Projects libgcrypt

libgcryptProject
ActivePublic
Watch Project

Members (5)

sergi (Sergi Blanch Torne)
User
werner (Werner Koch)
Engineering
jukivili (Jussi Kivilinna)
User
lbandlav (Laxmi Narsaiah Bandla)
Engineering
gniibe (NIIBE Yutaka)
User
View All

Watchers (5)

Recent Activity
View All

Mon, Feb 23

• werner closed T7624: libksba: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, as Resolved.

Mon, Feb 23, 2:51 PM · libgcrypt, Bug Report

Sat, Feb 21

• gniibe closed T8080: libgcrypt 1.12.0 regression: gcry_mpi_ec_curve_point as Resolved.

Fixed in 1.12.1.

Sat, Feb 21, 1:19 AM · libgcrypt, Bug Report

Fri, Feb 20

• werner closed T7643: Release Libgcrypt 1.12.0 as Resolved.

Fri, Feb 20, 2:19 PM · Release Info, libgcrypt

• werner closed T8067: Release Libgcrypt 1.12.1 as Resolved.

Fri, Feb 20, 2:19 PM · libgcrypt, Release Info

• werner triaged T8114: Release Libgcrypt 1.12.2 as Low priority.

Fri, Feb 20, 2:12 PM · libgcrypt, Release Info

• werner changed the status of T8094: libgcrypt: EC least leak failure from Open to Testing.

Fri, Feb 20, 1:55 PM · libgcrypt, Bug Report

Thu, Feb 19

• gniibe closed T7775: libgcrypt-1.11.2/mpi/mpi-add.c does not compile on PPC Mac OS X 10.5.8, Leopard, because of redefinition of typedefs as Resolved.

Fixed in 1.12.0.

Thu, Feb 19, 5:37 AM · ppc, MacOS, libgcrypt

Sun, Feb 15

• werner added a comment to T8094: libgcrypt: EC least leak failure.

FWIW: Okay, gmime is still a wrapper around gpgme. After decryption it has the ability to get the used session key from the gpgme result structure. Thus, I have been on the wrong trail. The actual problem is not gpgme but more GnuPG's use of Libgcrypt or an actual regression in Libgcrypt. Well, Friday 13th.

Sun, Feb 15, 4:37 PM · libgcrypt, Bug Report

Sat, Feb 14

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

Any hints where to find the actual crypto code which uses libgcrypt?

Sat, Feb 14, 5:59 AM · libgcrypt, Bug Report

Fri, Feb 13

jrm added a comment to T8094: libgcrypt: EC least leak failure.

Maintainer of the FreeBSD notmuch port/package here. The steps below consistently trigger the problem on FreeBSD 16.0 (unreleased main branch), but there are no problems on FreeBSD 15.0. All my testing was on amd64.

Fri, Feb 13, 6:26 PM · libgcrypt, Bug Report

• werner added a comment to T8094: libgcrypt: EC least leak failure.

Any hints where to find the actual crypto code which uses libgcrypt?

Fri, Feb 13, 10:16 AM · libgcrypt, Bug Report

• gniibe raised the priority of T8094: libgcrypt: EC least leak failure from Low to High.

Fri, Feb 13, 9:32 AM · libgcrypt, Bug Report

• gniibe added a comment to T8094: libgcrypt: EC least leak failure.

@thesamesam Thanks a lot.
I managed to replicate the failure somehow (for me, it fails at the importing the key).

Fri, Feb 13, 9:31 AM · libgcrypt, Bug Report

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

I've attached notmuch-bug.log with debug-level guru commented out for gpg-agent:

notmuch-bug.log27 KBDownload

Fri, Feb 13, 8:35 AM · libgcrypt, Bug Report

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

I can reproduce it using Stuart's script from https://lists.gnupg.org/pipermail/gcrypt-devel/2026-February/006031.html.

