Page MenuHome GnuPG
People gniibe

gniibe (NIIBE Yutaka)
UserAdministrator

Projects (9)
View All

User Details

User Since
Mar 27 2017, 4:47 PM (433 w, 2 d)
Roles
Administrator
Availability
Busy Busy until Jun 29 2031.

Recent Activity
View All

Yesterday

gniibe added a comment to T7709: Decryption with ECC smartcard keys broken.

Here is a patch.

diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 1e5de4671..bb42dd3b4 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -517,6 +517,9 @@ agent_card_ecc_kem (ctrl_t ctrl, const unsigned char *ecc_ct,
Wed, Jul 16, 12:09 PM · gnupg26, Bug Report, gpd5x
gniibe committed rE8a38d914512c: w32:spawn: Support pipe I/O for GPGRT_PROCESS_DETACHED. (authored by gniibe).
w32:spawn: Support pipe I/O for GPGRT_PROCESS_DETACHED.
Wed, Jul 16, 6:33 AM
gniibe added a comment to T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".

Fixed with new GPGRT_PROCESS_STDIO_NUL flag.

Wed, Jul 16, 3:34 AM · Windows, gpgrt, Feature Request, Bug Report

Tue, Jul 15

gniibe committed rE311fb769d1dd: w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL. (authored by gniibe).
w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL.
Tue, Jul 15, 9:51 AM
gniibe committed rEf28bf71b86ba: w32:spawn: Fix resource leaks for HANDLEs by w32_open_null. (authored by gniibe).
w32:spawn: Fix resource leaks for HANDLEs by w32_open_null.
Tue, Jul 15, 9:51 AM
gniibe committed rE0b01950237ab: w32:spawn: Fix inheriting HANDLEs. (authored by gniibe).
w32:spawn: Fix inheriting HANDLEs.
Tue, Jul 15, 9:51 AM
gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Pushed the changes:

T7723 fix by rE311fb769d1dd: w32:spawn: New flag GPGRT_PROCESS_STDIO_NUL.

Tue, Jul 15, 8:47 AM · gpgrt, Feature Request, Bug Report
gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Before implementing this feature, it's better to fix T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL", and do some clean up.

Tue, Jul 15, 8:35 AM · gpgrt, Feature Request, Bug Report
gniibe updated the task description for T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".
Tue, Jul 15, 8:21 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe updated the task description for T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".
Tue, Jul 15, 7:53 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe added a comment to T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL".

If we will fix gpgconf using GPGRT_PROCESS_IO_NUL, we will need to fix gpg-connect-agent to see if it's NUL or not.

Tue, Jul 15, 7:52 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe triaged T7723: gpgrt:w32: Fix for inheriting stdin/stdout/stderr with "NUL" as Wishlist priority.
Tue, Jul 15, 7:50 AM · Windows, gpgrt, Feature Request, Bug Report
gniibe closed T7340: Introduced a context with thread local storage, a subtask of T7338: Revamp the FIPS service indicator, as Resolved.
Tue, Jul 15, 7:27 AM · libgcrypt, FIPS, Feature Request
gniibe closed T7340: Introduced a context with thread local storage as Resolved.
Tue, Jul 15, 7:27 AM · libgcrypt, FIPS, Feature Request
gniibe closed T7668: gnupg: regexp and build with -fsanitize=address as Resolved.
Tue, Jul 15, 7:26 AM · Bug Report, gnupg

Fri, Jul 11

gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

Here is an experimental change to support the feature.

Fri, Jul 11, 10:50 AM · gpgrt, Feature Request, Bug Report
gniibe added a comment to T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd.

I'm testing the following patch with experimental change of libgpg-error.

Fri, Jul 11, 10:45 AM · gnupg, Feature Request, Bug Report
gniibe triaged T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd as Wishlist priority.
Fri, Jul 11, 10:44 AM · gnupg, Feature Request, Bug Report
gniibe renamed T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error from gpgrt:w32: Spawn detached process, with standard input and standard error to gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Fri, Jul 11, 10:39 AM · gpgrt, Feature Request, Bug Report

Thu, Jul 10

gniibe added a comment to T7138: Windows (Semi-hosted environment): filename and network access.

In libgpg-error, we have: rE65114f24e13f: w32: More changes to the extended length path handling.

