May 20 2024, 7:13 PM · libgcrypt, Bug Report
Jakuje created T7129: Fix static reports by static analyser in gnugp.
May 20 2024, 7:08 PM · gnupg22 (gnupg-2.2.44), gnupg24 (2.4.6), Bug Report

May 7 2024

Jakuje added a comment to T6511: EdDSA support in FIPS mode.

I think so. We did not submit a modules for recertification with these changes, but we do not plan this in close future so you can consider it completed.

May 7 2024, 3:01 PM · FIPS, libgcrypt, Bug Report

Apr 26 2024

Jakuje created T7105: libgpg-error: Memory leak in store_alias().
Apr 26 2024, 9:35 AM · gpgrt, Bug Report

Mar 28 2024

Jakuje added a comment to T7065: pinentry 1.3.0 ships desktop file with icons, but does not install them.

For the reference, for now i just did the dummy install in the Fedora spec file:

Mar 28 2024, 1:30 PM · pinentry, Bug Report
Jakuje created T7065: pinentry 1.3.0 ships desktop file with icons, but does not install them.
Mar 28 2024, 12:15 PM · pinentry, Bug Report

Feb 12 2024

Jakuje created T6992: Fix possible uninitialized err variable in libskba der builder.
Feb 12 2024, 10:08 AM · libksba, Bug Report

Jan 31 2024

Jakuje created T6969: Fix shellcheck warning in gpgrt-config.
Jan 31 2024, 11:32 AM · gpgrt, Bug Report

Nov 27 2023

Jakuje added a comment to T6838: keyboxd hangs on stale locks after changing hostname.

Nope, The gpgconf --kill keyboxd hangs too, if I see right, while waiting for agent:

$ strace gpgconf --kill keyboxd
[...]
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f2d74fe2a10) = 3244
wait4(3244, 0x7ffc9836e364, 0, NULL)    = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
Nov 27 2023, 9:54 AM · gnupg24 (gnupg-2.4.4), Bug Report

Nov 24 2023

Jakuje created T6838: keyboxd hangs on stale locks after changing hostname.
Nov 24 2023, 5:11 PM · gnupg24 (gnupg-2.4.4), Bug Report

Aug 29 2023

Jakuje created T6689: Prolonging expiration date strips old signatures, confusing RPM.
Aug 29 2023, 12:46 PM · Support, gnupg

Jun 27 2023

Jakuje added a comment to T6539: The digest&sign/verify API with SHAKE-class digests does not work.

From the FIPS 186-5 there are some limitations to use the SHAKE in FIPS Mode that we will have to reflect:

Jun 27 2023, 5:22 PM · libgcrypt, FIPS, Bug Report

Jun 20 2023

Jakuje added a comment to T6539: The digest&sign/verify API with SHAKE-class digests does not work.

Thank you for having a look into that! The proposed patch looks good. Should we have this change also in master?

Jun 20 2023, 1:58 PM · libgcrypt, FIPS, Bug Report

Jun 15 2023

Jakuje created T6539: The digest&sign/verify API with SHAKE-class digests does not work.
Jun 15 2023, 5:34 PM · libgcrypt, FIPS, Bug Report

Jun 13 2023

Jakuje added a comment to T6511: EdDSA support in FIPS mode.

Another approach would be having "non-hash" algo for gcry_md_open.

Jun 13 2023, 9:53 AM · FIPS, libgcrypt, Bug Report

Jun 12 2023

Jakuje added a comment to T6271: The old FSF address in libgcrypt source code.

FYI, while going through the licenses again I noticed one of the pinentry files have even older address that so if you would do sed, this would not be matched:

Jun 12 2023, 4:11 PM · Documentation, libgcrypt, Bug Report

Jun 1 2023

Jakuje added a comment to T6511: EdDSA support in FIPS mode.

Correct, but the last revision of FIPS 140-3 lists the EdDSA already. The same for the IG for FIPS 140-3:

Jun 1 2023, 9:08 AM · FIPS, libgcrypt, Bug Report

May 31 2023

Jakuje created T6511: EdDSA support in FIPS mode.
May 31 2023, 4:51 PM · FIPS, libgcrypt, Bug Report

May 30 2023

Jakuje created T6507: SCRYPT does not work in FIPS mode.
May 30 2023, 11:33 AM · libgcrypt, FIPS, Bug Report

Mar 30 2023

Jakuje created T6433: SHA-1 digest is not considered weak.
Mar 30 2023, 12:00 PM · Bug Report

Mar 20 2023

Jakuje created T6417: FIPS service indicator regarding the public key algorithm flags and objects.
Mar 20 2023, 3:41 PM · libgcrypt, FIPS

Mar 6 2023

Jakuje added a comment to T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt.

