- User Since
- Mar 27 2017, 4:47 PM (205 w, 4 d)
Wed, Mar 3
========= 0110.asc ========== # off=0 ctb=88 tag=2 hlen=2 plen=117 :signature packet: algo 22, keyid E267B052364F028D version 4, created 1614755507, md5len 0, sigclass 0x01 digest algo 10, begin of digest 4f 78 hashed subpkt 33 len 21 (issuer fpr v4 249CB3771750745D5CDD323CE267B052364F028D) hashed subpkt 2 len 4 (sig created 2021-03-03) subpkt 16 len 8 (issuer key ID E267B052364F028D) data: ADEE890B755C3B52D46FB0105097F23B5905B472C626222ACB4E441D8EB40001 data: 007119FF80C34DA152BDB07E1EF5D968CB9F2773002A0CF57911670BE248CF06 ========= 0354.asc ========== # off=0 ctb=88 tag=2 hlen=2 plen=117 :signature packet: algo 22, keyid E267B052364F028D version 4, created 1614755520, md5len 0, sigclass 0x01 digest algo 10, begin of digest 28 19 hashed subpkt 33 len 21 (issuer fpr v4 249CB3771750745D5CDD323CE267B052364F028D) hashed subpkt 2 len 4 (sig created 2021-03-03) subpkt 16 len 8 (issuer key ID E267B052364F028D) data: 001DB3839E3FD8D4CB81357EE5E42F4AF652C252A03A0FB21768621B1025C08C data: AF5A0910EF1D4D6BDD07EA0AA6D69049CB7BA7ED42427E14B8B72CF2C2231704
Here are example files produced by GnuPG 2.3-beta:
S part has preceding zero:
R part has preceding zero:
Mon, Mar 1
We could add compatibility mode for Ed25519 signature to confirm well-formed MPI (expecting recovery).
- Review PO of Simplified Chinese to push rGf5897b3d2448: po: Update Simplified Chinese Translation.
- Release Chipstx 1.19 / 2.2
- Finally, I learned about old and new syntaxes of ARM assembler
- sub means subtraction with flags update in Cortex-M0 (old syntax), substraction with no flags update in Cortex-M3/M4 (new syntax)
- Gnuk 1.2.17
- basically for GNU/Linux emulation https://lists.gnupg.org/pipermail/gnuk-users/2021-February/000293.html
- Finally, I learned about old and new syntaxes of ARM assembler
- Let me describe the problem of Ed25519 signature and clear secret key incompatibility between GnuPG 2.2 and GnuPG 2.3-beta
- I'll write bug report here, perhaps also to OpenPGP WG
- patch for 2.2 is available in T5120
- Reference: T4954: SOS representation and improvements in GnuPG
- Start an experiment (to evaluate Achim's forthcoming update for OpenPGP card specification):
- X448 support in scdaemon
- Gnuk emulation mode
- ... because X448 is easier to implement faster
- ... about to give up fine-grain side channel by FLUSH+RELOAD things
Fri, Feb 26
Thank you. Applied and pushed.
Thu, Feb 25
Mon, Feb 22
Last two weeks:
- Update explanation of ssh-agent emulation of gpg-agent wrt ssh certificate
- Applied D527: po: Update Simplified Chinese Translation.
- Chopstx release: 1.19 / 2.x branch
- Gnuk emulation on GNU/Linux machine
- TTXS update for slot number 1
- Japanese message translation
- new Gnuk release (mainly for GNU/Linux emulation)
- For the emulation, test with requiring KDF data object before key import / key generation
- Tax report of 2020 (for my business)
Fri, Feb 19
For the pogo-pin test clip to flash, it is available in China.
Thu, Feb 18
Pushed the change. Please test.
See the comment in rE13918d05a333: Allow building with --disable-threads. for ABI incompatibility.
I'm sorry, if my wording sounded harsh.
Wed, Feb 17
When building with no threads support, I think that generating same lock-obj-pub-$host.h is just possible by this change.
Tue, Feb 16
Tell us the architecture(s) which doesn't support POSIX threads by uClibc.
Adding support for such an architecture would be the best.
Sorry, I was assuming uClibc were not supporting POSIX threads.
Mon, Feb 15
Thank you for more information.
Please note that the result with --host="arm-unknown-linux-gnueabi" for linux-uclibcgnueabih machine is different to the one of correctly generated version by gen-posix-lock-obj.c with USE_POSIX_THREADS undefined on the host.
I found that the use of $CC -print-file-name=crt1.o won't work with some cross compiler.
For example, on my system of Debian bullseye for cross compiler ppc64el, while it's for multiarch configuration, crt1.o is under GNU cross style directory: /usr/powerpc64le-linux-gnu/lib
I would understand your workaorund of using artifical --host intentionally.
We also need to support the use case of GNU cross style, like when we build with MinGW toolchain.
With GnuPG in master (to be 2.3), it can handle the second SKESK when the first one fails.
For other libraries, like libgcrypt, it should be mostly OK with old gpg-error.m4, because those libraries don't depend on new libgpg-error features.
Fixed more in rEd7fd25bbfb83: build: Fix the previous change..
Thank you for the report. I had expected *-*-linux* matches only to GNU/Linux (Linux kernel with GNU C library).
Fri, Feb 12
Considered again, I realized that (1) is no need to check.
Wed, Feb 10
Tue, Feb 9
POSIX says so (use printf instead).
Thank you. I'll fix. Perhaps, I'll ignore old UNIXen like AIX 6.1, which has no way to echo with no newlines.
Thanks. Applied in rG4ca8ca5f7f58: po: Update Simplified Chinese Translation..
Mon, Feb 8
- Review of Chopstx to update TTXS
- Found a bug for Cortex-M0, another for Cortex-M3/4 (the last release of 2.0 is buggy)
- Test Chopstx 2.x with Cortex-M3/4 by running TTXS
- Test Chopstx 2.x on GNU/Linux
- Update TTXS for handling of slot number #1 (non-existent), and voltage support
- Update TTXS to use Chopstx 2.x.
- D527: po: Update Simplified Chinese Translation.
So 'out of core' actually means:
- run out of the memory resource, in other words, insufficient memory resources ?
Here are my comments.
Fri, Feb 5
pubkey_cmp should be symmetric (pubkey_cmp(A,B) == - pubkey_cmp(B,A)), but it was not.
Feb 2 2021
So, the change against libgcrypt 1.9.1 will be:
I got hit of search by "$ld$weak$os10.11$_getentropy".
So, I guess that it's 10.11 which has _getentropy as weak symbol, and 10.12 or later has implementation.
Feb 1 2021
- Adding checks should be done: T5282: ecc: No check for broken public key when verify signature (ECDSA, ECDSA for SM and GOST)
- For EdDSA, we have such a check already from its beginning
- Fix libgcrypt for 1.9.1
- More fixes for libgcrypt
- For old macOS
- Possibly, merge changes of Purism's patch to TTXS (if any)
Here is a patch adding those checks:
diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c index d540578e..30103f14 100644 --- a/cipher/ecc-ecdsa.c +++ b/cipher/ecc-ecdsa.c @@ -172,6 +172,9 @@ _gcry_ecc_ecdsa_verify (gcry_mpi_t input, mpi_ec_t ec, mpi_point_struct Q, Q1, Q2; unsigned int nbits;
Jan 29 2021
I linked all related tasks for the release of 1.9.1, so that making release notes can be easier and recording information here.