Page MenuHome GnuPG
People gniibe

gniibe (NIIBE Yutaka)
UserAdministrator

Projects (8)
View All

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:47 PM (252 w, 1 d)
Roles
Administrator
Availability
Available

Recent Activity
View All

Today

gniibe committed rCf21871e241e9: kdf: Improve new KDF API. (authored by gniibe).
kdf: Improve new KDF API.
Wed, Jan 26, 6:46 AM

Yesterday

gniibe committed rC5e2d792eb8d9: random: Include sys/random.h when available. (authored by gniibe).
random: Include sys/random.h when available.
Tue, Jan 25, 4:53 PM
gniibe committed rCbafdb90d97b6: cipher: Add new API for modern KDF function. (authored by gniibe).
cipher: Add new API for modern KDF function.
Tue, Jan 25, 4:38 PM
gniibe committed rC99642f18ccbe: tests: Fix variable initialization for tests. (authored by gniibe).
tests: Fix variable initialization for tests.
Tue, Jan 25, 3:02 AM
gniibe committed rC3d353782d84b: Prefer uint64_t for the definition of u64. (authored by gniibe).
Prefer uint64_t for the definition of u64.
Tue, Jan 25, 3:02 AM
gniibe committed rPTH0e16575e69a3: Fix npth_ppoll when !HAVE_PPOLL. (authored by gniibe).
Fix npth_ppoll when !HAVE_PPOLL.
Tue, Jan 25, 1:53 AM
gniibe committed rC1f299cb16afd: doc: Update more information about FIPS selftests and algorithms (authored by Jakuje).
doc: Update more information about FIPS selftests and algorithms
Tue, Jan 25, 1:21 AM
gniibe committed rC08f3e0909f8c: mpi: Add missing header file to the tarball (authored by Jakuje).
mpi: Add missing header file to the tarball
Tue, Jan 25, 1:21 AM
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied both of two patches.

Tue, Jan 25, 1:20 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to rPTHb5ecd8d2c6fd: posix: Add npth_poll/npth_ppoll..

Thanks, fixed.

Tue, Jan 25, 1:12 AM

Mon, Jan 24

gniibe is attending E907: Weekly Standup.
Mon, Jan 24, 11:14 AM
gniibe added a comment to E907: Weekly Standup.

Last week:

  • libgcrypt
    • update from RedHat
    • scrypt fix
  • handle report to security@gnupg.org

This week:

  • libgcrypt
    • New API for KDF: T5797
      • it's caller side to control threads
Mon, Jan 24, 10:58 AM
gniibe updated the task description for T5797: New API for modern password hash function.
Mon, Jan 24, 10:54 AM · libgcrypt
gniibe added a comment to T5797: New API for modern password hash function.
struct thread_creation {
  void (*compute) (void *arg);
  void *arg;
  void (*create_done) (gcry_kdf_handle_t *hd, void *tid);
};
Mon, Jan 24, 10:54 AM · libgcrypt
gniibe updated the task description for T5797: New API for modern password hash function.
Mon, Jan 24, 10:53 AM · libgcrypt
gniibe triaged T5797: New API for modern password hash function as Normal priority.
Mon, Jan 24, 10:52 AM · libgcrypt

Thu, Jan 20

gniibe committed rC867435cf8847: scrypt: Fix the last step of SCRYPT. (authored by gniibe).
scrypt: Fix the last step of SCRYPT.
Thu, Jan 20, 6:28 AM
gniibe committed rC535a4d345872: fips: Recover test cases for selftest, add skipping in FIPS mode. (authored by gniibe).
fips: Recover test cases for selftest, add skipping in FIPS mode.
Thu, Jan 20, 3:07 AM
gniibe added a comment to T5512: Implement service indicators.

Test cases are recovered in rC535a4d345872: fips: Recover test cases for selftest, add skipping in FIPS mode..

Thu, Jan 20, 3:07 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to T5765: gnupg2 weird memory fault on NetBSD Loongson/mips64el N32.

Unfortunately, gdb session log and ktrace log don't have enough information to locate the cause/problem.

Thu, Jan 20, 1:47 AM · MIPS, Bug Report

Wed, Jan 19

gniibe added a comment to T5512: Implement service indicators.

Sorry, _gcry_fips_run_selftest can be run by GCRYCTL_SELFTEST.

Wed, Jan 19, 12:47 PM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to T5512: Implement service indicators.

@werner Those removed tests are selftests which are only invoked by FIPS mode for its requirement of selftests.

Wed, Jan 19, 12:43 PM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to T5512: Implement service indicators.

Pushed the change in rC76aad97dd312: fips: Reject shorter key for HMAC in FIPS mode..

