From linux at paip.net Sun Aug 19 22:13:47 2007 From: linux at paip.net (Ian Goldberg) Date: Sun, 19 Aug 2007 16:13:47 -0400 Subject: libgcrypt win32 licensing Message-ID: <20070819201347.GI15409@yoink.cs.uwaterloo.ca> The last time I checked, building libgcrypt for Win32 changed the licence from LGPL to GPL because of Peter Gutmann's entropy-gathering code. [Is this still the case?] I talked to Peter at Usenix Security, and he's happy to make an LGPL alternate licence for that code. Would someone like to work out the details? Being able to build an LGPL Win32 libgcrypt library would be pretty useful, I think. Thanks, - Ian From wk at gnupg.org Mon Aug 20 11:01:50 2007 From: wk at gnupg.org (Werner Koch) Date: Mon, 20 Aug 2007 11:01:50 +0200 Subject: libgcrypt win32 licensing In-Reply-To: <20070819201347.GI15409@yoink.cs.uwaterloo.ca> (Ian Goldberg's message of "Sun, 19 Aug 2007 16:13:47 -0400") References: <20070819201347.GI15409@yoink.cs.uwaterloo.ca> Message-ID: <87wsvq60ld.fsf@wheatstone.g10code.de> On Sun, 19 Aug 2007 22:13, linux at paip.net said: > I talked to Peter at Usenix Security, and he's happy to make an LGPL > alternate licence for that code. Okay, I talk to Peter. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahmen regelt ein Bundeschgesetz. From johnsteam at gmx.net Mon Aug 20 15:45:07 2007 From: johnsteam at gmx.net (JohnSteam) Date: Mon, 20 Aug 2007 15:45:07 +0200 Subject: newbie question ( RSA with ac ) Message-ID: <1187617507.25713.6.camel@stronghold> Hello everybody, i want to encrypt / decrypt a string with the ac interface i tried this to encrypt: g_err = gcry_ac_open( &handle, GCRY_AC_RSA, 0); assert( !g_err ); g_err = gcry_mpi_scan( &plain, GCRYMPI_FMT_USG, plain_b, strlen( plain_b ), NULL ); assert( !g_err ); g_err = gcry_ac_data_encrypt( handle, 0, key, plain, &encrypted ); assert( !g_err ); g_err = gcry_ac_data_get_index( encrypted, 0, 0, NULL, &tmp_mpi ); assert( !g_err ); g_err = gcry_mpi_aprint( GCRYMPI_FMT_HEX, &buffer, &len, tmp_mpi ); assert( !g_err ); decrypt: g_err = gcry_ac_open( &handle, GCRY_AC_RSA, 0); assert( !g_err ); g_err = gcry_mpi_scan( &enc_mpi, GCRYMPI_FMT_USG, enc_b, strlen( enc_b ), NULL ); assert( !g_err ); g_err = gcry_ac_data_new( &enc ); assert( !g_err ); g_err = gcry_ac_data_set( enc, GCRY_AC_FLAG_COPY, "a", enc_mpi ); assert( !g_err ); g_err = gcry_ac_data_decrypt( handle, 0, key, &decrypted, enc ); assert( !g_err ); g_err = gcry_mpi_aprint( GCRYMPI_FMT_HEX, &buffer, &len, decrypted ); assert( !g_err ); but the decryption result does not match my string.... can you please tell me what i've done wrong? From simon at josefsson.org Tue Aug 21 13:14:43 2007 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 21 Aug 2007 13:14:43 +0200 Subject: Building libgpg-error/libgcrypt/libtasn1/gnutls/gsasl without autoconf on uClinux Message-ID: <87sl6dyw9o.fsf@mocca.josefsson.org> Hi all, Sometimes it can be useful to build things without the autoconf ./configure machinery, and just use a simple and hand-maintained makefile and config.h. This is needed to build things in older uClinux environments. I wrote some instructions on how to achieve this, see: http://josefsson.org/uclinux/old/ The makefile/config.h aren't specific to uClinux, so if you for some reason need to build these projects in some other environment, without autoconf, the files may be useful. Note that instructions for how to get these projects to work under a modern uClinux (which supports the autoconf-machinery) is still available, and is the preferred way to build under uClinux, see: http://josefsson.org/uclinux/ Thanks, Simon From wk at gnupg.org Wed Aug 22 12:04:03 2007 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Aug 2007 12:04:03 +0200 Subject: Building libgpg-error/libgcrypt/libtasn1/gnutls/gsasl without autoconf on uClinux In-Reply-To: <87sl6dyw9o.