Fri, Feb 13, 8:34 AM · libgcrypt, Bug Report

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

$ uname -a
Linux mop 6.18.10 #1 SMP PREEMPT_DYNAMIC Wed Feb 11 21:14:57 GMT 2026 x86_64 AMD Ryzen 9 3950X 16-Core Processor AuthenticAMD GNU/Linux

Fri, Feb 13, 8:22 AM · libgcrypt, Bug Report

• gniibe added a project to T8094: libgcrypt: EC least leak failure: Info Needed.

Please tell us the information of your environment.
What the versions of gpg and gpg-agent?

Fri, Feb 13, 8:13 AM · libgcrypt, Bug Report

• gniibe renamed T8094: libgcrypt: EC least leak failure from libgcrypt: EC least leak failure on 32-bit machine to libgcrypt: EC least leak failure.

Fri, Feb 13, 8:10 AM · libgcrypt, Bug Report

thesamesam added a comment to T8094: libgcrypt: EC least leak failure.

We have seen the same thing on amd64 (x86_64) linux: https://bugs.gentoo.org/969501

Fri, Feb 13, 6:28 AM · libgcrypt, Bug Report

Wed, Feb 11

• gniibe added a comment to T8094: libgcrypt: EC least leak failure.

No, OpenBSD's implementation of POSIX semaphore is different to NetBSD.
(It doesn't support PSHARED=1.)

Wed, Feb 11, 2:51 AM · libgcrypt, Bug Report

• gniibe added a comment to T8094: libgcrypt: EC least leak failure.

Possibly, it is related to the NetBSD failure of T8065.
If importing the secret key fails (which invokes gpg-agent), decryption cannot be succeeded.
I will check OpenBSD implementation of POSIX semaphore, if it's similar to NetBSD one.

Wed, Feb 11, 2:41 AM · libgcrypt, Bug Report

Tue, Feb 10

• werner triaged T8094: libgcrypt: EC least leak failure as Low priority.

According to the ML @gniibe tried to replicate the problem without success.

Tue, Feb 10, 10:53 AM · libgcrypt, Bug Report

Mon, Feb 9

• gniibe created T8094: libgcrypt: EC least leak failure.

Mon, Feb 9, 9:58 AM · libgcrypt, Bug Report

Tue, Feb 3

• werner closed T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem as Resolved.

Will go into 1.12.1

Tue, Feb 3, 4:43 PM · Solaris, Bug Report, libgcrypt

• werner closed T8069: libgcrypt: NetBSD m68k as Resolved.

Thanks. Will go int the next version.

Tue, Feb 3, 4:43 PM · NetBSD, Feature Request, libgcrypt

• gniibe claimed T8080: libgcrypt 1.12.0 regression: gcry_mpi_ec_curve_point.

Tue, Feb 3, 7:10 AM · libgcrypt, Bug Report

Mon, Feb 2

wiz added a comment to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.

Thank you, that did indeed fix the problem!

Mon, Feb 2, 6:11 PM · Solaris, Bug Report, libgcrypt

Sun, Feb 1

• werner added projects to T8069: libgcrypt: NetBSD m68k: Feature Request, NetBSD.

Sun, Feb 1, 2:14 PM · NetBSD, Feature Request, libgcrypt

• werner added projects to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem: Bug Report, Solaris.

Sun, Feb 1, 2:13 PM · Solaris, Bug Report, libgcrypt

jukivili added a comment to T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.

Does following patch help?

Sun, Feb 1, 9:19 AM · Solaris, Bug Report, libgcrypt

Sat, Jan 31

wiz created T8071: libgrcypt 1.12.0: SmartOS (Solaris) build problem.

Sat, Jan 31, 9:16 PM · Solaris, Bug Report, libgcrypt

Fri, Jan 30

wiz added a project to T8069: libgcrypt: NetBSD m68k: libgcrypt.

