Page MenuHome GnuPG

libgcryptProject
ActivePublic

Recent Activity

Tue, Jan 24

werner closed T6283: could the newer jq255 Elliptic Curve be interesting to implement? as Wontfix.

Well, I do not yet see a use case for this. The current rush towards PQC makes it unlikely that newer curves will get in widespread use. Iff we have a large application which requires this curves, we can reconsider,

Tue, Jan 24, 9:53 AM · libgcrypt, Feature Request

Thu, Jan 19

werner removed a project from T5556: Use of offsetof is better for allocation of flexible array: gnupg (gpg23).
Thu, Jan 19, 4:49 PM · gnupg24, gpgme, libgcrypt
werner removed a project from T5964: gnupg should use the KDFs implemented in libgcrypt: gnupg (gpg23).
Thu, Jan 19, 4:47 PM · gnupg24, FIPS, libgcrypt, Feature Request
werner closed T6349: need to add the judgment of invalid handles in _gcry_md_ctl? as Wontfix.

Sorry, but we can't check all parameters. Why only check that one and not the others or invalid values for ctx. You may do such checks in an interactive environment but not for a general library.

Thu, Jan 19, 9:27 AM · libgcrypt

Wed, Jan 18

zhengxiaoxiaoGithub added a comment to T6349: need to add the judgment of invalid handles in _gcry_md_ctl?.

Wed, Jan 18, 11:10 AM · libgcrypt
zhengxiaoxiaoGithub created T6349: need to add the judgment of invalid handles in _gcry_md_ctl?.
Wed, Jan 18, 11:09 AM · libgcrypt

Sun, Jan 8

werner added a comment to T5818: Release Libgcrypt 1.8.10.

See T6340 in case of build problems.

Sun, Jan 8, 2:02 PM · Release Info, libgcrypt

Thu, Jan 5

werner closed T5818: Release Libgcrypt 1.8.10 as Resolved.
Thu, Jan 5, 5:05 PM · Release Info, libgcrypt
werner triaged T6335: Release Libgcrypt 1.8.11 as Low priority.
Thu, Jan 5, 4:54 PM · libgcrypt, Release Info

Dec 16 2022

werner removed a project from T6311: A core dump occurs in the _gcry_mpi_normalize function: Bug Report.
Dec 16 2022, 9:23 AM · libgcrypt
werner closed T6311: A core dump occurs in the _gcry_mpi_normalize function as Resolved.
Dec 16 2022, 9:23 AM · libgcrypt
zhengxiaoxiaoGithub added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

Thank you for your reply! I'll modify my testcase

Dec 16 2022, 7:55 AM · libgcrypt
gniibe added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

I figured out the situation.

Dec 16 2022, 4:18 AM · libgcrypt
gniibe added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

Ah, I found that we have very bad example use case in tests/t-mpi-point.c. This should be fixed at first.

Dec 16 2022, 3:52 AM · libgcrypt
gniibe added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.
Dec 16 2022, 3:09 AM · libgcrypt
gniibe claimed T6311: A core dump occurs in the _gcry_mpi_normalize function.

Thank you for your report. IIUC, it is called unexpected way, like invalid/wrong KEYPARMS. Possibly, KEYPARMS == NULL, or something like that.

Dec 16 2022, 2:56 AM · libgcrypt

Dec 15 2022

zhengxiaoxiaoGithub added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

When I look at the stack information, I find that because E->p is not assigned in the function mpi_ec_get_elliptic_curve(), this produces a null pointer,but it didn't get to the branch : if (errc) goto leave;

Dec 15 2022, 10:21 AM · libgcrypt
werner added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

If you pass NULL to that function, the calling code is wrong. No need for an explicit check in nomralize - check should be done in the public API (if at all).

Dec 15 2022, 9:46 AM · libgcrypt
zhengxiaoxiaoGithub added a comment to T6311: A core dump occurs in the _gcry_mpi_normalize function.

I tried to fix the segmentation fault, so I added a null pointer check at the end to protect it.

Dec 15 2022, 8:46 AM · libgcrypt

Dec 14 2022

zhengxiaoxiaoGithub created T6311: A core dump occurs in the _gcry_mpi_normalize function.
Dec 14 2022, 2:11 PM · libgcrypt

Dec 12 2022

gniibe changed the status of T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure from Open to Testing.
Dec 12 2022, 9:29 AM · MacOS, libgcrypt, gpgrt

Nov 29 2022

pmgdeb added a comment to T6291: FIPS: dirmngr CRL hash uses MD5.

Sure, but this will need adaption in FIPS mode as it fails with:

Nov 29 2022, 2:55 PM · libgcrypt, gnupg (gpg23), Bug Report
pmgdeb added a comment to T6291: FIPS: dirmngr CRL hash uses MD5.

Patch using SHA1 instead of MD5.

Nov 29 2022, 2:50 PM · libgcrypt, gnupg (gpg23), Bug Report
werner closed T6291: FIPS: dirmngr CRL hash uses MD5 as Wontfix.

There are other uses of MD5 and thus we can't disable it. For example gpgsm also lists the MD5 fingerprint of certificates because they are still in use at some places.

Nov 29 2022, 2:50 PM · libgcrypt, gnupg (gpg23), Bug Report
pmgdeb created T6291: FIPS: dirmngr CRL hash uses MD5.
Nov 29 2022, 2:13 PM · libgcrypt, gnupg (gpg23), Bug Report
ikloecker added a comment to T6271: The old FSF address in libgcrypt source code.

