Page MenuHome GnuPG

libgcryptProject
ActivePublic

Recent Activity

Tue, Jun 17

gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:30 AM · MacOS, libgcrypt, Bug Report
gniibe closed T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime, a subtask of T7165: Release Libgcrypt 1.11.0, as Resolved.
Tue, Jun 17, 2:30 AM · Release Info, libgcrypt
gniibe closed T7184: Libgcrypt v1.11.0 make fails at cipher/blake2.c:834:6 (has no member named 'use_avx512') as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:29 AM · libgcrypt, Bug Report
gniibe closed T7277: libgcrypt: Adding Known Answer Tests for KEM as Resolved.

Done in 1.11.1.

Tue, Jun 17, 2:28 AM · PQC, libgcrypt

Fri, Jun 13

gniibe added a comment to T7640: ML-DSA for libgcrypt.

Reading https://openssl-library.org/files/blog/Request_to_Extend_IETF_WGLC_for_PQ_Key_Specifications.pdf ,
seed (with "S") is included in the private-key.

Fri, Jun 13, 3:40 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

The commit rC23543b6c1497: Add mldsa_compute_keygrip and let private-key include "p". works well for me.

Fri, Jun 13, 2:51 AM · PQC, libgcrypt
gniibe added a comment to T7640: ML-DSA for libgcrypt.

To support Dilithium, we need to extend data handling of libgcrypt.
I propose following changes:

  • internal flag of PUBKEY_FLAG_BYTE_STRING to ask opaque MPI for data to be signed/verified.
  • The format of data as: (data(raw)[(flags no-prefix)](value ...)[(label ...)][(random-override ...)]): message, context, and random. Optional no-prefix flag to ask specific way of signing, controlling the internal, for Known Answer Tests (siggen).
Fri, Jun 13, 2:50 AM · PQC, libgcrypt

May 27 2025

werner added a comment to T7166: Release Libgcrypt 1.11.1.

If you are experience problems with the test suite on NetBSD, please see T7634

May 27 2025, 4:07 PM · Release Info, libgcrypt

May 19 2025

werner closed T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball as Resolved.

Problem noted in T7166

May 19 2025, 12:16 PM · riscv, libgcrypt, Bug Report
werner added a comment to T7166: Release Libgcrypt 1.11.1.

Noet that one file is missing in the released tarball; when building for RISC-V please see T7647#201164

May 19 2025, 12:15 PM · Release Info, libgcrypt
werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

Patch applied.

May 19 2025, 12:12 PM · riscv, libgcrypt, Bug Report
gniibe added a comment to T7640: ML-DSA for libgcrypt.

Looking the FIPS 204 document, using the following functions (API) is good:

May 19 2025, 7:47 AM · PQC, libgcrypt

May 17 2025

collinfunk added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

I can confirm this. Here is the build error:

make[2]: Entering directory '/home/collinfunk/libgcrypt-1.11.1/cipher'
`echo /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I. -I..  -I../src -I../src -I../mpi -I../mpi  -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c | sed -e 's/-fsanitize[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fprofile[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fcoverage[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' `
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c  -fPIC -DPIC -o .libs/rijndael-vp-riscv.o
rijndael-vp-riscv.c:58:10: fatal error: simd-common-riscv.h: No such file or directory
   58 | #include "simd-common-riscv.h"
      |          ^~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[2]: *** [Makefile:1730: rijndael-vp-riscv.lo] Error 1

Patch here: https://lists.gnupg.org/pipermail/gcrypt-devel/2025-May/005854.html

May 17 2025, 6:13 AM · riscv, libgcrypt, Bug Report

May 15 2025

werner added a comment to T7634: libgcrypt's test t-thread-local fails to link on some platforms..

Also pushed to 1.11

May 15 2025, 9:48 PM · NetBSD, libgcrypt, Bug Report
gniibe closed T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, as Resolved.
May 15 2025, 1:51 AM · libgcrypt, Bug Report

May 13 2025

gniibe closed T7486: libgcrypt: Remove WindowsCE support as Resolved.
May 13 2025, 3:05 AM · libgcrypt

May 11 2025

gniibe closed T7490: libgcrypt: constant-time modular exponentiation, a subtask of T3264: Possible RSA improvement, as Resolved.
May 11 2025, 3:25 AM · libgcrypt
gniibe closed T7490: libgcrypt: constant-time modular exponentiation as Resolved.

It's in 1.11.1.

May 11 2025, 3:25 AM · libgcrypt
gniibe closed T7338: Revamp the FIPS service indicator as Resolved.

Included in 1.11.1.

May 11 2025, 3:24 AM · libgcrypt, FIPS, Feature Request

May 9 2025

werner added a project to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball: riscv.
May 9 2025, 9:21 AM · riscv, libgcrypt, Bug Report
werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.

