From ametzler at bebt.de Mon Jul 3 19:15:14 2017 From: ametzler at bebt.de (Andreas Metzler) Date: Mon, 3 Jul 2017 19:15:14 +0200 Subject: Fwd: mpi_set_secure leads to heap corruption Message-ID: <20170703171514.e6z6gppgyn6dllgc@argenau.bebt.de> Hello, this is http://bugs.debian.org/866964 submitted by Mark Wooding against libgcrypt 1.7.6-1.7.8: ------------------------------------------------------------- The function `mpi_set_secure' is used by `gcry_mpi_set_flag' to convert an integer so as to use `secure' (i.e., locked, non-swappable) memory. [...] The code allocates enough secure memory for the active limbs, copies them from the existing buffer, and stores a pointer to the new buffer -- all without reducing the separate count of the number of allocated limbs. In particular, when the securified integer is freed, `_gcry_mpi_free' calls `_gcry_mpi_free_limb_space' to release the limb buffer, giving it the allocated size, and the latter attempts to zeroize the storage, leading to a heap corruption. The patch fixes the problem. I've not thought deeply about the performance effects: maybe it'd be better to allocate the same total limb buffer rather than just the active size, but this patch is simple and obviously right. diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 6dee0b9..2a32d26 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -260,6 +260,7 @@ mpi_set_secure( gcry_mpi_t a ) MPN_COPY( bp, ap, a->nlimbs ); a->d = bp; _gcry_mpi_free_limb_space (ap, a->alloced); + a->alloced = a->nlimbs; } ------------------------------------------------------------- cu Andreas From cvs at cvs.gnupg.org Tue Jul 4 02:44:10 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 04 Jul 2017 02:44:10 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-112-g5feaf1c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 5feaf1cc8f22c1f8d19a34850d86fe190f1432e2 (commit) from 8725c99ffa41778f382ca97233183bcd687bb0ce (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5feaf1cc8f22c1f8d19a34850d86fe190f1432e2 Author: NIIBE Yutaka Date: Tue Jul 4 09:33:46 2017 +0900 mpi: Fix mpi_set_secure. * mpi/mpiutil.c (mpi_set_secure): Allocate by ->alloced. -- The code was simply wrong. The question is if (1) it allocates (possibly) more or (2) modifi ->alloced. The choice is (1). Because we have routines of mpi_set_cond and mpi_swap_cond which assume no change for the allocated length of limbs, no surprise is better. See _gcry_mpi_ec_mul_point for concrete example for those routines. That's for constant-time computation. Debian-bug-id: 866964 Suggested-by: Mark Wooding Signed-off-by: NIIBE Yutaka diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 6dee0b9..3ae84c3 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -256,7 +256,7 @@ mpi_set_secure( gcry_mpi_t a ) gcry_assert (!ap); return; } - bp = mpi_alloc_limb_space (a->nlimbs, 1); + bp = mpi_alloc_limb_space (a->alloced, 1); MPN_COPY( bp, ap, a->nlimbs ); a->d = bp; _gcry_mpi_free_limb_space (ap, a->alloced); ----------------------------------------------------------------------- Summary of changes: mpi/mpiutil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From gniibe at fsij.org Tue Jul 4 03:05:11 2017 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 04 Jul 2017 10:05:11 +0900 Subject: Fwd: mpi_set_secure leads to heap corruption In-Reply-To: <20170703171514.e6z6gppgyn6dllgc@argenau.bebt.de> References: <20170703171514.e6z6gppgyn6dllgc@argenau.bebt.de> Message-ID: <87a84l3tbs.fsf@iwagami.gniibe.org> Hello, (Cc-ed to the bug report BTS) Thank you for forwarding the bug report. Fixed both for master and LIBGCRYPT-1-7-BRANCH. master: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=5feaf1cc8f22c1f8d19a34850d86fe190f1432e2 LIBGCRYPT-1-7-BRANCH: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=a195d7346a8006f3b6fb77ccd6df8e91833d2b5a > The patch fixes the problem. I've not thought deeply about the > performance effects: maybe it'd be better to allocate the same total > limb buffer rather than just the active size, but this patch is simple > and obviously right. Yes. While the patch is right, I followed the suggestion for less surprise. While there is the API, I don't know the real use case. So, I did search: https://codesearch.debian.net/search?q=mpi_set_flag.