Well, the modern way, recommended by the FSFE, for license notices in source files is SPDX instead of verbose license notices. https://reuse.software/

Nov 29 2022, 9:09 AM · Documentation, libgcrypt, Bug Report
gniibe added a comment to T6271: The old FSF address in libgcrypt source code.

Modern way for license notice seems use of URL: https://www.gnu.org/prep/maintain/maintain.html#License-Notices-for-Code
https://www.gnu.org/licenses/gpl-howto.html

Nov 29 2022, 2:46 AM · Documentation, libgcrypt, Bug Report

Nov 22 2022

werner added projects to T6283: could the newer jq255 Elliptic Curve be interesting to implement?: Feature Request, libgcrypt.
Nov 22 2022, 1:18 PM · libgcrypt, Feature Request
sergi added a member for libgcrypt: sergi.
Nov 22 2022, 11:57 AM

Nov 18 2022

gniibe moved T6127: FIPS 140-3 final review comments from Next to Ready for release on the FIPS board.
Nov 18 2022, 2:07 AM · FIPS, libgcrypt, Bug Report
gniibe reopened T5512: Implement service indicators as "Testing".

I put rCc34c9e70055e: fips: Mark AES key wrapping as approved. under this task, so that it can be referred in the release note.

Nov 18 2022, 2:06 AM · Feature Request, FIPS, libgcrypt
gniibe added a comment to T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF.

Let me describe the changes recorded in this task.

Nov 18 2022, 2:02 AM · backport, libgcrypt, FIPS

Nov 10 2022

werner triaged T6271: The old FSF address in libgcrypt source code as Low priority.

Thanks. There should also be SPDX indentifiers everywhere.

Nov 10 2022, 12:25 PM · Documentation, libgcrypt, Bug Report
Jakuje created T6271: The old FSF address in libgcrypt source code.
Nov 10 2022, 11:57 AM · Documentation, libgcrypt, Bug Report

Nov 7 2022

gniibe changed the status of T6217: sha3: wrong results for large inputs from Open to Testing.
Nov 7 2022, 7:14 AM · libgcrypt, FIPS, Bug Report

Nov 2 2022

gniibe moved T5964: gnupg should use the KDFs implemented in libgcrypt from Next to Ready for release on the FIPS board.
Nov 2 2022, 9:36 AM · gnupg24, FIPS, libgcrypt, Feature Request
gniibe moved T6217: sha3: wrong results for large inputs from Next to Ready for release on the FIPS board.
Nov 2 2022, 9:36 AM · libgcrypt, FIPS, Bug Report
gniibe moved T6217: sha3: wrong results for large inputs from Backlog to Next on the FIPS board.
Nov 2 2022, 9:36 AM · libgcrypt, FIPS, Bug Report

Oct 28 2022

jukivili updated the task description for T4460: libgcrypt performance TODOs.
Oct 28 2022, 6:29 PM · libgcrypt
jukivili added a comment to T4485: Add AEAD mode AES-GCM-SIV to libgcrypt (RFC 8452).

Yep. Closed now.

Oct 28 2022, 5:10 PM · Feature Request, libgcrypt
jukivili closed T4485: Add AEAD mode AES-GCM-SIV to libgcrypt (RFC 8452), a subtask of T4486: Add AEAD mode AES-SIV to libgcrypt (RFC 5297), as Resolved.
Oct 28 2022, 5:10 PM · Feature Request, libgcrypt
jukivili closed T4485: Add AEAD mode AES-GCM-SIV to libgcrypt (RFC 8452) as Resolved.
Oct 28 2022, 5:10 PM · Feature Request, libgcrypt
werner added a comment to T4485: Add AEAD mode AES-GCM-SIV to libgcrypt (RFC 8452).

@jukivili: This has been released with 1.10.0 - shall we close this bug?

Oct 28 2022, 3:42 PM · Feature Request, libgcrypt

Oct 27 2022

jukivili closed T6242: libgcrypt: optimize ECB? (as it may be used to estimate library crypto performance) as Resolved.
Oct 27 2022, 5:07 AM · libgcrypt, Feature Request

Oct 24 2022

werner triaged T6242: libgcrypt: optimize ECB? (as it may be used to estimate library crypto performance) as Low priority.

Go ahead if you want to do that.

Oct 24 2022, 7:19 AM · libgcrypt, Feature Request
debohman added a comment to T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure.

Thank you. I am glad that it is already resolved.

Oct 24 2022, 6:40 AM · MacOS, libgcrypt, gpgrt
gniibe triaged T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure as Normal priority.
Oct 24 2022, 6:37 AM · MacOS, libgcrypt, gpgrt
gniibe added a comment to T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure.

Will this be in the next release of libgcrypt?

Oct 24 2022, 6:17 AM · MacOS, libgcrypt, gpgrt
debohman added a comment to T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure.

Okay. So, I removed gpg-error-config, updated libgcrypt/m4/gpg-error.m4, and then rebuilt configure. And, gcrypt configures and builds.

Oct 24 2022, 5:33 AM · MacOS, libgcrypt, gpgrt
gniibe added a comment to T6257: Without gpg-error-config installed (libgpg-error-1.46) libgcrypt-1.10.1 does not configure.

Thank you for the information.

Oct 24 2022, 5:06 AM · MacOS, libgcrypt, gpgrt