Projects libgcrypt

libgcryptProject
ActivePublic
Watch Project

Members (5)

sergi (Sergi Blanch Torne)
User
werner (Werner Koch)
Engineering
jukivili (Jussi Kivilinna)
User
lbandlav (Laxmi Narsaiah Bandla)
Engineering
gniibe (NIIBE Yutaka)
User
View All

Watchers (5)

Recent Activity
View All

Tue, Jun 17

• gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:30 AM · MacOS, libgcrypt, Bug Report

• gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime, a subtask of T7165: Release Libgcrypt 1.11.0, as Resolved.

Tue, Jun 17, 2:30 AM · Release Info, libgcrypt

• gniibe closed T7184: Libgcrypt v1.11.0 make fails at cipher/blake2.c:834:6 (has no member named 'use_avx512') as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:29 AM · libgcrypt, Bug Report

• gniibe closed T7277: libgcrypt: Adding Known Answer Tests for KEM as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:28 AM · PQC, libgcrypt

Fri, Jun 13

• gniibe added a comment to T7640: ML-DSA for libgcrypt.

Reading https://openssl-library.org/files/blog/Request_to_Extend_IETF_WGLC_for_PQ_Key_Specifications.pdf ,
seed (with "S") is included in the private-key.

Fri, Jun 13, 3:40 AM · PQC, libgcrypt

• gniibe added a comment to T7640: ML-DSA for libgcrypt.

The commit rC23543b6c1497: Add mldsa_compute_keygrip and let private-key include "p". works well for me.

Fri, Jun 13, 2:51 AM · PQC, libgcrypt

• gniibe added a comment to T7640: ML-DSA for libgcrypt.

To support Dilithium, we need to extend data handling of libgcrypt.
I propose following changes:

internal flag of PUBKEY_FLAG_BYTE_STRING to ask opaque MPI for data to be signed/verified.
The format of data as: (data(raw)[(flags no-prefix)](value ...)[(label ...)][(random-override ...)]): message, context, and random. Optional no-prefix flag to ask specific way of signing, controlling the internal, for Known Answer Tests (siggen).

Fri, Jun 13, 2:50 AM · PQC, libgcrypt

May 27 2025

• werner added a comment to T7166: Release Libgcrypt 1.11.1.

If you are experience problems with the test suite on NetBSD, please see T7634

May 27 2025, 4:07 PM · Release Info, libgcrypt

May 19 2025

• werner closed T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball as Resolved.

Problem noted in T7166

May 19 2025, 12:16 PM · riscv, libgcrypt, Bug Report

• werner added a comment to T7166: Release Libgcrypt 1.11.1.

Noet that one file is missing in the released tarball; when building for RISC-V please see T7647#201164

May 19 2025, 12:15 PM · Release Info, libgcrypt

• werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

Patch applied.

May 19 2025, 12:12 PM · riscv, libgcrypt, Bug Report

• gniibe added a comment to T7640: ML-DSA for libgcrypt.

Looking the FIPS 204 document, using the following functions (API) is good:

May 19 2025, 7:47 AM · PQC, libgcrypt

May 17 2025

collinfunk added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

I can confirm this. Here is the build error:

make[2]: Entering directory '/home/collinfunk/libgcrypt-1.11.1/cipher'
`echo /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I. -I..  -I../src -I../src -I../mpi -I../mpi  -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c | sed -e 's/-fsanitize[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fprofile[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fcoverage[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' `
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c  -fPIC -DPIC -o .libs/rijndael-vp-riscv.o
rijndael-vp-riscv.c:58:10: fatal error: simd-common-riscv.h: No such file or directory
   58 | #include "simd-common-riscv.h"
      |          ^~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[2]: *** [Makefile:1730: rijndael-vp-riscv.lo] Error 1

Patch here: https://lists.gnupg.org/pipermail/gcrypt-devel/2025-May/005854.html

May 17 2025, 6:13 AM · riscv, libgcrypt, Bug Report

May 15 2025

• werner added a comment to T7634: libgcrypt's test t-thread-local fails to link on some platforms..

Also pushed to 1.11

May 15 2025, 9:48 PM · NetBSD, libgcrypt, Bug Report

• gniibe closed T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, as Resolved.

May 15 2025, 1:51 AM · libgcrypt, Bug Report

May 13 2025

• gniibe closed T7486: libgcrypt: Remove WindowsCE support as Resolved.

May 13 2025, 3:05 AM · libgcrypt

May 11 2025

• gniibe closed T7490: libgcrypt: constant-time modular exponentiation, a subtask of T3264: Possible RSA improvement, as Resolved.

May 11 2025, 3:25 AM · libgcrypt

• gniibe closed T7490: libgcrypt: constant-time modular exponentiation as Resolved.

It's in 1.11.1.

May 11 2025, 3:25 AM · libgcrypt

• gniibe closed T7338: Revamp the FIPS service indicator as Resolved.

Included in 1.11.1.

