smueller_chronox.de (smueller_chronox.de)
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:47 PM (104 w, 1 d)
Availability
Available

Recent Activity

Sep 7 2018

smueller_chronox.de added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

Apologies for not having read all comments in this long thread. I was asked to comment on the patch, so here is my comment:

Sep 7 2018, 5:41 PM · libgcrypt, gnupg

Aug 1 2017

smueller_chronox.de added a comment to rG4e117f206beb: gpg,sm: Error out on compliance mismatch while decrypting..

Andre, you are talking about changing compliance requirements and then be able to recover your old data via "legacy" mode. This is a valid argument. But if you need it you will not operate compliant and should disable the compliance mode. That was the agreement during the customer meeting.

Aug 1 2017, 4:55 PM

Jun 17 2016

smueller_chronox.de added projects to T2388: Inform callers about memory alignment requirements of a cipher implementation: Feature Request, libgcrypt.
Jun 17 2016, 11:30 AM · libgcrypt, Feature Request

Sep 7 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

The patch v10 should now cover all change requests from Werner as documented in
the cover-letter.

However, I am not fully sure about the interface yet: the GCRY_DRBG_REINIT is
now solely limited to normal DRBG use. I do not see how that can be merged to
existing random interfaces.

The CAVS test interface is now isolated to the control value 75 similarly to the
X9.31 testing approach. However, the current approach triggers a compile time
warning about the undefined enum 75.

See [1] in libgcrypt/test/ for a test application that uses the DRBG in normal
mode and in CAVS test mode -- search for gcry_control.

Tested:

  • 32 / 64 bit
  • CAVS testing on both arches
  • brief stess testing by creating 200 MB of data and checking it with ent to see

that the output function is not broken

[1] http://www.chronox.de/drbg/drbg-20140907.tar.bz2

Sep 7 2014, 3:04 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D216: 500_v10-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch

Sep 7 2014, 2:57 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

Sep 7 2014, 2:57 AM · patch, libgcrypt, Feature Request

Sep 3 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

re GPL: will do

re one patch: will do

I will make also the requested code changes. Though, the indentation makes me
wonder. As I am not used to this indentation, I used the help of indent wit the
following command as specified on the GNU home page: indent -nbad -bap -nbc -bbo
-bl -bli2 -bls -ncdb -nce -cp1 -cs -di2 -ndj -nfc1 -nfca -hnl -i2 -ip5 -lp -pcs
-psl -nsc -nsob. Now, what is wrong with the indentation?

Re reusing the API: I am wondering where I do not reuse the API? The normal
usage is via the gcry_randomize function. The external hook is used for:

  1. changing the type of DRBG (note, the code implements many random number

generators)

  1. allowing the use of the personalization string / additional info string (I

would not know how to use that with gcry_randomize.

  1. allow the CAVS testing to be performed.

If you have suggestions on how to cover that using existing APIs, I would be
very much interested in it.

Sep 3 2014, 1:07 PM · patch, libgcrypt, Feature Request

Sep 2 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

Changes v9:
drbg_int2byte replaced by drbg_cpu_to_be32 and the use of be_bswap32
and be_bswap64 for converting an integer into a character string.
Besides performance increase, it fixes the conversion on 32 bit machines.

Tested:

  • on 64 and 32 bit
  • CAVS on both arches
  • sanity tests on 32 and 64 bit
Sep 2 2014, 4:34 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D217: 497_v9-0007-User-interface-to-DRBG.patch

Sep 2 2014, 4:33 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D218: 496_v9-0006-DRBG-specific-gcry_control-requests.patch

Sep 2 2014, 4:33 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D219: 495_v9-0005-Function-definitions-for-gcry_control-callbacks.patch

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D220: 494_v9-0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D221: 493_v9-0003-Function-definitions-of-interfaces-for-random.c.patch

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D222: 492_v9-0002-Compile-DRBG.patch

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D223: 491_v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

Sep 2 2014, 4:32 AM · patch, libgcrypt, Feature Request

Sep 1 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

v8 does not compile on 32 bit

Sep 1 2014, 1:05 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

Update of the entire patch set to version 8:
Fix the functions drbg_max_addtl, and drbg_max_requests to not overflow
size_t in 32 bit. Furthermore, the per-DRBG option for maximum requests,
maximum request bits and maximum length of additional information is removed
in favor of a global setting. The change only affects drbg.c

Note: only the patch 0001 is changed compared to version 7 of the patch set.

Sep 1 2014, 12:39 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D224: 489_v8-0007-User-interface-to-DRBG.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D225: 488_v8-0006-DRBG-specific-gcry_control-requests.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D226: 487_v8-0005-Function-definitions-for-gcry_control-callbacks.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D227: 486_v8-0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D228: 485_v8-0003-Function-definitions-of-interfaces-for-random.c.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D229: 484_v8-0002-Compile-DRBG.patch

Sep 1 2014, 12:38 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D230: 483_v8-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch

Sep 1 2014, 12:37 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

Sep 1 2014, 12:37 PM · patch, libgcrypt, Feature Request

Aug 28 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

On 32 bit, a problem was just discovered in the kernel development branch: see
discussion in https://lkml.org/lkml/2014/8/26/59.

The base line is that the bit shift in drbg_max_addtl and drbg_max_requests are
stored in a size_t which is 32 bit on 32 bit machines. Yet, the bit shift is
larger than 32 bit. It will be fixed in the next installment of the patch.

Aug 28 2014, 9:36 AM · patch, libgcrypt, Feature Request

Aug 22 2014

smueller_chronox.de updated subscribers of T1701: SP 800-90A deterministic Random Bit Generator.
Aug 22 2014, 12:42 PM · patch, libgcrypt, Feature Request

Aug 21 2014

smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D231: 473_v7-0007-User-interface-to-DRBG.patch

Aug 21 2014, 9:45 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D232: 472_v7-0006-DRBG-specific-gcry_control-requests.patch

Aug 21 2014, 9:45 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D233: 471_v7-0005-Function-definitions-for-gcry_control-callbacks.patch

Aug 21 2014, 9:44 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D234: 470_v7-0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch

Aug 21 2014, 9:44 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D235: 469_v7-0003-Function-definitions-of-interfaces-for-random.c.patch

Aug 21 2014, 9:44 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D236: 468_v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch

Aug 21 2014, 9:44 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added a comment to T1701: SP 800-90A deterministic Random Bit Generator.

D237: 467_v7-0002-Compile-DRBG.patch

Aug 21 2014, 9:43 PM · patch, libgcrypt, Feature Request
smueller_chronox.de added projects to T1701: SP 800-90A deterministic Random Bit Generator: Feature Request, libgcrypt.
Aug 21 2014, 9:43 PM · patch, libgcrypt, Feature Request