From jesus.diaz.vico at gmail.com Fri Aug 13 02:19:05 2010 From: jesus.diaz.vico at gmail.com (=?ISO-8859-1?Q?Jes=FAs_D=EDaz_Vico?=) Date: Fri, 13 Aug 2010 02:19:05 +0200 Subject: errno = 2 after gcry_cipher_open Message-ID: <4C648F79.7020702@gmail.com> Hello everybody, I'm new to libgcrypt. I'm trying to cipher some data with ARCFOUR, but, just after calling gcry_cipher_open I get errno = 2. The weird thing is that gcry_cipher_open returns no error (i.e., gcry_error_t == GPG_ERR_NO_ERROR). I'm getting mad trying to find where the problem is. The way I'm calling gcry_cipher is: gcry_cipher_open(&chd, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, GCRY_CIPHER_SECURE); Where chd is a local variable, declared as gcry_cipher_hd_t, within the function which calls gcry_cipher_open. I've also tried without GCRY_CIPHER_SECURE. I've compared my code to the check_one_cipher fucntion that tests the algorithms and everything seems the same. Also, I did not had any problem during libgcrypt installation (make check did pass every test). Could anybody please give me any hint? Thank you. From t66667 at gmail.com Fri Aug 13 04:45:24 2010 From: t66667 at gmail.com (t66667 at gmail.com) Date: Fri, 13 Aug 2010 12:45:24 +1000 Subject: segfault on x86_64-*-* amd64 mpi asm code Message-ID: <4C64B1C4.8030009@gmail.com> Hello: The segfault produced on Windows 7 x64 with 64 bits binary. The asm code of mpi runtime crash on amd64. http://pastebin.mozilla.org/766847 (gdb) disass Dump of assembler code for function gcry_mpih_mul_1: 0x000000000729700f <+0>: mov %rdx,%r11 0x0000000007297012 <+3>: lea (%rsi,%rdx,8),%rsi 0x0000000007297016 <+7>: lea (%rdi,%rdx,8),%rdi 0x000000000729701a <+11>: neg %r11 0x000000000729701d <+14>: xor %r8d,%r8d 0x0000000007297020 <+17>: mov (%rsi,%r11,8),%rax 0x0000000007297024 <+21>: mul %rcx 0x0000000007297027 <+24>: add %r8,%rax 0x000000000729702a <+27>: mov $0x0,%r8d 0x0000000007297030 <+33>: adc %rdx,%r8 => 0x0000000007297033 <+36>: mov %rax,(%rdi,%r11,8) 0x0000000007297037 <+40>: inc %r11 0x000000000729703a <+43>: jne 0x7297020 0x000000000729703c <+45>: mov %r8,%rax 0x000000000729703f <+48>: retq End of assembler dump. Compiler used x86_64-w64-mingw32-gcc 4.5 branch. However I can --disable-asm for amd64 to avoid crash on runtime. If anyone know any possible solution for this please reply. Thanks. From wk at gnupg.org Fri Aug 13 09:37:56 2010 From: wk at gnupg.org (Werner Koch) Date: Fri, 13 Aug 2010 09:37:56 +0200 Subject: errno = 2 after gcry_cipher_open In-Reply-To: <4C648F79.7020702@gmail.com> (=?utf-8?B?Ikplc8O6cyBEw61heg==?= Vico"'s message of "Fri, 13 Aug 2010 02:19:05 +0200") References: <4C648F79.7020702@gmail.com> Message-ID: <87zkwrufmz.fsf@vigenere.g10code.de> On Fri, 13 Aug 2010 02:19, jesus.diaz.vico at gmail.com said: > I'm new to libgcrypt. I'm trying to cipher some data with ARCFOUR, but, just after calling gcry_cipher_open I get errno = 2. The weird thing is that gcry_cipher_open returns ERRNO is not part of libgcrypts API. Instead libgcrypt returns gpg-error style errocodes directly. In general you may only check errno after calling a function which is specified to set errno. The value returned by ERRNO in your case may come for some internal operation of libgcrypt. To get a description of the error returned by the libgcrypt API you use for example code like: gpg_error_t err; err = gcry_cipher_open (...); fprintf (stderr, "error code from libgcrypt: %s\n", gpg_strerror (err)); Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Aug 13 09:41:58 2010 From: wk at gnupg.org (Werner Koch) Date: Fri, 13 Aug 2010 09:41:58 +0200 Subject: segfault on x86_64-*-* amd64 mpi asm code In-Reply-To: <4C64B1C4.8030009@gmail.com> (t66667@gmail.com's message of "Fri, 13 Aug 2010 12:45:24 +1000") References: <4C64B1C4.8030009@gmail.com> Message-ID: <87vd7fufg9.fsf@vigenere.g10code.de> On Fri, 13 Aug 2010 04:45, t66667 at gmail.com said: > The segfault produced on Windows 7 x64 with 64 bits binary. > The asm code of mpi runtime crash on amd64. That is not supported. > Compiler used x86_64-w64-mingw32-gcc 4.5 branch. That seems to be a compiler problem or a mismatch with the selected asm code. > However I can --disable-asm for amd64 to avoid crash on runtime. That's the way to go. The actual solution is to have the mpi/config.links script do this. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gnupg at oneiroi.net Fri Aug 13 20:05:51 2010 From: gnupg at oneiroi.net (Milo) Date: Fri, 13 Aug 2010 20:05:51 +0200 Subject: OT: problems with the X.509 PKI business [was: Re: Gcrypt-devel Digest, Vol 66, Issue 5] In-Reply-To: <4C4B9C62.8070102@fifthhorseman.net> References: <4C4AC27D.5000409@oneiroi.net> <4C4B9C62.8070102@fifthhorseman.net> Message-ID: <4C65897F.3070805@oneiroi.net> Hi. On 07/25/2010 04:07 AM, Daniel Kahn Gillmor wrote: > On 07/24/2010 06:37 AM, Milo wrote: >> On 07/24/2010 10:36 AM, gcrypt-devel-request at gnupg.org wrote: >> >>>> A counterpoint would be that the whole X.509 PKI business is entirely >>>> broken and does not provide any security at all. >>> >>> agreed, sadly. > >> >> "whole X.509 PKI business is broken and does not provide any security at >> all" - very interesting statement. Could you elaborate on that? > > For one example, X.509 sets up a situation that encourages centralized, > hierarchical reliance on an unaccountable cabal of Certificate Authorities: > > http://lair.fifthhorseman.net/~dkg/tls-centralization/ > > --dkg It's hard to disagree that it is seriously flawed however in practice it's somehow far from being "entirely broken" and "not providing any security at all". There is small number (if any) of real life evidences for serious violation/exploitation of CA model weaknesses (on the other side it seems to be unprobable that it is not exploited...). I'm not negating need of research on better substitute - my point is that x.509 as is, is still providing some degree of security and it's better then nothing. -- Regards, Milo From brynet at gmail.com Fri Aug 13 23:33:44 2010 From: brynet at gmail.com (Brynet) Date: Fri, 13 Aug 2010 17:33:44 -0400 Subject: Including sys/select.h in the header file. Message-ID: <4C65BA38.3080500@gmail.com> Hi, In the case of !_WIN32 gcrypt.h decalres a few function prototypes with the fd_set structure, POSIX mentions that the following header should be included. On at least OpenBSD, this causes problems if a project includes gcrypt.h without sys/select.h (..and some do). http://www.opengroup.org/onlinepubs/009695399/basedefs/sys/select.h.html "The header shall define the fd_set type as a structure." Should this be fixed by libgcrypt or by projects including the gcrypt header file? Thanks, take care. -Bryan. From wk at gnupg.org Mon Aug 16 10:43:36 2010 From: wk at gnupg.org (Werner Koch) Date: Mon, 16 Aug 2010 10:43:36 +0200 Subject: Including sys/select.h in the header file. In-Reply-To: <4C65BA38.3080500@gmail.com> (brynet@gmail.com's message of "Fri, 13 Aug 2010 17:33:44 -0400") References: <4C65BA38.3080500@gmail.com> Message-ID: <87wrrrt0av.fsf@vigenere.g10code.de> On Fri, 13 Aug 2010 23:33, brynet at gmail.com said: > Should this be fixed by libgcrypt or by projects including the gcrypt > header file? I don't consider this a serious bug but nevertheless I fixed that in the development branch. Thanks, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From brynet at gmail.com Mon Aug 16 19:24:21 2010 From: brynet at gmail.com (Brynet) Date: Mon, 16 Aug 2010 13:24:21 -0400 Subject: Including sys/select.h in the header file. In-Reply-To: <87wrrrt0av.fsf@vigenere.g10code.de> References: <4C65BA38.3080500@gmail.com> <87wrrrt0av.fsf@vigenere.g10code.de> Message-ID: <4C697445.7020702@gmail.com> Werner Koch wrote: > On Fri, 13 Aug 2010 23:33, brynet at gmail.com said: > >> Should this be fixed by libgcrypt or by projects including the gcrypt >> header file? > > I don't consider this a serious bug but nevertheless I fixed that in the > development branch. > > Thanks, > > Werner > On a slightly unrelated note, libgcrypt doesn't include a pkg-config ".pc" file.. I'm aware that libgcrypt-config exists, but would it be possible to include one in a future release? Thanks & Take care, -Bryan. From wk at gnupg.org Tue Aug 17 06:13:25 2010 From: wk at gnupg.org (Werner Koch) Date: Tue, 17 Aug 2010 06:13:25 +0200 Subject: Including sys/select.h in the header file. In-Reply-To: <4C697445.7020702@gmail.com> (brynet@gmail.com's message of "Mon, 16 Aug 2010 13:24:21 -0400") References: <4C65BA38.3080500@gmail.com> <87wrrrt0av.fsf@vigenere.g10code.de> <4C697445.7020702@gmail.com> Message-ID: <87k4npuba2.fsf@vigenere.g10code.de> On Mon, 16 Aug 2010 19:24, brynet at gmail.com said: > On a slightly unrelated note, libgcrypt doesn't include a pkg-config > ".pc" file.. I'm aware that libgcrypt-config exists, but would it be > possible to include one in a future release? No. This would add another build dependency and one which is broken on some platforms; in particular cross-compiling does not work as it should. Simple scripts like foo-config are far more flexible than pkg-config. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From randomproof at fastmail.us Mon Aug 23 06:57:18 2010 From: randomproof at fastmail.us (Steven Hudson) Date: Sun, 22 Aug 2010 21:57:18 -0700 Subject: Mutex causing memory leaks Message-ID: <4C71FFAE.2030307@fastmail.us> I've setup the mutex functions for thread saftey using gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); but it seams the mutex_destroy function is never called. It there a function I need to call when the program is closing?