May 11 2025, 3:24 AM · libgcrypt, FIPS, Feature Request

May 9 2025

• werner added a project to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball: riscv.

May 9 2025, 9:21 AM · riscv, libgcrypt, Bug Report

• werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

That is quite possible because we do not have a test system for RISC-V and the make release tarbegt is not abale to verify this.

May 9 2025, 9:21 AM · riscv, libgcrypt, Bug Report

May 8 2025

atsampson created T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

May 8 2025, 5:41 PM · riscv, libgcrypt, Bug Report

• werner updated the task description for T7165: Release Libgcrypt 1.11.0.

May 8 2025, 8:51 AM · Release Info, libgcrypt

• werner triaged T7643: Release Libgcrypt 1.12.0 as Normal priority.

May 8 2025, 8:49 AM · Release Info, libgcrypt

May 7 2025

• werner closed T7165: Release Libgcrypt 1.11.0 as Resolved.

May 7 2025, 6:01 PM · Release Info, libgcrypt

• werner updated the task description for T7166: Release Libgcrypt 1.11.1.

May 7 2025, 5:55 PM · Release Info, libgcrypt

• werner triaged T7642: Release Libgcrypt 1.11.2 as Low priority.

May 7 2025, 5:52 PM · Release Info, libgcrypt

• werner changed the status of T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. from Open to Testing.

May 7 2025, 2:48 PM · NetBSD, libgcrypt, Bug Report

• werner changed the status of T7634: libgcrypt's test t-thread-local fails to link on some platforms. from Open to Testing.

May 7 2025, 2:47 PM · NetBSD, libgcrypt, Bug Report

• gniibe triaged T7640: ML-DSA for libgcrypt as Wishlist priority.

May 7 2025, 7:43 AM · PQC, libgcrypt

• gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

In libgcrypt/cipher/ecc-ecdsa.c, we have:

mpi_mulm (s, k_1, sum, ec->n);    /* s = k^(-1)*(hash+(d*r)) mod n */

May 7 2025, 3:48 AM · libgcrypt, Bug Report

May 5 2025

• werner triaged T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. as High priority.

May 5 2025, 11:12 AM · NetBSD, libgcrypt, Bug Report

• werner triaged T7634: libgcrypt's test t-thread-local fails to link on some platforms. as High priority.

May 5 2025, 11:11 AM · NetBSD, libgcrypt, Bug Report

May 2 2025

• werner added a project to T7634: libgcrypt's test t-thread-local fails to link on some platforms.: NetBSD.

May 2 2025, 10:29 AM · NetBSD, libgcrypt, Bug Report

• werner added a project to T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion.: NetBSD.

May 2 2025, 10:29 AM · NetBSD, libgcrypt, Bug Report

collinfunk created T7634: libgcrypt's test t-thread-local fails to link on some platforms..

May 2 2025, 7:14 AM · NetBSD, libgcrypt, Bug Report

collinfunk created T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion..

May 2 2025, 7:02 AM · NetBSD, libgcrypt, Bug Report

Apr 30 2025

collinfunk added a comment to T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

I think you are correct.

Apr 30 2025, 6:05 AM · libgcrypt, Bug Report

Apr 23 2025

• gniibe changed the status of T7624: libksba: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.

Apr 23 2025, 3:21 AM · libgcrypt, Bug Report

• gniibe changed the status of T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.

Apr 23 2025, 3:17 AM · libgcrypt, Bug Report

• gniibe changed the status of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later from Open to Testing.

Apr 23 2025, 3:16 AM · libgcrypt, Bug Report

• gniibe changed the status of T7623: gpgscm: Fix fixed-size characters (for portability, specifically for GCC 15 or later), a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.

Apr 23 2025, 3:16 AM · libgcrypt, Bug Report

Apr 18 2025

• gniibe added a comment to T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

IIUC, it's GCC 8 which starts the support of __nonstring__ attribute.

Apr 18 2025, 4:26 AM · libgcrypt, Bug Report

• gniibe set External Link to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117178 on T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

Apr 18 2025, 4:25 AM · libgcrypt, Bug Report

• gniibe claimed T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

Apr 18 2025, 4:13 AM · libgcrypt, Bug Report

• gniibe created T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

Apr 18 2025, 4:12 AM · libgcrypt, Bug Report

Mar 31 2025

• gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

Pushed all changes to master.

Mar 31 2025, 6:27 AM · libgcrypt, Bug Report

Mar 21 2025

• gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

I applied some to master (generic improvement parts).

Mar 21 2025, 7:31 AM · libgcrypt, Bug Report

Mar 20 2025

• gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

I think that this may be the last update.
Don't use mpi_powm to avoid normalizing (and to be faster).

ec-no-normalize-2025-03-20.patch17 KBDownload

Mar 20 2025, 1:08 AM · libgcrypt, Bug Report

Mar 18 2025

• gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

Here is another update (replacing ecc-no-normalize-2025-03-13.patch).
Further, ec_addm is modified to be less leaky.

Mar 18 2025, 6:30 AM · libgcrypt, Bug Report