Page MenuHome GnuPG

libgcryptProject
ActivePublic

Recent Activity

Yesterday

LFrank2021 added a comment to T5980: compilation error libgcrypt 1.10.1.

I do not claim I understand anything of this assembler syntax :)

Tue, May 17, 11:14 AM · Testing, backport, ppc, AIX, libgcrypt, Bug Report
werner moved T5975: Allow signature verification using specific RSA keys <2k in FIPS mode from Backlog to Next on the FIPS board.
Tue, May 17, 11:12 AM · patch, libgcrypt, FIPS, Feature Request
werner raised the priority of T4873: Enable AES GCM in FIPS mode from Low to Normal.
Tue, May 17, 11:09 AM · FIPS, libgcrypt, Feature Request
werner moved T5964: gnupg should use the KDFs implemented in libgcrypt from Backlog to Next on the FIPS board.
Tue, May 17, 11:07 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request
werner added a comment to T5964: gnupg should use the KDFs implemented in libgcrypt.

Lets implement it for 2.3

Tue, May 17, 11:06 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request
werner assigned T5964: gnupg should use the KDFs implemented in libgcrypt to gniibe.
Tue, May 17, 11:06 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request
gniibe added a comment to T5980: compilation error libgcrypt 1.10.1.

For the second, I wonder if newer xlclang++ compiler works with 1.9.

Tue, May 17, 4:58 AM · Testing, backport, ppc, AIX, libgcrypt, Bug Report
gniibe triaged T5980: compilation error libgcrypt 1.10.1 as Normal priority.

Thank you for the bug report.

Tue, May 17, 4:31 AM · Testing, backport, ppc, AIX, libgcrypt, Bug Report
gniibe added a project to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd'): Testing.

Pushed the change.

Tue, May 17, 3:47 AM · Testing, hppa, libgcrypt, Gentoo, Bug Report

Mon, May 16

werner added projects to T5980: compilation error libgcrypt 1.10.1: libgcrypt, AIX, ppc.
Mon, May 16, 9:59 PM · Testing, backport, ppc, AIX, libgcrypt, Bug Report
gniibe added a comment to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd').

Thanks for your confirmation.

Mon, May 16, 4:05 AM · Testing, hppa, libgcrypt, Gentoo, Bug Report

Sat, May 14

thesamesam added a comment to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd').

Okay, confirmed: I was just wrong and the build failure was only ever with --disable-asm (i.e. the log in this bug is the only relevant one). Patch works.

Sat, May 14, 3:54 AM · Testing, hppa, libgcrypt, Gentoo, Bug Report

Fri, May 13

werner closed T5597: First 8 bytes of cache item left in clear in memory after decryption. as Resolved.
Fri, May 13, 4:10 PM · libgcrypt, symmetric, Bug Report
Jakuje added a comment to T5975: Allow signature verification using specific RSA keys <2k in FIPS mode.

Ok. Thank you for the clarification. I will drop the second part and keep only the FIPS change in the patch. Merge request already updated.

Fri, May 13, 11:17 AM · patch, libgcrypt, FIPS, Feature Request
werner triaged T5973: libgcrypt: Minor test issues reported by coverity as Normal priority.

Thanks. Should be applied.

Fri, May 13, 8:16 AM · patch, libgcrypt, Bug Report
werner added a project to T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd'): hppa.
Fri, May 13, 8:06 AM · Testing, hppa, libgcrypt, Gentoo, Bug Report
werner triaged T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd') as Normal priority.
Fri, May 13, 8:06 AM · Testing, hppa, libgcrypt, Gentoo, Bug Report
werner triaged T5975: Allow signature verification using specific RSA keys <2k in FIPS mode as Normal priority.

I can imagine thar there are use cases for this. Thus I see no problems for the first part.

Fri, May 13, 8:00 AM · patch, libgcrypt, FIPS, Feature Request

Thu, May 12

Jakuje created T5975: Allow signature verification using specific RSA keys <2k in FIPS mode.
Thu, May 12, 2:53 PM · patch, libgcrypt, FIPS, Feature Request

Wed, May 11

Jakuje created T5973: libgcrypt: Minor test issues reported by coverity.
Wed, May 11, 6:19 PM · patch, libgcrypt, Bug Report

Tue, May 10

gniibe added a project to T5970: gcry_mpi_invm producing wrong result: Testing.

Pushed the change. Also, it's backported to 1.10 branch.

Tue, May 10, 8:59 AM · Testing, backport, libgcrypt, Bug Report
gniibe claimed T5970: gcry_mpi_invm producing wrong result.

Thanks for creating this ticket. I'll reply.

Tue, May 10, 8:44 AM · Testing, backport, libgcrypt, Bug Report
gniibe closed T5731: libgcrypt,w32: Possible API change for include file(s) as Resolved.

libgcrypt 1.10 is out with the API change for Windows, and we don't see any report (yet).

Tue, May 10, 7:34 AM · libgcrypt
gniibe added a project to T5891: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgcrypt-1.10.0: Testing.

Pushed the change to master.

Tue, May 10, 6:59 AM · Testing, libgcrypt, Bug Report

Mon, May 9

jukivili created T5970: gcry_mpi_invm producing wrong result.
Mon, May 9, 8:30 PM · Testing, backport, libgcrypt, Bug Report
jukivili updated the task description for T4460: libgcrypt performance TODOs.
Mon, May 9, 8:19 PM · libgcrypt
gniibe closed T5581: buf_eq_const() function in cipher/bufhelp.h may get wrong result as Wontfix.