Actually, the same issue is in the mac case, which I missed on first couple of reviews:

-  enum gcry_mac_algos alg = va_arg (arg_ptr, enum gcry_cipher_algos);
+  enum gcry_mac_algos alg = va_arg (arg_ptr, enum gcry_mac_algos);
Mar 6 2023, 5:01 PM · libgcrypt, Feature Request, Ubuntu, Debian, FIPS
Jakuje added a comment to T6394: FIPS requires running PCT tests unconditionally.

We discussed this further with the lab and there are more problematic flags that we need to "cut" and we can not do that always in the code as for example the RFC6979 (deterministic ECDSA signatures) are not allowed in the current version of the FIPS documents, but it is used in the selftests (which is weirdly enough allowed) so we just need to mark it unapproved. Lets discuss this further tomorrow.

Mar 6 2023, 4:49 PM · FIPS, libgcrypt, Bug Report
Jakuje added a comment to T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt.

Going through the code once more, there is one typo to be fixed:

+_gcry_fips_indicator_md (va_list arg_ptr)
+{
+  enum gcry_md_algos alg = va_arg (arg_ptr, enum gcry_cipher_algos);

should say

+_gcry_fips_indicator_md (va_list arg_ptr)
+{
+  enum gcry_md_algos alg = va_arg (arg_ptr, enum gcry_md_algos);

otherwise ack.

Mar 6 2023, 4:46 PM · libgcrypt, Feature Request, Ubuntu, Debian, FIPS

Mar 2 2023

Jakuje created T6397: PCT failures inconsistency in regards to the FIPS error state.
Mar 2 2023, 9:46 AM · libgcrypt, FIPS, Bug Report

Mar 1 2023

Jakuje created T6396: the gcry_pk_hash_sign/verify operates in FIPS non-operational mode.
Mar 1 2023, 9:07 PM · libgcrypt, FIPS, Bug Report
Jakuje added a comment to T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt.

We came to the same conclusion -- the SHAKE digests are not usable for sign/verify operations the way how it is implemented now. But it would be more clear if we would have explicit allow-list.

Mar 1 2023, 7:57 PM · libgcrypt, Feature Request, Ubuntu, Debian, FIPS
Jakuje created T6394: FIPS requires running PCT tests unconditionally.
Mar 1 2023, 3:57 PM · FIPS, libgcrypt, Bug Report
Jakuje created T6393: DRBG with SHA384 is no longer allowed in FIPS mode (and looks like impossible to enable anyway).
Mar 1 2023, 3:36 PM · FIPS, libgcrypt, Bug Report

Nov 30 2022

Jakuje created T6294: Import of EC448 keys fails.
Nov 30 2022, 5:29 PM · gnupg (gpg23), Bug Report

Nov 10 2022

Jakuje created T6271: The old FSF address in libgcrypt source code.
Nov 10 2022, 11:57 AM · Documentation, libgcrypt, Bug Report

Oct 20 2022

Jakuje added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

In regards to this issue, we were also notified that the MD API using gcry_md_setkey() can be used to calculate HMACs and it does not have the needed input key length limitation. From the discussion here I read that we would like to keep the internal usage still available so my proposal would be to to add similar check as in gcry_mac_setkey() into the above function. Together with the revert, it is available in the following merge request:

Oct 20 2022, 6:33 PM · backport, libgcrypt, FIPS
Jakuje added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

I read the document (SP 800-131Ar2) again. I think that it would be irrelevant for PKDF2, because it's password KDF, not deriving additional keys from a Cryptographic Key.

Oct 20 2022, 11:12 AM · backport, libgcrypt, FIPS

Oct 18 2022

Jakuje created T6248: FIPS compliant RSA OAEP encryption.
Oct 18 2022, 11:57 AM · libgcrypt, FIPS, Feature Request

Oct 7 2022

Jakuje added a comment to T6217: sha3: wrong results for large inputs.