That is quite possible because we do not have a test system for RISC-V and the make release tarbegt is not abale to verify this.

May 9 2025, 9:21 AM · riscv, libgcrypt, Bug Report

May 8 2025

atsampson created T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.
May 8 2025, 5:41 PM · riscv, libgcrypt, Bug Report
werner updated the task description for T7165: Release Libgcrypt 1.11.0.
May 8 2025, 8:51 AM · Release Info, libgcrypt
werner triaged T7643: Release Libgcrypt 1.12.0 as Normal priority.
May 8 2025, 8:49 AM · Release Info, libgcrypt

May 7 2025

werner closed T7165: Release Libgcrypt 1.11.0 as Resolved.
May 7 2025, 6:01 PM · Release Info, libgcrypt
werner updated the task description for T7166: Release Libgcrypt 1.11.1.
May 7 2025, 5:55 PM · Release Info, libgcrypt
werner triaged T7642: Release Libgcrypt 1.11.2 as Low priority.
May 7 2025, 5:52 PM · Release Info, libgcrypt
werner changed the status of T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. from Open to Testing.
May 7 2025, 2:48 PM · NetBSD, libgcrypt, Bug Report
werner changed the status of T7634: libgcrypt's test t-thread-local fails to link on some platforms. from Open to Testing.
May 7 2025, 2:47 PM · NetBSD, libgcrypt, Bug Report
gniibe triaged T7640: ML-DSA for libgcrypt as Wishlist priority.
May 7 2025, 7:43 AM · PQC, libgcrypt
gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

In libgcrypt/cipher/ecc-ecdsa.c, we have:

mpi_mulm (s, k_1, sum, ec->n);    /* s = k^(-1)*(hash+(d*r)) mod n */
May 7 2025, 3:48 AM · libgcrypt, Bug Report

May 5 2025

werner triaged T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion. as High priority.
May 5 2025, 11:12 AM · NetBSD, libgcrypt, Bug Report
werner triaged T7634: libgcrypt's test t-thread-local fails to link on some platforms. as High priority.
May 5 2025, 11:11 AM · NetBSD, libgcrypt, Bug Report

May 2 2025

werner added a project to T7634: libgcrypt's test t-thread-local fails to link on some platforms.: NetBSD.
May 2 2025, 10:29 AM · NetBSD, libgcrypt, Bug Report
werner added a project to T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion.: NetBSD.
May 2 2025, 10:29 AM · NetBSD, libgcrypt, Bug Report
collinfunk created T7634: libgcrypt's test t-thread-local fails to link on some platforms..
May 2 2025, 7:14 AM · NetBSD, libgcrypt, Bug Report
collinfunk created T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion..
May 2 2025, 7:02 AM · NetBSD, libgcrypt, Bug Report

Apr 30 2025

collinfunk added a comment to T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

I think you are correct.

Apr 30 2025, 6:05 AM · libgcrypt, Bug Report

Apr 23 2025

gniibe changed the status of T7624: libksba: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.
Apr 23 2025, 3:21 AM · libgcrypt, Bug Report
gniibe changed the status of T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.
Apr 23 2025, 3:17 AM · libgcrypt, Bug Report
gniibe changed the status of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later from Open to Testing.
Apr 23 2025, 3:16 AM · libgcrypt, Bug Report
gniibe changed the status of T7623: gpgscm: Fix fixed-size characters (for portability, specifically for GCC 15 or later), a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, from Open to Testing.
Apr 23 2025, 3:16 AM · libgcrypt, Bug Report

Apr 18 2025

gniibe added a comment to T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.

IIUC, it's GCC 8 which starts the support of __nonstring__ attribute.

Apr 18 2025, 4:26 AM · libgcrypt, Bug Report
gniibe set External Link to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117178 on T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.
Apr 18 2025, 4:25 AM · libgcrypt, Bug Report
gniibe claimed T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.
Apr 18 2025, 4:13 AM · libgcrypt, Bug Report
gniibe created T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later.
Apr 18 2025, 4:12 AM · libgcrypt, Bug Report

Mar 31 2025

gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

Pushed all changes to master.

Mar 31 2025, 6:27 AM · libgcrypt, Bug Report

Mar 21 2025

gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

I applied some to master (generic improvement parts).

Mar 21 2025, 7:31 AM · libgcrypt, Bug Report

Mar 20 2025

gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

I think that this may be the last update.
Don't use mpi_powm to avoid normalizing (and to be faster).

Mar 20 2025, 1:08 AM · libgcrypt, Bug Report

Mar 18 2025

gniibe added a comment to T7519: libgcrypt: (EC)DSA signature generation should be constant-time.

Here is another update (replacing ecc-no-normalize-2025-03-13.patch).
Further, ec_addm is modified to be less leaky.

Mar 18 2025, 6:30 AM · libgcrypt, Bug Report