Wed, Jan 19, 3:53 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rC76aad97dd312: fips: Reject shorter key for HMAC in FIPS mode. (authored by gniibe).
fips: Reject shorter key for HMAC in FIPS mode.
Wed, Jan 19, 3:52 AM
gniibe committed rP8b07ddf3460a: avoid typo (authored by dkg).
avoid typo
Wed, Jan 19, 2:24 AM

Tue, Jan 18

gniibe added a comment to T5512: Implement service indicators.

And we need to fix selftest for shorter keys.

Tue, Jan 18, 4:12 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to T5512: Implement service indicators.

@pmgdeb : IIUC, what we need is:

diff --git a/cipher/md.c b/cipher/md.c
index 34336b5c..4f4fc9bf 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -903,6 +903,9 @@ prepare_macpads (gcry_md_hd_t a, const unsigned char *key, size_t keylen)
 {
   GcryDigestEntry *r;
Tue, Jan 18, 4:05 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rC6f225308d3e5: build: Fix .m4 files in distribution. (authored by gniibe).
build: Fix .m4 files in distribution.
Tue, Jan 18, 3:44 AM
gniibe committed rE0150919b6a82: build: Detect more flexible musl variants of GNU (authored by dkg).
build: Detect more flexible musl variants of GNU
Tue, Jan 18, 3:34 AM
gniibe added a comment to T5762: libgpg-error: permit auto-introspection on non-glibc platforms like musl.

Thank you, applied.

Tue, Jan 18, 3:34 AM · gpgrt, Bug Report
gniibe committed rEb26220f92fa6: po,w32: Directly run msgfmt at install-data-hook. (authored by gniibe).
po,w32: Directly run msgfmt at install-data-hook.
Tue, Jan 18, 2:29 AM
gniibe committed rEb37c68f28a92: po: Update files from gettext 0.21 to match m4/po.m4. (authored by gniibe).
po: Update files from gettext 0.21 to match m4/po.m4.
Tue, Jan 18, 2:17 AM

Mon, Jan 17

gniibe added a comment to E906: Weekly Standup.

Last week:

  • libgcrypt
    • DONE: keywrap T5752
    • FIPS things: done for me
  • gnupg (2.3 and 2.2)

This week:

  • gnupg-448 branch using KWP for ECDH 448
  • security report
Mon, Jan 17, 12:01 PM
gniibe is attending E906: Weekly Standup.
Mon, Jan 17, 10:46 AM
gniibe committed rCe023e10ee89b: Update documentation related to FIPS (authored by Jakuje).
Update documentation related to FIPS
Mon, Jan 17, 7:15 AM
gniibe committed rC8611c9f276ad: fips: Add support for KDF FIPS indicators (authored by Jakuje).
fips: Add support for KDF FIPS indicators
Mon, Jan 17, 7:15 AM
gniibe committed rCd0db6a5abf7b: fips: Remove GCRYCTL_FIPS_SERVICE_INDICATOR and renumber the enum. (authored by gniibe).
fips: Remove GCRYCTL_FIPS_SERVICE_INDICATOR and renumber the enum.
Mon, Jan 17, 7:15 AM
gniibe added a comment to T5512: Implement service indicators.

Thank you, applied.
Also, add another change.

Mon, Jan 17, 6:51 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rG4cc724639c01: gpg: Fix adding the list of ultimate trusted keys. (authored by gniibe).
gpg: Fix adding the list of ultimate trusted keys.
Mon, Jan 17, 6:35 AM
gniibe added a project to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG: Testing.

Backported to 2.2, too.

Mon, Jan 17, 6:24 AM · Testing, Bug Report, gnupg (gpg23)

Wed, Jan 12

gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

Here is the backport to 2.2:

gnupg22-utk-change.diff3 KBDownload

Wed, Jan 12, 7:35 AM · Testing, Bug Report, gnupg (gpg23)
gniibe committed rG4aeeaa65ad09: gpg: Fix adding the list of ultimate trusted keys. (authored by gniibe).
gpg: Fix adding the list of ultimate trusted keys.
Wed, Jan 12, 5:42 AM
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

In the original code, register_trusted_keyid is used in keygen.c, so that it updates user_utk_list, thus, will be into utk_list.
This should be done, by adding the keyid to utk_list directly.

Wed, Jan 12, 5:41 AM · Testing, Bug Report, gnupg (gpg23)
gniibe triaged T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG as High priority.

Things have been a bit buggy here (probably, since the beginning).
In g10/trustdb.c,

Wed, Jan 12, 5:31 AM · Testing, Bug Report, gnupg (gpg23)
gniibe claimed T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.
Wed, Jan 12, 2:32 AM · Testing, Bug Report, gnupg (gpg23)
gniibe added a comment to T5742: Apparent regressions between 2.2.32 and 2.2.33 of GnuPG.