Thu, Jul 10, 3:51 AM · gnupg, Bug Report

Wed, Jul 9

gniibe updated the task description for T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Wed, Jul 9, 9:07 AM · gpgrt, Feature Request, Bug Report
gniibe triaged T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error as Wishlist priority.
Wed, Jul 9, 6:44 AM · gpgrt, Feature Request, Bug Report
gniibe claimed T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Wed, Jul 9, 6:44 AM · gpgrt, Feature Request, Bug Report
gniibe created T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.
Wed, Jul 9, 6:43 AM · gpgrt, Feature Request, Bug Report

Sat, Jul 5

gniibe committed rCf06e90f4137a: cipher:ecc: Silence GCC 15 warning. (authored by gniibe).
cipher:ecc: Silence GCC 15 warning.
Sat, Jul 5, 2:38 AM
gniibe committed rCe414699f5da7: cipher:gcm: Minor fix for buffer size. (authored by gniibe).
cipher:gcm: Minor fix for buffer size.
Sat, Jul 5, 2:38 AM

Fri, Jul 4

gniibe committed rG944494978090: common: Remove openpgp_oid_to_kem_algo. (authored by gniibe).
common: Remove openpgp_oid_to_kem_algo.
Fri, Jul 4, 7:38 AM
gniibe committed rG5efabec21883: gpg:ecc: Use the common function of gnupg_get_ecc_params. (authored by gniibe).
gpg:ecc: Use the common function of gnupg_get_ecc_params.
Fri, Jul 4, 7:38 AM
gniibe committed rG5ab9d59ee19e: common:ecc: Have a field if the curve of ECC is Weierstrass. (authored by gniibe).
common:ecc: Have a field if the curve of ECC is Weierstrass.
Fri, Jul 4, 7:38 AM
gniibe committed rCe9b1c3ec91a1: cipher:kem: Provide each enum constant as macro. (authored by gniibe).
cipher:kem: Provide each enum constant as macro.
Fri, Jul 4, 2:55 AM
gniibe committed rC292cb75a723c: cipher:rsa: Fix missing initialization in generate_fips. (authored by gniibe).
cipher:rsa: Fix missing initialization in generate_fips.
Fri, Jul 4, 2:55 AM

Thu, Jul 3

gniibe committed rG5e623b71d5ce: common:kem: Factor out a function to retrieve ECC parameters. (authored by gniibe).
common:kem: Factor out a function to retrieve ECC parameters.
Thu, Jul 3, 9:22 AM
gniibe closed T7648: Decryption to a Ky768_Cv25519 key does not work if the Cv25519 key is on a token as Resolved.
Thu, Jul 3, 7:14 AM · PQC, Bug Report
gniibe committed rCd9acecb02a90: build: More changes to allow build with no Kyber. (authored by gniibe).
build: More changes to allow build with no Kyber.
Thu, Jul 3, 4:18 AM
gniibe committed rCf2b7d7862ff9: build: Allow build with no Kyber. (authored by gniibe).
build: Allow build with no Kyber.
Thu, Jul 3, 2:35 AM

Wed, Jul 2

gniibe committed rEcac716808814: gpgrt-config: It's gcc which supports -print-search-dirs option. (authored by gniibe).
gpgrt-config: It's gcc which supports -print-search-dirs option.
Wed, Jul 2, 3:18 AM
gniibe committed rC95beae482412: tests: Add a test for Dilithium. (authored by gniibe).
tests: Add a test for Dilithium.
Wed, Jul 2, 2:15 AM
gniibe committed rC0a1fda8ce4d0: cipher:dilithium: Support "no-prefix" flag for Dilithium testing. (authored by gniibe).
cipher:dilithium: Support "no-prefix" flag for Dilithium testing.
Wed, Jul 2, 2:15 AM
gniibe committed rC40c84d8a4c76: cipher:dilithium: Add ML-DSA into libgcrypt pubkey interface. (authored by gniibe).
cipher:dilithium: Add ML-DSA into libgcrypt pubkey interface.
Wed, Jul 2, 2:15 AM
gniibe committed rC81a8332963e2: cipher:dilithium: Add dilithium functions for libgcrypt internal use. (authored by gniibe).
cipher:dilithium: Add dilithium functions for libgcrypt internal use.
Wed, Jul 2, 2:15 AM