One more nit regarding to the test is the format string for size_t which was using %d instead of %zu. This is fixed by the attached patch:

Oct 7 2022, 11:21 AM · libgcrypt, FIPS, Bug Report

Oct 5 2022

Jakuje added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

I tried to clarify the comment in the following merge request. Feel free to pull it from there or adjust if it is too verbose or missing some points:

Oct 5 2022, 9:17 AM

Oct 4 2022

Jakuje added a comment to rCa6a6e94027ab: random: Get maximum 32B of entropy at once in FIPS Mode.

Why is that not stated in my man page which knows about kernel 3.19? Is that a regression or a RedHat specific patch?

Oct 4 2022, 9:57 AM

Sep 30 2022

Jakuje added a comment to T6217: sha3: wrong results for large inputs.

One nit that I overlooked initially is the memory leak, which is fixed with the following patch:

Sep 30 2022, 2:56 PM · libgcrypt, FIPS, Bug Report

Sep 27 2022

Jakuje added a comment to T6219: Ensure minimum key length for KDF in FIPS mode.

The specs https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf page 10 says specifically:

Sep 27 2022, 11:07 AM · libgcrypt, FIPS, Bug Report

Sep 26 2022

Jakuje added a comment to T6217: sha3: wrong results for large inputs.

The test looks good. I hope I changed the API in all the hw optimized implementations.

Sep 26 2022, 2:44 PM · libgcrypt, FIPS, Bug Report

Sep 23 2022

Jakuje created T6217: sha3: wrong results for large inputs.
Sep 23 2022, 7:20 PM · libgcrypt, FIPS, Bug Report
Jakuje added a comment to T6052: gnupg2 tpm2d tests do not work.

This still did not seem to help me in making the tests working on Fedora with git master. I am still getting wrong paths to the gpgconf

gpgscm: error running '/root/gnupg/tests/tools/gpgconf': probably not installed

There is a full reproducer and more complete log in https://bugzilla.redhat.com/show_bug.cgi?id=2089075#c11

Sep 23 2022, 10:53 AM · gnupg24 (gnupg-2.4.4), Tests, TPM, Bug Report

Sep 19 2022

Jakuje created T6212: The ssh keys are no longer returned in the order from control file after T5996.
Sep 19 2022, 3:12 PM · gnupg24 (gnupg-2.4.1), ssh, Feature Request

Aug 23 2022

Jakuje added a comment to T4873: Enable AES GCM in FIPS mode.

Thank you for your work on the proposal. I have two comments:

  • Do we have some test vector, which can be used in the testsute to test the new API?
  • We need to mention the new API in the documentation.
Aug 23 2022, 12:39 PM · FIPS, libgcrypt, Feature Request

Aug 18 2022

Jakuje added a comment to T6127: FIPS 140-3 final review comments.

For the record, the changeset in the attached merge request is final and waiting for reviews.

Aug 18 2022, 8:42 AM · FIPS, libgcrypt, Bug Report

Aug 9 2022

Jakuje created T6127: FIPS 140-3 final review comments.
Aug 9 2022, 11:25 AM · FIPS, libgcrypt, Bug Report

Aug 1 2022

Jakuje reopened T6052: gnupg2 tpm2d tests do not work as "Open".

The provided change does not look like fixing the problem for me. The path to gpgconf is still wrong and I am getting the same error both with master and with the patched tarballs:

make[2]: Entering directory '/home/jjelen/devel/gnupg/tests/tpm2dtests'
LC_ALL=C EXEEXT= PATH="../gpgscm:/home/jjelen/.local/bin:/home/jjelen/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin" abs_top_srcdir="/home/jjelen/devel/gnupg" objdir="/home/jjelen/devel/gnupg" TPMSERVER="" SWTPM="/bin/swtpm" SWTPM_IOCTL="/bin/swtpm_ioctl" GNUPG_BUILD_ROOT="/home/jjelen/devel/gnupg/tests" GPGSCM_PATH="/home/jjelen/devel/gnupg/tests/gpgscm" /home/jjelen/devel/gnupg/tests/gpgscm/gpgscm \
  /home/jjelen/devel/gnupg/tests/tpm2dtests/run-tests.scm  
gpgscm: error running '/home/jjelen/devel/gnupg/tests/tools/gpgconf': probably not installed
(wait-process "/home/jjelen/devel/gnupg/tests/tools/gpgconf" 2693795 #t): Configuration error
Aug 1 2022, 11:31 AM · gnupg24 (gnupg-2.4.4), Tests, TPM, Bug Report