Let me clarify:

Wed, Jan 12, 2:32 AM · Testing, Bug Report, gnupg (gpg23)
gniibe added a project to T5730: During make, compile error under Ubuntu 21.10: gpgme.
Wed, Jan 12, 1:46 AM · gpgme, Bug Report
gniibe added a project to T5747: Provide a way to request non-FIPS service in FIPS mode: Testing.
Wed, Jan 12, 1:45 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a project to T5759: Rename rndlinux module to rndoldlinux: Testing.
Wed, Jan 12, 1:44 AM · Testing, libgcrypt, FIPS

Tue, Jan 11

gniibe committed rC560943805a52: random: Rename rndlinux module to rndoldlinux. (authored by gniibe).
random: Rename rndlinux module to rndoldlinux.
Tue, Jan 11, 6:58 AM
gniibe committed rC83e58191d3d9: configure: Fix help text for the fips module version (authored by Jakuje).
configure: Fix help text for the fips module version
Tue, Jan 11, 6:39 AM
gniibe added a comment to T5600: Provide module name/version API for FIPS 140-3.

Thank you.
Applied.

Tue, Jan 11, 6:39 AM · libgcrypt, FIPS, Bug Report
gniibe moved T5512: Implement service indicators from Done to Next on the FIPS board.
Tue, Jan 11, 6:37 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe moved T5600: Provide module name/version API for FIPS 140-3 from Done to Next on the FIPS board.
Tue, Jan 11, 6:37 AM · libgcrypt, FIPS, Bug Report
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

Patch applied, doc updated.
No change of FSM diagram.

Tue, Jan 11, 6:34 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rC2a8b3fed1a80: fips: Provide a mechanizm to put libgcrypt in non-FIPS mode. (authored by gniibe).
fips: Provide a mechanizm to put libgcrypt in non-FIPS mode.
Tue, Jan 11, 6:34 AM
gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

I pushed the change: rC383866f014f2: cipher: Keep original behavior of Key Unwrap when not extended.

Tue, Jan 11, 5:39 AM · Testing, libgcrypt
gniibe added a project to T5712: Yubikey 5 NFC only recognized immediately after it is inserted: Documentation.
Tue, Jan 11, 5:32 AM · Documentation, Bug Report
gniibe claimed T5762: libgpg-error: permit auto-introspection on non-glibc platforms like musl.
Tue, Jan 11, 5:24 AM · gpgrt, Bug Report
gniibe added a comment to T5762: libgpg-error: permit auto-introspection on non-glibc platforms like musl.

Thank you for forwarding from Debian.

Tue, Jan 11, 5:23 AM · gpgrt, Bug Report
gniibe committed rC383866f014f2: cipher: Keep original behavior of Key Unwrap when not extended. (authored by gniibe).
cipher: Keep original behavior of Key Unwrap when not extended.
Tue, Jan 11, 3:10 AM

Mon, Jan 10

gniibe added a comment to E905: Weekly Standup.

Last week:

This week:

Mon, Jan 10, 10:48 AM
gniibe is attending E905: Weekly Standup.
Mon, Jan 10, 10:44 AM

Thu, Jan 6

gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

Now, unwrapping supports both cases (KW and KWP).

Thu, Jan 6, 1:09 AM · Testing, libgcrypt

Wed, Jan 5

gniibe committed rC746b8e29969b: cipher: Add an API to retrieve unwrapped key length for KWP. (authored by gniibe).
cipher: Add an API to retrieve unwrapped key length for KWP.
Wed, Jan 5, 4:14 AM

Tue, Jan 4

gniibe added a comment to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support.

For unwrapping, it is good if we can support "automatic" unwrapping, apply W^-1 and check the first 8 octets to see if it's KW or KWP.