Tue, Jul 1

gniibe committed rCbef89f9316c8: cipher:dilithium: List the dilithium implementation to Makefile.am. (authored by gniibe).
cipher:dilithium: List the dilithium implementation to Makefile.am.
Tue, Jul 1, 2:27 AM
gniibe committed rCaeb775adfafd: cipher:dilithium: Don't include unused freeze function. (authored by gniibe).
cipher:dilithium: Don't include unused freeze function.
Tue, Jul 1, 2:27 AM
gniibe committed rCf78099b5a022: cipher:dilithium: Add DILITHIUM_INTERNAL_API_ONLY. (authored by gniibe).
cipher:dilithium: Add DILITHIUM_INTERNAL_API_ONLY.
Tue, Jul 1, 2:27 AM
gniibe committed rCcce9c02988c2: cipher:dilithium: Have cipher/dilithium.h. (authored by gniibe).
cipher:dilithium: Have cipher/dilithium.h.
Tue, Jul 1, 2:27 AM
gniibe committed rCa0bd76300f60: cipher:dilithium: Fix comment style. (authored by gniibe).
cipher:dilithium: Fix comment style.
Tue, Jul 1, 2:27 AM
gniibe committed rC92f129fb9ddc: cipher:dilithium: For _GCRYPT_IN_LIBGCRYPT, add *_close function. (authored by gniibe).
cipher:dilithium: For _GCRYPT_IN_LIBGCRYPT, add *_close function.
Tue, Jul 1, 2:27 AM
gniibe committed rC5cbf3180533d: cipher:dilithium: Make the implementation into three files. (authored by gniibe).
cipher:dilithium: Make the implementation into three files.
Tue, Jul 1, 2:27 AM
gniibe committed rC28fb2e30790b: cipher:dilithium: Functions of poly for different DILITHIUM_MODE. (authored by gniibe).
cipher:dilithium: Functions of poly for different DILITHIUM_MODE.
Tue, Jul 1, 2:27 AM
gniibe committed rCcb15a5563ade: cipher: Editorial clean up cipher/dilithium.c for headers. (authored by gniibe).
cipher: Editorial clean up cipher/dilithium.c for headers.
Tue, Jul 1, 2:27 AM
gniibe committed rCcc7d750be1c7: cipher:dilithium: Export the external API only. (authored by gniibe).
cipher:dilithium: Export the external API only.
Tue, Jul 1, 2:27 AM
gniibe committed rCa7fdda036591: cipher: Add headers to the Dilithium implementation. (authored by gniibe).
cipher: Add headers to the Dilithium implementation.
Tue, Jul 1, 2:27 AM
gniibe committed rC1b422366e2b3: cipher: Put the original Dilithium implementation. (authored by gniibe).
cipher: Put the original Dilithium implementation.
Tue, Jul 1, 2:27 AM
gniibe committed rEdffca928fbc9: spawn: Define _GPGRT_NEED_AFLOCAL for OS without AF_LOCAL. (authored by gniibe).
spawn: Define _GPGRT_NEED_AFLOCAL for OS without AF_LOCAL.
Tue, Jul 1, 2:06 AM
gniibe committed rEf01a2e7c3f9a: po: Update Japanese Translation. (authored by gniibe).
po: Update Japanese Translation.
Tue, Jul 1, 2:06 AM

Fri, Jun 27

gniibe committed rCb945002e44ce: tests:common: Increse buffer size to allow input for PQC testing. (authored by gniibe).
tests:common: Increse buffer size to allow input for PQC testing.
Fri, Jun 27, 2:57 AM

Thu, Jun 26

gniibe changed the status of T7698: Add support of secp256k1 for KEM API, a subtask of T7649: gnupg: Use KEM interface for encryption/decryption, from Open to Testing.
Thu, Jun 26, 6:49 AM · gnupg26
gniibe changed the status of T7698: Add support of secp256k1 for KEM API from Open to Testing.
Thu, Jun 26, 6:49 AM · gnupg26
gniibe changed the status of T7696: POSIX: spawn fixes from Open to Testing.
Thu, Jun 26, 6:49 AM · gpgrt, Bug Report
gniibe changed the status of T7696: POSIX: spawn fixes, a subtask of T7660: GPGME invocation by cri-o hangs on gpgme_op_verify, from Open to Testing.
Thu, Jun 26, 6:49 AM · golang, gpgme, Bug Report
gniibe committed rE6cb61bb9cb55: spawn:posix: Use 1024 for arbitrary limit, following GPGME. (authored by gniibe).
spawn:posix: Use 1024 for arbitrary limit, following GPGME.
Thu, Jun 26, 4:50 AM
gniibe committed rEd302aff1eff1: spawn:posix: Add an improvement when closefrom is not available. (authored by gniibe).
spawn:posix: Add an improvement when closefrom is not available.
Thu, Jun 26, 4:50 AM
gniibe committed rE9cc016c38df1: posix:spawn: Use getdents64 when closefrom is not available. (authored by gniibe).
posix:spawn: Use getdents64 when closefrom is not available.
Thu, Jun 26, 4:50 AM
gniibe committed rC10c0ce88ba3f: cipher:kem:ecc: Support secp256k1 by KEM API. (authored by gniibe).
cipher:kem:ecc: Support secp256k1 by KEM API.
Thu, Jun 26, 4:15 AM

