Here are example files produced by GnuPG 2.3-beta:
S part has preceding zero:

We could add compatibility mode for Ed25519 signature to confirm well-formed MPI (expecting recovery).

Last week:

• Review PO of Simplified Chinese to push rGf5897b3d2448: po: Update Simplified Chinese Translation.
• Release Chipstx 1.19 / 2.2
  • Finally, I learned about old and new syntaxes of ARM assembler
    • sub means subtraction with flags update in Cortex-M0 (old syntax), substraction with no flags update in Cortex-M3/M4 (new syntax)
  • Gnuk 1.2.17
    • basically for GNU/Linux emulation https://lists.gnupg.org/pipermail/gnuk-users/2021-February/000293.html

This week:

• Let me describe the problem of Ed25519 signature and clear secret key incompatibility between GnuPG 2.2 and GnuPG 2.3-beta
  • I'll write bug report here, perhaps also to OpenPGP WG
  • patch for 2.2 is available in T5120
  • Reference: T4954: SOS representation and improvements in GnuPG
• Start an experiment (to evaluate Achim's forthcoming update for OpenPGP card specification):
  • X448 support in scdaemon
  • Gnuk emulation mode
  • ... because X448 is easier to implement faster
• ... about to give up fine-grain side channel by FLUSH+RELOAD things

Thank you. Applied and pushed.

Last two weeks:

• libgpg-error
  • Fix of gpg-error.m4: T5293: gpg-error.m4 should search gpg-error.pc under the paths of gpgrt-config
  • T5296: libgpg-error: build failure without threads
  • T5289: gen-lock-obj.sh uses echo -n from /bin/sh, which echos "-n"
• Update explanation of ssh-agent emulation of gpg-agent wrt ssh certificate
• Applied D527: po: Update Simplified Chinese Translation.
• Chopstx release: 1.19 / 2.x branch
• Gnuk emulation on GNU/Linux machine
• TTXS update for slot number 1
• Japanese message translation

This week:

• new Gnuk release (mainly for GNU/Linux emulation)
  • For the emulation, test with requiring KDF data object before key import / key generation
• Tax report of 2020 (for my business)

For the pogo-pin test clip to flash, it is available in China.

Pushed the change. Please test.

See the comment in rE13918d05a333: Allow building with --disable-threads. for ABI incompatibility.

I'm sorry, if my wording sounded harsh.

In T1756#131862, @whites11 wrote:

I understand this is kind of an edge case, but having the possibility to use signed ssh keys would be very useful to me.

When building with no threads support, I think that generating same lock-obj-pub-$host.h is just possible by this change.

Tell us the architecture(s) which doesn't support POSIX threads by uClibc.
Adding support for such an architecture would be the best.

Sorry, I was assuming uClibc were not supporting POSIX threads.

Thank you for more information.

Please note that the result with --host="arm-unknown-linux-gnueabi" for linux-uclibcgnueabih machine is different to the one of correctly generated version by gen-posix-lock-obj.c with USE_POSIX_THREADS undefined on the host.

I found that the use of $CC -print-file-name=crt1.o won't work with some cross compiler.
For example, on my system of Debian bullseye for cross compiler ppc64el, while it's for multiarch configuration, crt1.o is under GNU cross style directory: /usr/powerpc64le-linux-gnu/lib

I would understand your workaorund of using artifical --host intentionally.

We also need to support the use case of GNU cross style, like when we build with MinGW toolchain.

With GnuPG in master (to be 2.3), it can handle the second SKESK when the first one fails.

For other libraries, like libgcrypt, it should be mostly OK with old gpg-error.m4, because those libraries don't depend on new libgpg-error features.

Fixed GnuPG in rGe1e3f1db4660: build: Update gpg-error.m4. and rG985e85dc0e6c: build: Update gpg-error.m4..

Fixed more in rEd7fd25bbfb83: build: Fix the previous change..

Thank you for the report. I had expected *-*-linux* matches only to GNU/Linux (Linux kernel with GNU C library).

Considered again, I realized that (1) is no need to check.

POSIX says so (use printf instead).
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/echo.html

Thank you. I'll fix. Perhaps, I'll ignore old UNIXen like AIX 6.1, which has no way to echo with no newlines.

Thanks. Applied in rG4ca8ca5f7f58: po: Update Simplified Chinese Translation..

Last week:

• Fixed
  • libgcrypt: T5282: ecc: No check for broken public key when verify signature (ECDSA, ECDSA for SM and GOST)
  • gnugp: T4713: Bug in get_best_pubkey_byname
• Review of Chopstx to update TTXS
  • Found a bug for Cortex-M0, another for Cortex-M3/4 (the last release of 2.0 is buggy)

This week:

• Test Chopstx 2.x with Cortex-M3/4 by running TTXS
• Test Chopstx 2.x on GNU/Linux
• Update TTXS for handling of slot number #1 (non-existent), and voltage support
• Update TTXS to use Chopstx 2.x.
• D527: po: Update Simplified Chinese Translation.

So 'out of core' actually means:

• run out of the memory resource, in other words, insufficient memory resources ?

Here are my comments.

pubkey_cmp should be symmetric (pubkey_cmp(A,B) == - pubkey_cmp(B,A)), but it was not.

So, the change against libgcrypt 1.9.1 will be:

I got hit of search by "$ld$weak$os10.11$_getentropy".
So, I guess that it's 10.11 which has _getentropy as weak symbol, and 10.12 or later has implementation.

Today's topic:

• Adding checks should be done: T5282: ecc: No check for broken public key when verify signature (ECDSA, ECDSA for SM and GOST)
  • For EdDSA, we have such a check already from its beginning

Last week:

• Fix libgcrypt for 1.9.1

This week:

• More fixes for libgcrypt
  • For old macOS
  • T5282
• Possibly, merge changes of Purism's patch to TTXS (if any)

Here is a patch adding those checks:

diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
index d540578e..30103f14 100644
--- a/cipher/ecc-ecdsa.c
+++ b/cipher/ecc-ecdsa.c
@@ -172,6 +172,9 @@ _gcry_ecc_ecdsa_verify (gcry_mpi_t input, mpi_ec_t ec,
   mpi_point_struct Q, Q1, Q2;
   unsigned int nbits;

In T5268#142612, @ballapete wrote:

Wouldn't it be better to move these failures as a single one into the configure script that it definitely can tell "This Mac has getentropy()"?

I linked all related tasks for the release of 1.9.1, so that making release notes can be easier and recording information here.