Jul 4 2022

Jakuje created T6052: gnupg2 tpm2d tests do not work.
Jul 4 2022, 10:39 AM · gnupg24 (gnupg-2.4.4), Tests, TPM, Bug Report

Jun 7 2022

Jakuje created T6019: Parsing AEAD preference string parsing causes reads uninitialized memory.
Jun 7 2022, 11:58 AM · patch, gnupg (gpg23), Bug Report
Jakuje created T6018: libassuan: Coverity reports.
Jun 7 2022, 11:25 AM · patch, libassuan, Bug Report

May 30 2022

Jakuje added a comment to T6007: coverity issues in pinentry.

AFAIK the above case has a lot of wiggle room to fit one PID and the surrounded string into 400 bytes and even if it would need to truncate, it would write terminating character, at least on Linux:

May 30 2022, 9:20 PM · pinentry, Bug Report
Jakuje created T6007: coverity issues in pinentry.
May 30 2022, 3:28 PM · pinentry, Bug Report

May 13 2022

Jakuje added a comment to T5975: Allow signature verification using specific RSA keys <2k in FIPS mode.

Ok. Thank you for the clarification. I will drop the second part and keep only the FIPS change in the patch. Merge request already updated.

May 13 2022, 11:17 AM · backport, patch, libgcrypt, FIPS, Feature Request

May 12 2022

Jakuje created T5975: Allow signature verification using specific RSA keys <2k in FIPS mode.
May 12 2022, 2:53 PM · backport, patch, libgcrypt, FIPS, Feature Request

May 11 2022

Jakuje created T5973: libgcrypt: Minor test issues reported by coverity.
May 11 2022, 6:19 PM · backport, patch, libgcrypt, Bug Report

May 4 2022

Jakuje created T5964: gnupg should use the KDFs implemented in libgcrypt.
May 4 2022, 3:16 PM · gnupg26, FIPS, Feature Request

Apr 13 2022

Jakuje created T5930: Use the FIPS-compatible digest&sign API.
Apr 13 2022, 7:54 PM · FIPS, Feature Request
Jakuje added a project to T5929: gnupg fails to add ssh key to control entry in FIPS mode with libgcrypt 1.10.1: FIPS.
Apr 13 2022, 4:15 PM · FIPS, gnupg (gpg23), Bug Report
Jakuje created T5929: gnupg fails to add ssh key to control entry in FIPS mode with libgcrypt 1.10.1.
Apr 13 2022, 4:14 PM · FIPS, gnupg (gpg23), Bug Report

Apr 11 2022

Jakuje added a comment to T5835: libgcrypt: More robust/portable integrity check.

I was pointed by Daiki to the following patch in Fedora binutils, which allows listing the fdo packaging metadata, but it does not list any other unknown objects and unfortunately fails hard:

Apr 11 2022, 2:00 PM · Bug Report, libgcrypt, FIPS

Apr 8 2022

Jakuje added a comment to T5835: libgcrypt: More robust/portable integrity check.

I have one follow-up is that the readelf chokes on the integrity note for some reason:

$ readelf -n /usr/lib64/libgcrypt.so.20.4.1
Displaying notes found in: .note.fdo.integrity
  Owner                Data size 	Description
  FDO                  0x00000020	Unknown note type: (0x8e2afeca)

I assume this is just because the readelf does not know this type. I see this type was initially proposed by Daiki, but I did not find any other sources for this magic number so before filling bugs for readelf, do we have some doc why the 0xcafe2a8e is used?

Apr 8 2022, 9:33 PM · Bug Report, libgcrypt, FIPS

Apr 5 2022

Jakuje created T5918: Disable RSA PKCS #1.5 encryption in FIPS mode.
Apr 5 2022, 10:31 AM · backport, libgcrypt, FIPS, Bug Report

Mar 29 2022

Jakuje created T5907: bench-slope missing brainpool curves in master branch.
Mar 29 2022, 10:56 AM · libgcrypt, Bug Report

Mar 21 2022

Jakuje added a comment to T5885: Better message than "Inappropriate ioctl for device" for tty pinentries.

