Tue, Jun 17
Done in 1.11.1.
Done in 1.11.1.
Done in 1.11.1.
Fri, Jun 13
Reading https://openssl-library.org/files/blog/Request_to_Extend_IETF_WGLC_for_PQ_Key_Specifications.pdf ,
seed (with "S") is included in the private-key.
The commit rC23543b6c1497: Add mldsa_compute_keygrip and let private-key include "p". works well for me.
To support Dilithium, we need to extend data handling of libgcrypt.
I propose following changes:
- internal flag of PUBKEY_FLAG_BYTE_STRING to ask opaque MPI for data to be signed/verified.
- The format of data as: (data(raw)[(flags no-prefix)](value ...)[(label ...)][(random-override ...)]): message, context, and random. Optional no-prefix flag to ask specific way of signing, controlling the internal, for Known Answer Tests (siggen).
May 27 2025
May 19 2025
Problem noted in T7166
Noet that one file is missing in the released tarball; when building for RISC-V please see T7647#201164
Patch applied.
Looking the FIPS 204 document, using the following functions (API) is good:
May 17 2025
I can confirm this. Here is the build error:
make[2]: Entering directory '/home/collinfunk/libgcrypt-1.11.1/cipher' `echo /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c | sed -e 's/-fsanitize[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fprofile[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fcoverage[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' ` libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c -fPIC -DPIC -o .libs/rijndael-vp-riscv.o rijndael-vp-riscv.c:58:10: fatal error: simd-common-riscv.h: No such file or directory 58 | #include "simd-common-riscv.h" | ^~~~~~~~~~~~~~~~~~~~~ compilation terminated. make[2]: *** [Makefile:1730: rijndael-vp-riscv.lo] Error 1
Patch here: https://lists.gnupg.org/pipermail/gcrypt-devel/2025-May/005854.html
May 15 2025
Also pushed to 1.11
May 13 2025
May 11 2025
It's in 1.11.1.
Included in 1.11.1.
May 9 2025
That is quite possible because we do not have a test system for RISC-V and the make release tarbegt is not abale to verify this.
May 8 2025
May 7 2025
In libgcrypt/cipher/ecc-ecdsa.c, we have:
mpi_mulm (s, k_1, sum, ec->n); /* s = k^(-1)*(hash+(d*r)) mod n */
May 5 2025
May 2 2025
Apr 30 2025
I think you are correct.
Apr 23 2025
Apr 18 2025
IIUC, it's GCC 8 which starts the support of __nonstring__ attribute.
Mar 31 2025
Pushed all changes to master.
Mar 21 2025
I applied some to master (generic improvement parts).
Mar 20 2025
I think that this may be the last update.
Don't use mpi_powm to avoid normalizing (and to be faster).
Mar 18 2025
Here is another update (replacing ecc-no-normalize-2025-03-13.patch).
Further, ec_addm is modified to be less leaky.