Tue, Jan 4, 1:01 PM · Testing, libgcrypt
gniibe added a project to T5748: Adding poll/ppoll to NPTH: Testing.
Tue, Jan 4, 12:58 PM · Testing, npth, Feature Request
gniibe claimed T5541: Envvar LIBGCRYPT_FORCE_FIPS_MODE.
Tue, Jan 4, 11:17 AM · Feature Request, Testing, FIPS, libgcrypt
gniibe edited projects for T5747: Provide a way to request non-FIPS service in FIPS mode, added: Feature Request; removed Bug Report.
Tue, Jan 4, 11:17 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe claimed T5747: Provide a way to request non-FIPS service in FIPS mode.
Tue, Jan 4, 11:16 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe moved T5747: Provide a way to request non-FIPS service in FIPS mode from Backlog to Next on the FIPS board.
Tue, Jan 4, 11:16 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe moved T5636: Run integrity checks + selftests from library constructor in FIPS from Next to Done on the FIPS board.
Tue, Jan 4, 11:16 AM · Testing, FIPS, libgcrypt, Bug Report
gniibe moved T5512: Implement service indicators from Next to Done on the FIPS board.
Tue, Jan 4, 11:16 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe moved T5692: New entropy gatherer using the genentropy system call. from Next to Done on the FIPS board.
Tue, Jan 4, 11:15 AM · Testing, libgcrypt, FIPS
gniibe moved T5759: Rename rndlinux module to rndoldlinux from Backlog to Next on the FIPS board.
Tue, Jan 4, 11:07 AM · Testing, libgcrypt, FIPS
gniibe removed a project from T5759: Rename rndlinux module to rndoldlinux: Testing.
Tue, Jan 4, 10:56 AM · Testing, libgcrypt, FIPS
gniibe triaged T5759: Rename rndlinux module to rndoldlinux as Normal priority.
Tue, Jan 4, 10:55 AM · Testing, libgcrypt, FIPS
gniibe renamed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed from scd: reader_port to scd: loop forever with reader_port, when open_pcsc_reader failed.
Tue, Jan 4, 7:03 AM · Testing, gnupg (gpg23), scd
gniibe claimed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.
Tue, Jan 4, 7:02 AM · Testing, gnupg (gpg23), scd
gniibe committed rGf9c9938b28b6: scd,pcsc: Fix error handling for a reader with reader-port. (authored by gniibe).
scd,pcsc: Fix error handling for a reader with reader-port.
Tue, Jan 4, 7:02 AM
gniibe added a comment to T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.

The problem was the error handling.
I didn't apply the patch directly, but improved the code paths.

Tue, Jan 4, 7:02 AM · Testing, gnupg (gpg23), scd
gniibe triaged T5758: scd: loop forever with reader_port, when open_pcsc_reader failed as Normal priority.
Tue, Jan 4, 6:44 AM · Testing, gnupg (gpg23), scd
gniibe accepted D547: Fixed reader-port infinite loop.
Tue, Jan 4, 6:42 AM
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

And I'm testing following:

Tue, Jan 4, 6:40 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

The "at first" change done.

Tue, Jan 4, 6:40 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rC034e4402dade: fips: Use flags.fips to check algo availability. (authored by gniibe).
fips: Use flags.fips to check algo availability.
Tue, Jan 4, 6:13 AM
gniibe committed rCf9ba07942b10: cipher: Use const for *_spec_t, if possible. (authored by gniibe).
cipher: Use const for *_spec_t, if possible.
Tue, Jan 4, 6:13 AM
gniibe committed rCc49ff1f46436: doc: Fix previous commit. (authored by gniibe).
doc: Fix previous commit.
Tue, Jan 4, 6:13 AM
gniibe added a comment to T5747: Provide a way to request non-FIPS service in FIPS mode.

At first, I think that we need to change the way how libgcrypt rejects non-approved cipher/md/mac/pk.

Tue, Jan 4, 3:30 AM · Testing, Feature Request, FIPS, libgcrypt
gniibe committed rC11ef7b50a708: doc: Update doc/gcrypt.texi for random/. (authored by gniibe).
doc: Update doc/gcrypt.texi for random/.
Tue, Jan 4, 2:45 AM
gniibe added a project to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support: Testing.
Tue, Jan 4, 12:56 AM · Testing, libgcrypt

Mon, Jan 3

gniibe committed rC2914f169f954: cipher: Add support of Key wrap with padding (KWP). (authored by gniibe).
cipher: Add support of Key wrap with padding (KWP).
Mon, Jan 3, 7:41 AM
gniibe is attending E903: Weekly Standup.
Mon, Jan 3, 7:08 AM
gniibe added a comment to E903: Weekly Standup.

Last week:

  • libgcrypt
    • T5752: key wrap with padding support
  • npth
    • T5748: poll/ppoll for npth
  • build: autoconf macros reviewed again

This week:

  • mostly inactive
  • gnupg-448: consider ECDH using T5752
  • gnupg23: D547
Mon, Jan 3, 6:56 AM

Dec 24 2021

gniibe added a project to T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support: libgcrypt.
Dec 24 2021, 9:20 AM · Testing, libgcrypt
gniibe triaged T5752: libgcrypt: Adding aes-wrap-pad (RFC5649) support as Wishlist priority.
Dec 24 2021, 9:20 AM · Testing, libgcrypt
gniibe added a comment to D546: build: Find correct version string for Python >= 3.10.

Thank you for submitting the patch.

Dec 24 2021, 2:24 AM

Dec 23 2021

gniibe lowered the priority of T5748: Adding poll/ppoll to NPTH from High to Normal.
Dec 23 2021, 1:22 AM · Testing, npth, Feature Request

Dec 22 2021

gniibe updated the task description for T5749: Ed25519: Signature (R,S), where S=0 is possible for EdDSA.
Dec 22 2021, 12:11 PM · gnupg
gniibe created T5749: Ed25519: Signature (R,S), where S=0 is possible for EdDSA.
Dec 22 2021, 12:10 PM · gnupg