GCC 11.3 and GCC 12.1 are out with the fix.

Mon, May 9, 3:02 AM · toolchain, libgcrypt, Bug Report

Fri, May 6

gniibe moved T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance from Next to Done on the FIPS board.
Fri, May 6, 2:31 AM · backport, Testing, FIPS, libgcrypt
gniibe moved T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime" from Next to Done on the FIPS board.
Fri, May 6, 2:31 AM · backport, Testing, FIPS, libgcrypt, Bug Report
gniibe moved T5918: Disable RSA PKCS #1.5 encryption in FIPS mode from Next to Done on the FIPS board.
Fri, May 6, 2:31 AM · backport, Testing, libgcrypt, FIPS, Bug Report

Thu, May 5

werner triaged T5964: gnupg should use the KDFs implemented in libgcrypt as Normal priority.

When we implemented this first, Libgcrypt had no appropriate KDF support. I recall that I considered to change this but it turned out the for 2.2 the changes are too large. For 2.3 we will consider such a change.

Thu, May 5, 8:40 AM · gnupg (gpg23), FIPS, libgcrypt, Feature Request

Wed, May 4

Jakuje created T5964: gnupg should use the KDFs implemented in libgcrypt.
Wed, May 4, 3:16 PM · gnupg (gpg23), FIPS, libgcrypt, Feature Request

Tue, May 3

gniibe added a project to T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance: backport.
Tue, May 3, 11:22 AM · backport, Testing, FIPS, libgcrypt
werner added a project to T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime": backport.
Tue, May 3, 11:21 AM · backport, Testing, FIPS, libgcrypt, Bug Report
werner added a project to T5918: Disable RSA PKCS #1.5 encryption in FIPS mode: backport.
Tue, May 3, 11:17 AM · backport, Testing, libgcrypt, FIPS, Bug Report
gniibe moved T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance from Backlog to Next on the FIPS board.
Tue, May 3, 10:58 AM · backport, Testing, FIPS, libgcrypt
gniibe added a project to T5918: Disable RSA PKCS #1.5 encryption in FIPS mode: Testing.
Tue, May 3, 10:49 AM · backport, Testing, libgcrypt, FIPS, Bug Report
gniibe added a project to T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime": Testing.
Tue, May 3, 10:48 AM · backport, Testing, FIPS, libgcrypt, Bug Report
gniibe added a project to T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance: Testing.
Tue, May 3, 10:46 AM · backport, Testing, FIPS, libgcrypt

Mon, Apr 25

werner triaged T5946: Make gcry_mpi_cmp more robust for opaque mpis as Normal priority.
Mon, Apr 25, 3:10 PM · libgcrypt, Bug Report

Wed, Apr 20

neverpanic added a comment to T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime".

Feedback from the lab is that they'd recommend returning a specific error code that indicates that the prime search failed and then relying on the caller to decide whether to loop or bubble up the error. I'm not sure who we would consider to be the "caller" of the relevant generation function in this case, though.

Wed, Apr 20, 12:06 PM · backport, Testing, FIPS, libgcrypt, Bug Report
werner triaged T5918: Disable RSA PKCS #1.5 encryption in FIPS mode as High priority.
Wed, Apr 20, 8:45 AM · backport, Testing, libgcrypt, FIPS, Bug Report
werner triaged T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance as Normal priority.

Full ack.

Wed, Apr 20, 8:45 AM · backport, Testing, FIPS, libgcrypt
gniibe added a comment to T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance.

Here is my proposal patch:

diff --git a/random/random-drbg.c b/random/random-drbg.c
index 5a46fd92..f1cfe286 100644
--- a/random/random-drbg.c
+++ b/random/random-drbg.c
@@ -341,6 +341,9 @@ enum drbg_prefixes
  * Global variables
  ***************************************************************/
Wed, Apr 20, 2:39 AM · backport, Testing, FIPS, libgcrypt
gniibe created T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance.
Wed, Apr 20, 2:37 AM · backport, Testing, FIPS, libgcrypt

Tue, Apr 19

jukivili closed T5913: libgcrypt: bug fix for PPC bulk AES-GCM acceleratieration, missing HWF_PPC_ARCH_3_10 in HW feature as Resolved.
Tue, Apr 19, 5:59 PM · ppc, libgcrypt
gniibe moved T5918: Disable RSA PKCS #1.5 encryption in FIPS mode from Backlog to Next on the FIPS board.
Tue, Apr 19, 11:27 AM · backport, Testing, libgcrypt, FIPS, Bug Report
gniibe claimed T5918: Disable RSA PKCS #1.5 encryption in FIPS mode.
Tue, Apr 19, 11:27 AM · backport, Testing, libgcrypt, FIPS, Bug Report
gniibe moved T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime" from Backlog to Next on the FIPS board.
Tue, Apr 19, 11:07 AM · backport, Testing, FIPS, libgcrypt, Bug Report
gniibe claimed T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime".
Tue, Apr 19, 11:01 AM · backport, Testing, FIPS, libgcrypt, Bug Report