Adding

GPG_TTY=$(tty)
export GPG_TTY

makes this working so thank you for the pointer.

Mar 21 2022, 4:23 PM · Feature Request, pinentry, gnupg

Mar 18 2022

Jakuje added a comment to T5885: Better message than "Inappropriate ioctl for device" for tty pinentries.

the -v does not show more useful info on the gpg side:

# gpg2 --quick-gen-key admin
About to create a key for:
    "admin"
Mar 18 2022, 3:00 PM · Feature Request, pinentry, gnupg
Jakuje created T5885: Better message than "Inappropriate ioctl for device" for tty pinentries.
Mar 18 2022, 1:25 PM · Feature Request, pinentry, gnupg

Mar 8 2022

Jakuje added a comment to T5870: libgcrypt: AEAD API for FIPS 140 (in future).

You are combining two concepts here -- the KDF and the AEAD cipher itself (at least from the FIPS terminology). I would like to avoid mixing these two together in the new API. If you would like to implement the SSH/TLS KDF, I would suggest to use the kdf API you already have. Then we are here left only with a new geniv API to implement. In the T4873 I mentioned example how it is now used in libssh using libgcrypt, which implements the iv increment outside of the libgcrypt:

Mar 8 2022, 3:51 PM · Feature Request, FIPS, libgcrypt

Mar 7 2022

Jakuje added a comment to T5816: mailing list address confusion (lists.gnupg.org shown, but does not work).

The mails from these days still contain the following header:

List-Post: <mailto:gnupg-devel@lists.gnupg.org>

which is probably causing the mail client directing the mails to this address. Is there a way to change or or make it an alias so it is easier for people to use the mailing list without finding this issue?

Mar 7 2022, 11:41 AM · gpgweb, Bug Report

Mar 3 2022

Jakuje added a comment to T5870: libgcrypt: AEAD API for FIPS 140 (in future).

I think this is not urgent as we are able to FIPS certify libgcrypt without that, but the modern protocols and algorithm use this and if we want to use libgcrypt to implement these in FIPS compliant way, we certainly need something like that.

Mar 3 2022, 2:08 PM · Feature Request, FIPS, libgcrypt

Feb 24 2022

Jakuje updated the task description for T5856: Forcing aead when creating sign & encrypted files creates inconsistent results.
Feb 24 2022, 9:10 AM · gnupg (gpg23), Bug Report
Jakuje created T5856: Forcing aead when creating sign & encrypted files creates inconsistent results.
Feb 24 2022, 9:10 AM · gnupg (gpg23), Bug Report

Feb 2 2022

Jakuje added a watcher for FIPS: Jakuje.
Feb 2 2022, 10:30 AM

Jan 25 2022

Jakuje added a comment to T5692: New entropy gatherer using the genentropy system call..

For the record, there is a new report on the mailing list about this module on MacOS:

Jan 25 2022, 10:43 AM · libgcrypt, FIPS

Jan 24 2022

Jakuje added a comment to T5512: Implement service indicators.

Thanks. Looks good to me.

Jan 24 2022, 1:38 PM · Feature Request, FIPS, libgcrypt

Jan 17 2022

Jakuje added a comment to T5512: Implement service indicators.

This is my draft for the FIPS indicator KDF. I think we do not need to keep the original GCRYCTL_FIPS_SERVICE_INDICATOR if we replace it also in the tests. This will also need some tests and documentation update.

Jan 17 2022, 7:01 PM · Feature Request, FIPS, libgcrypt

Jan 11 2022

Jakuje added a comment to T5512: Implement service indicators.

I went through the documentation related to FIPS and updated some wording to match reality. It will probably require still some more work.

Jan 11 2022, 7:10 PM · Feature Request, FIPS, libgcrypt
Jakuje added a comment to T5512: Implement service indicators.

This is my draft for the FIPS indicator KDF. I think we do not need to keep the original GCRYCTL_FIPS_SERVICE_INDICATOR if we replace it also in the tests. This will also need some tests and documentation update.

Jan 11 2022, 3:46 PM · Feature Request, FIPS, libgcrypt