Wed, Jun 25

gniibe triaged T7698: Add support of secp256k1 for KEM API as High priority.
Wed, Jun 25, 3:19 AM · gnupg26

Tue, Jun 24

gniibe committed rCcbefff5fcaa6: cipher: Support random-override with PUBKEY_FLAG_BYTE_STRING. (authored by gniibe).
cipher: Support random-override with PUBKEY_FLAG_BYTE_STRING.
Tue, Jun 24, 9:04 AM
gniibe committed rC3bb4a54f4387: cipher: Add PUBKEY_FLAG_BYTE_STRING to support byte string data. (authored by gniibe).
cipher: Add PUBKEY_FLAG_BYTE_STRING to support byte string data.
Tue, Jun 24, 9:04 AM
gniibe closed T7664: tests/openpgp/ecc.scm fails when building GPG with address sanitizer as Resolved.

Fixed in 2.5.8.

Tue, Jun 24, 8:50 AM · gnupg, Bug Report
gniibe added a comment to T7649: gnupg: Use KEM interface for encryption/decryption.

secp256k1 failure:
https://lists.gnupg.org/pipermail/gnupg-users/2025-June/067731.html

Tue, Jun 24, 8:07 AM · gnupg26

Mon, Jun 23

werner awarded rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization. a Pterodactyl token.
Mon, Jun 23, 9:10 AM
gniibe committed rE2c029e737e88: spawn:posix: Fix spawning a process on POSIX machine. (authored by gniibe).
spawn:posix: Fix spawning a process on POSIX machine.
Mon, Jun 23, 8:54 AM
gniibe updated the task description for T7696: POSIX: spawn fixes.
Mon, Jun 23, 8:31 AM · gpgrt, Bug Report
gniibe triaged T7696: POSIX: spawn fixes as Normal priority.
Mon, Jun 23, 7:21 AM · gpgrt, Bug Report
gniibe changed the status of T7694: GPGME: gpgme_io_spawn issues from Open to Testing.

Done by: rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization.

Mon, Jun 23, 7:17 AM · gpgme, Bug Report
gniibe changed the status of T7694: GPGME: gpgme_io_spawn issues, a subtask of T7660: GPGME invocation by cri-o hangs on gpgme_op_verify, from Open to Testing.
Mon, Jun 23, 7:17 AM · golang, gpgme, Bug Report
gniibe committed rM075e5be9fbee: Fix debug output of posix-io.c. (authored by gniibe).
Fix debug output of posix-io.c.
Mon, Jun 23, 7:13 AM
gniibe committed rM8caa7cc517eb: Use sysconf as a fallback mechanism in the initialization. (authored by gniibe).
Use sysconf as a fallback mechanism in the initialization.
Mon, Jun 23, 7:13 AM

Fri, Jun 20

gniibe added a comment to T7694: GPGME: gpgme_io_spawn issues.

OK. I'll add a code for setting the fallback value in _gpgme_io_subsystem_init and use it from get_max_fds.

Fri, Jun 20, 10:35 AM · gpgme, Bug Report
gniibe committed rMe8e5434cc4f5: posix: Clean up get_max_fds implementation. (authored by gniibe).
posix: Clean up get_max_fds implementation.
Fri, Jun 20, 3:30 AM
gniibe updated the task description for T7694: GPGME: gpgme_io_spawn issues.
Fri, Jun 20, 2:28 AM · gpgme, Bug Report
gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

For issues of get_max_fds, I created a sub task, although it seems not the direct cause of this particular problem.