Fri, Jan 30, 2:57 PM · NetBSD, Feature Request, libgcrypt

Thu, Jan 29

• werner closed T7226: libgcrypt 1.11.0 buid error on armhf with gcc-14 as Resolved.

Thu, Jan 29, 2:21 PM · FTBFS, arm, libgcrypt, Bug Report

• werner closed T7220: The CF protection not enabled in libgcrypt as Resolved.

Thu, Jan 29, 2:20 PM · libgcrypt, Bug Report

• werner closed T7519: libgcrypt: (EC)DSA signature generation should be constant-time as Resolved.

Thu, Jan 29, 2:20 PM · libgcrypt, Bug Report

• werner closed T7889: libgcrypt: HAVE_BROKEN_MLOCK as Resolved.

Thu, Jan 29, 2:19 PM · backport, libgcrypt, Bug Report

• werner closed T7640: ML-DSA for libgcrypt, a subtask of T6637: PQC for Libgcrypt, as Resolved.

Thu, Jan 29, 2:19 PM · PQC, libgcrypt

• werner closed T7640: ML-DSA for libgcrypt as Resolved.

Thu, Jan 29, 2:19 PM · PQC, libgcrypt

• werner closed T7338: Revamp the FIPS service indicator as Resolved.

Thu, Jan 29, 2:18 PM · libgcrypt, FIPS, Feature Request

• werner updated the task description for T7643: Release Libgcrypt 1.12.0.

Thu, Jan 29, 12:48 PM · Release Info, libgcrypt

• werner triaged T8067: Release Libgcrypt 1.12.1 as Low priority.

Thu, Jan 29, 12:47 PM · libgcrypt, Release Info

Jan 22 2026

• gniibe changed the status of T7338: Revamp the FIPS service indicator from Open to Testing.

Fixed in: rC2c1d41b5f86f: fips,cipher: Fix the regression with disabled public-key algo.

Jan 22 2026, 5:48 AM · libgcrypt, FIPS, Feature Request

• gniibe reopened T7338: Revamp the FIPS service indicator as "Open".

Re-opened because a regression is reported.

Jan 22 2026, 5:47 AM · libgcrypt, FIPS, Feature Request

Jan 19 2026

• gniibe changed the status of T7889: libgcrypt: HAVE_BROKEN_MLOCK from Open to Testing.

Backports have been done in both (1.10/1.11) branches.

Jan 19 2026, 6:58 AM · backport, libgcrypt, Bug Report

Jan 9 2026

• werner lowered the priority of T7889: libgcrypt: HAVE_BROKEN_MLOCK from High to Normal.

Okay, let's backport this.

Jan 9 2026, 11:04 AM · backport, libgcrypt, Bug Report

Dec 9 2025

• werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

gpgrt 1.57 will come with gpgrt_fconcat. This can be used to get the sysconfig in a portable way:

Dec 9 2025, 11:51 AM · libgcrypt, scute, gpgrt, Bug Report

Dec 4 2025

• gniibe added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

@werner For rCd5e3cbfd , my mingw (GCC version 14) complains about the function-return-type difference of the prototype with GetProcAddress.

Dec 4 2025, 7:19 AM · libgcrypt, scute, gpgrt, Bug Report

Nov 28 2025

• gniibe added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

Scute fixed in rSc3dc9c581631: w32: Use CSIDL_COMMON_APPDATA if available.

Nov 28 2025, 6:13 AM · libgcrypt, scute, gpgrt, Bug Report

Nov 27 2025

• werner updated the task description for T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

Nov 27 2025, 11:44 AM · libgcrypt, scute, gpgrt, Bug Report

Nov 26 2025

• werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

Okay, forward porting that patch is the easiest solution. Actually this is not enough: Users of Libgcrypt also need to make sure that the new sysconfig dir has the right permissions. That's a part for the installer and concrete ACLs may differ.

Nov 26 2025, 2:04 PM · libgcrypt, scute, gpgrt, Bug Report