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Tue, 21 Aug 2007 13:14:43 +0200") References: <87sl6dyw9o.fsf@mocca.josefsson.org> Message-ID: <87y7g351ik.fsf@wheatstone.g10code.de> On Tue, 21 Aug 2007 13:14, simon at josefsson.org said: > Sometimes it can be useful to build things without the autoconf > ./configure machinery, and just use a simple and hand-maintained > makefile and config.h. This is needed to build things in older uClinux > environments. Is this due to libtool? Back in 2003 I was able to build gpg on uCLinux for Coldfire; the configure invocation is still available in autogen.sh. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahmen regelt ein Bundeschgesetz. From simon at josefsson.org Wed Aug 22 12:21:04 2007 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 22 Aug 2007 12:21:04 +0200 Subject: Building libgpg-error/libgcrypt/libtasn1/gnutls/gsasl without autoconf on uClinux In-Reply-To: <87y7g351ik.fsf@wheatstone.g10code.de> (Werner Koch's message of "Wed, 22 Aug 2007 12:04:03 +0200") References: <87sl6dyw9o.fsf@mocca.josefsson.org> <87y7g351ik.fsf@wheatstone.g10code.de> Message-ID: <87sl6brhtb.fsf@mocca.josefsson.org> Werner Koch writes: > On Tue, 21 Aug 2007 13:14, simon at josefsson.org said: > >> Sometimes it can be useful to build things without the autoconf >> ./configure machinery, and just use a simple and hand-maintained >> makefile and config.h. This is needed to build things in older uClinux >> environments. > > Is this due to libtool? Back in 2003 I was able to build gpg on uCLinux > for Coldfire; the configure invocation is still available in autogen.sh. I didn't even get to libtool, I couldn't get the m68k gcc compiler from 2003 to work in ./configure -- it didn't use a.out as the default output name, it didn't link to the proper libc by default, and there were many more problems. All those problems have been solved in modern versions of the toolchain and uClinux. All our packages build fine using a simple ./configure approach. The only reason for anyone to want to look at this work if they are using very broken toolchains that can never be supported by proper ./configure usage. Unfortunately, that situation seems to happen often enough for me that it became useful to try and publish something re-usable. /Simon From simon at josefsson.org Wed Aug 22 12:09:52 2007 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 22 Aug 2007 12:09:52 +0200 Subject: Stable release of gcrypt 1.3.x? In-Reply-To: (svn author wk's message of "Wed, 22 Aug 2007 11:11:37 +0200") References: Message-ID: <87wsvnribz.fsf@mocca.josefsson.org> cvs at cvs.gnupg.org (svn author wk) writes: > + Hi, > + > + >As of now libgcrypt is GPL under Windows due to that module and some people > + >would really like to see it under LGPL too. Can you do such a license change > + >to LGPL version 2? Note that LGPL give the user the option to relicense it > + >under GPL, so the change would be pretty easy and backwar compatible. > + > + Sure. I assumed that since GPG was GPLd, you'd prefer the GPL for the entropy > + code as well, but Ian asked for LGPL as an option so as of the next release > + I'll have LGPL in there. You can consider it to be retroactive, so your > + current version will be LGPLd as well. > + > + Peter. > + *========== > */ Neat! The 1.3.x branch have some nice properties that 1.2.x doesn't have, for example, it works without patches on mingw32, is completely LGPL, gcrypt.h includes stdlib.h, and maybe some things I forgot. What remains until it will be declared as stable? Alternatively, if it is faster, would you consider releasing a 1.2.5 with this stuffed back-ported? I could propose a patch if it would help. /Simon From wk at gnupg.org Wed Aug 22 13:03:03 2007 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Aug 2007 13:03:03 +0200 Subject: Stable release of gcrypt 1.3.x? In-Reply-To: <87wsvnribz.