Fri, Jun 20, 2:13 AM · golang, gpgme, Bug Report
gniibe removed a project from T7694: GPGME: gpgme_io_spawn issues: golang.
Fri, Jun 20, 2:09 AM · gpgme, Bug Report
gniibe triaged T7694: GPGME: gpgme_io_spawn issues as Normal priority.
Fri, Jun 20, 2:07 AM · gpgme, Bug Report

Thu, Jun 19

gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

I test following test program (gcc -o t-gmf t-gmf.c) on Debian machine of S390x.

t-gmf.c5 KBDownload

Thu, Jun 19, 9:26 AM · golang, gpgme, Bug Report

Tue, Jun 17

gniibe added a comment to T7660: GPGME invocation by cri-o hangs on gpgme_op_verify.

In the log, we can observe duplicated lines generated by
https://dev.gnupg.org/source/gpgme/browse/master/src/posix-io.c$545
Example is like:

2025-05-19 20:16:35 gpgme[21970.55d7]   _gpgme_io_spawn: check: fd[0] = 0x1c -> 0x1
2025-05-19 20:16:35 gpgme[21970.55d7]   _gpgme_io_spawn: check: fd[0] = 0x1c -> 0x1
Tue, Jun 17, 10:01 AM · golang, gpgme, Bug Report
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt, a subtask of T6191: FIPS: Supporting running FIPS enabled machine, as Resolved.
Tue, Jun 17, 2:38 AM · gnupg24, FIPS, Bug Report
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt, a subtask of T7649: gnupg: Use KEM interface for encryption/decryption, as Resolved.
Tue, Jun 17, 2:38 AM · gnupg26
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt as Resolved.
Tue, Jun 17, 2:38 AM · gnupg26, FIPS, Feature Request
gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:30 AM · MacOS, libgcrypt, Bug Report
gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime, a subtask of T7165: Release Libgcrypt 1.11.0, as Resolved.
Tue, Jun 17, 2:30 AM · Release Info, libgcrypt
gniibe closed T7184: Libgcrypt v1.11.0 make fails at cipher/blake2.c:834:6 (has no member named 'use_avx512') as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:29 AM · libgcrypt, Bug Report
gniibe closed T7277: libgcrypt: Adding Known Answer Tests for KEM as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:28 AM · PQC, libgcrypt

Jun 13 2025

gniibe added a comment to T7640: ML-DSA for libgcrypt.

Reading https://openssl-library.org/files/blog/Request_to_Extend_IETF_WGLC_for_PQ_Key_Specifications.pdf ,
seed (with "S") is included in the private-key.

Jun 13 2025, 3:40 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

The commit rC23543b6c1497: Add mldsa_compute_keygrip and let private-key include "p". works well for me.

Jun 13 2025, 2:51 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

To support Dilithium, we need to extend data handling of libgcrypt.
I propose following changes:

  • internal flag of PUBKEY_FLAG_BYTE_STRING to ask opaque MPI for data to be signed/verified.
  • The format of data as: (data(raw)[(flags no-prefix)](value ...)[(label ...)][(random-override ...)]): message, context, and random. Optional no-prefix flag to ask specific way of signing, controlling the internal, for Known Answer Tests (siggen).
Jun 13 2025, 2:50 AM · PQC, libgcrypt

Jun 6 2025

gniibe changed the status of T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token from Open to Testing.
Jun 6 2025, 7:27 AM · gnupg26, Bug Report
gniibe added a comment to T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token.

My test coverage was not good (even if I daily use Curve25519 on Gnuk Token).
Your analysis is correct.

Jun 6 2025, 7:18 AM · gnupg26, Bug Report
gniibe committed rGfde915af1cf4: agent: Fix for the prefix 0x40 in the point representation. (authored by gniibe).
agent: Fix for the prefix 0x40 in the point representation.
Jun 6 2025, 7:16 AM
gniibe triaged T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token as High priority.
Jun 6 2025, 7:00 AM · gnupg26, Bug Report
gniibe claimed T7676: Cannot decrypt a message encrypted to a Cv25519 key on a token.
Jun 6 2025, 7:00 AM · gnupg26, Bug Report

Jun 5 2025

gniibe added a comment to rGeb7d5d4d8507: scd: Fix detecting digest OID in the message to be signed..

OK, fixed in rG27e6622322b5: scd: Take care of possible buffer overflow in do_auth.

Jun 5 2025, 3:25 AM