User Details
- User Since
- Mar 27 2017, 4:47 PM (417 w, 4 d)
- Roles
- Administrator
- Availability
- Busy Busy until Mar 16 2031.
Wed, Mar 26
OK. Relying on SQLite semantics for COLLATE NOCASE would not be good.
Exactly same existing semantics (only care about ASCII uppercase characters) is good.
Fri, Mar 21
I changed my mind. SQLite specific patch might be better:
diff --git a/kbx/backend-sqlite.c b/kbx/backend-sqlite.c index 4c67c3ef7..1db2f2c8d 100644 --- a/kbx/backend-sqlite.c +++ b/kbx/backend-sqlite.c @@ -154,7 +154,7 @@ static struct /* The full user id - for X.509 the Subject or altSubject. */ "uid TEXT NOT NULL," /* The mail address if available or NULL. */ - "addrspec TEXT," + "addrspec TEXT COLLATE NOCASE," /* The type of the public key: 1 = openpgp, 2 = X.509. */ "type INTEGER NOT NULL," /* The order number of the user id within the keyblock or
I changed my mind. SQLite specific patch might be better:
diff --git a/kbx/backend-sqlite.c b/kbx/backend-sqlite.c index 4c67c3ef7..1db2f2c8d 100644 --- a/kbx/backend-sqlite.c +++ b/kbx/backend-sqlite.c @@ -154,7 +154,7 @@ static struct /* The full user id - for X.509 the Subject or altSubject. */ "uid TEXT NOT NULL," /* The mail address if available or NULL. */ - "addrspec TEXT," + "addrspec TEXT COLLATE NOCASE," /* The type of the public key: 1 = openpgp, 2 = X.509. */ "type INTEGER NOT NULL," /* The order number of the user id within the keyblock or
Here is a possible change:
I applied some to master (generic improvement parts).
Thu, Mar 20
I think that this may be the last update.
Don't use mpi_powm to avoid normalizing (and to be faster).
Wed, Mar 19
IIUC, the address is stored with lowercase, but searching is done not converting lowercase.
Tue, Mar 18
Here is another update (replacing ecc-no-normalize-2025-03-13.patch).
Further, ec_addm is modified to be less leaky.
Mon, Mar 17
There are three (or more) remaining things:
(1) ec_addm can be improved by adding U and V with mpih_add_lli , subtracting P with mpih_sub_n, and adding back P with mpih_add_n_cond
(2) Places with mpi_const for the argument when calling ec_mulm, ec_add or ec_subm should be fixed (it may modify the const MPI)
(3) make sure mpi_resize within ec_addm, ec_mulm, or ec_subm if needed
Thu, Mar 13
Here is update (replacing ecc-no-normalize-2025-03-07.patch).
Wed, Mar 12
Mon, Mar 10
GCC allows dollars in identifier, that's the reason why we haven't encountered this issue, I suppose.
Thank you for your report.
Fri, Mar 7
I think that major signal sources for K have been killed so far.
Thu, Mar 6
We should only enable least leak implementation for 64-bit, as it's not as fast on 32-bit architecture.
We should only enable least leak implementation for 64-bit, as it's not as fast on 32-bit architecture.
Wed, Mar 5
Tue, Mar 4
Feb 25 2025
One more change for _gcry_dsa_gen_k in rC54caef02afa9: cipher:(EC)DSA: Simply use mpi_clear_highbit in _gcry_dsa_gen_k.
One more change for mpi_invm in rCc1da86e45a6e: mpi: Avoid normalizing MPI in _gcry_mpi_invm.
Feb 20 2025
Feb 19 2025
All changes are pushed to master.
Pushed the changes by the commit rC2039d93289db: mpi: Add MPI helper modular exponentiation, Least Leak Intended.
Feb 18 2025
Feb 17 2025
Feb 14 2025
Use of mpi_cmp is now being fixed, by providing _gcry_mpih_cmp_lli function.
Along with that, we need to fix use of mpi_cmp_ui, since it's skips earlier depending its limbs.
diff --git a/cipher/dsa-common.c b/cipher/dsa-common.c index 170dce12..e010e182 100644 --- a/cipher/dsa-common.c +++ b/cipher/dsa-common.c @@ -25,6 +25,7 @@
Feb 10 2025
And then, we need to use less leaky version of mpi_cmp (because mpi_cmp calls mpi_normalize, it's not good).
And this is for less leak for _gcry_dsa_modify_k:
This is needed before we remove leaks by mpi_add in _gcry_dsa_modify_k :
Commit rC35a6a6feb9dc: Fix _gcry_dsa_modify_k. is related, but it doesn't matter for usual compilers (it's an issue for MSVC).
Feb 7 2025
This is needed for RFC6979 flag support.
Feb 6 2025
Feb 3 2025
Jan 31 2025
The commit rC58c11aa8 is the improved version by k-ary exponentiation (while rC6dffd105e2e2 is 1-bit at a time) and using heap.
Jan 27 2025
Jan 25 2025
I created https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Ft7490/
The commit rC6dffd105e2e2 works for me.
It is a bit of exponent at time Montgomery exponentiation.
I don't put an optimization for the reduction as I don't know if it's OK for patent-wise (looks like expired, though).
Jan 22 2025
Jan 21 2025
For command line, reported issues have been fixed; Confusions for wrong errors are gone, it correctly reports appropriate errors of:
- GPG_ERR_PIN_BLOCKED
- GPG_ERR_NO_RESET_CODE
- GPG_ERR_BAD_PIN
Do you think it's too difficult for a beginner to write a pinentry-gtk4?
Jan 20 2025
Reported gnupg channel on IRC.
An ascii armored file in question was: https://github.com/syncthing/syncthing/releases/download/v1.29.2/sha256sum.txt.asc
When CHECKCRC == 0 (no CRC), ->any_data was not set, resulted
no valid OpenPGP data found.
wrongly.