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Wed, 22 Aug 2007 12:09:52 +0200") References: <87wsvnribz.fsf@mocca.josefsson.org> Message-ID: <87hcmr4ys8.fsf@wheatstone.g10code.de> On Wed, 22 Aug 2007 12:09, simon at josefsson.org said: > Neat! The 1.3.x branch have some nice properties that 1.2.x doesn't > have, for example, it works without patches on mingw32, is completely > LGPL, gcrypt.h includes stdlib.h, and maybe some things I forgot. What > remains until it will be declared as stable? I am currently running tests on Vista. After this has been fixed 1.3.1 will be released and if that works out we can declare that versiion as stable. > Alternatively, if it is faster, would you consider releasing a 1.2.5 > with this stuffed back-ported? I could propose a patch if it would help. I'd like to go ahead with 1.3 asap. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahmen regelt ein Bundeschgesetz. From simon at josefsson.org Wed Aug 22 13:23:35 2007 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 22 Aug 2007 13:23:35 +0200 Subject: Stable release of gcrypt 1.3.x? In-Reply-To: <87hcmr4ys8.fsf@wheatstone.g10code.de> (Werner Koch's message of "Wed, 22 Aug 2007 13:03:03 +0200") References: <87wsvnribz.fsf@mocca.josefsson.org> <87hcmr4ys8.fsf@wheatstone.g10code.de> Message-ID: <87r6lvq0co.fsf@mocca.josefsson.org> Werner Koch writes: > On Wed, 22 Aug 2007 12:09, simon at josefsson.org said: > >> Neat! The 1.3.x branch have some nice properties that 1.2.x doesn't >> have, for example, it works without patches on mingw32, is completely >> LGPL, gcrypt.h includes stdlib.h, and maybe some things I forgot. What >> remains until it will be declared as stable? > > I am currently running tests on Vista. After this has been fixed 1.3.1 > will be released and if that works out we can declare that versiion as > stable. > >> Alternatively, if it is faster, would you consider releasing a 1.2.5 >> with this stuffed back-ported? I could propose a patch if it would help. > > I'd like to go ahead with 1.3 asap. Excellent, thanks. The GnuTLS4Win 2.0 release (on September 1th) will likely use libgcrypt 1.3.0 (or 1.3.1) then. /Simon From moritz at g10code.com Mon Aug 27 02:37:21 2007 From: moritz at g10code.com (Moritz Schulte) Date: Mon, 27 Aug 2007 02:37:21 +0200 Subject: newbie question ( RSA with ac ) In-Reply-To: <1187617507.25713.6.camel@stronghold> References: <1187617507.25713.6.camel@stronghold> Message-ID: <780.1188175041@localhost.localdomain> > but the decryption result does not match my string.... You probably confuse MPI formats. Your encryption function expects an USG MPI as input returns a HEX MPI. Your decryption function expects, again, an USG MPI as inpurt and returns a HEX MPI. Note that USG format means: raw unsigned integers contained in memory. This has nothing to do with c-strings (char *). HEX format on the other side means: MPIs encoded as hexadecimal characters in a c-strings (as in "123456789ABCDEF"). After modyfing your program to expect HEX MPIs as input in both places, it simply works here. I send it to off-list. moritz -- http://fuglos.org/mo/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 199 bytes Desc: not available Url : /pipermail/attachments/20070827/e61d0181/attachment-0001.pgp