*GCRYMPI_FLAG_SECURE and seccure-0.5_1 has use cases. Since all use cases are gcry_mpi_scan then gcry_mpi_set_flag, I think that those cases are safe for heap corruption. ================================================== Commit: a195d7346a8006f3b6fb77ccd6df8e91833d2b5a mpi: Fix mpi_set_secure. * mpi/mpiutil.c (mpi_set_secure): Allocate by ->alloced. -- The code was simply wrong. The question is if (1) it allocates (possibly) more or (2) modifi ->alloced. The choice is (1). Because we have routines of mpi_set_cond and mpi_swap_cond which assume no change for the allocated length of limbs, no surprise is better. See _gcry_mpi_ec_mul_point for concrete example for those routines. That's for constant-time computation. Debian-bug-id: 866964 Suggested-by: Mark Wooding Signed-off-by: NIIBE Yutaka (backport from master commit: 5feaf1cc8f22c1f8d19a34850d86fe190f1432e2) 1 file changed, 1 insertion(+), 1 deletion(-) mpi/mpiutil.c | 2 +- modified mpi/mpiutil.c @@ -256,7 +256,7 @@ mpi_set_secure( gcry_mpi_t a ) gcry_assert (!ap); return; } - bp = mpi_alloc_limb_space (a->nlimbs, 1); + bp = mpi_alloc_limb_space (a->alloced, 1); MPN_COPY( bp, ap, a->nlimbs ); a->d = bp; _gcry_mpi_free_limb_space (ap, a->alloced); -- From wk at gnupg.org Tue Jul 4 18:06:09 2017 From: wk at gnupg.org (Werner Koch) Date: Tue, 04 Jul 2017 18:06:09 +0200 Subject: Fwd: mpi_set_secure leads to heap corruption In-Reply-To: <87a84l3tbs.fsf@iwagami.gniibe.org> (NIIBE Yutaka's message of "Tue, 04 Jul 2017 10:05:11 +0900") References: <20170703171514.e6z6gppgyn6dllgc@argenau.bebt.de> <87a84l3tbs.fsf@iwagami.gniibe.org> Message-ID: <8737acrxu6.fsf@wheatstone.g10code.de> On Tue, 4 Jul 2017 03:05, gniibe at fsij.org said: > Yes. While the patch is right, I followed the suggestion for less > surprise. The reason why it was falsely allocated as nlimbs is likely to save on secure memory. Now that we auto-grow the secure memory this is not needed and thus this simple and correct fix is sufficient. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From ametzler at bebt.de Tue Jul 4 19:34:21 2017 From: ametzler at bebt.de (Andreas Metzler) Date: Tue, 4 Jul 2017 19:34:21 +0200 Subject: Fwd: mpi_set_secure leads to heap corruption In-Reply-To: <87a84l3tbs.fsf@iwagami.gniibe.org> References: <20170703171514.e6z6gppgyn6dllgc@argenau.bebt.de> <87a84l3tbs.fsf@iwagami.gniibe.org> Message-ID: <20170704173421.itb5iz5z4yctjkd5@argenau.bebt.de> On 2017-07-04 NIIBE Yutaka wrote: [...] > Fixed both for master and LIBGCRYPT-1-7-BRANCH. [...] > While there is the API, I don't know the real use case. So, I did > search: > https://codesearch.debian.net/search?q=mpi_set_flag.*GCRYMPI_FLAG_SECURE > and seccure-0.5_1 has use cases. Since all use cases are gcry_mpi_scan > then gcry_mpi_set_flag, I think that those cases are safe for heap > corruption. Thanks. Supersonic fix + checking for amount of actual breakage. :-) From mdw at distorted.org.uk Tue Jul 4 22:03:04 2017 From: mdw at distorted.org.uk (Mark Wooding) Date: Tue, 04 Jul 2017 21:03:04 +0100 Subject: Fwd: mpi_set_secure leads to heap corruption Message-ID: <87d19gx953.fsf.mdw@gibson.dhcp.distorted.org.uk> NIIBE Yutaka writes: > Thank you for forwarding the bug report. > > Fixed both for master and LIBGCRYPT-1-7-BRANCH. Thanks. > Yes. While the patch is right, I followed the suggestion for less > surprise. Fair enough. > While there is the API, I don't know the real use case. So, I did > search: > > https://codesearch.debian.net/search?q=mpi_set_flag.*GCRYMPI_FLAG_SECURE > > and seccure-0.5_1 has use cases. Since all use cases are > gcry_mpi_scan then gcry_mpi_set_flag, I think that those cases are > safe for heap corruption. Alas not. I found this bug because seccure-0.5_1 broke on amd64 (and I couldn't mount my backup disks again until I fixed it). What happened is that `gcry_mpi_scan' returned a bignum with alloced = 5 and nlimbs = 4; zeroizing the limb vector clobbered the secure-memory pool structure in a way I didn't investigate too carefully, but the result was that `mb_get_new' thought that the pool was full and `gcry_malloc_secure' failed. As far as I can make out, `seccure-decrypt' can't decrypt anything at all on amd64. -- [mdw] From cvs at cvs.gnupg.org Wed Jul 5 20:16:38 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 05 Jul 2017 20:16:38 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-114-g85a9a91 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 85a9a913da9ecc6b2cd6f743e90e49983251d706 (commit) via 0d30a4a9791d20c8881b5b12bd44611d9f4274cd (commit) from 5feaf1cc8f22c1f8d19a34850d86fe190f1432e2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 85a9a913da9ecc6b2cd6f743e90e49983251d706 Author: Werner Koch Date: Wed Jul 5 20:10:56 2017 +0200 build: Minor API fixes to fix build problems on AIX. * src/gcrypt.h.in (gcry_error_from_errno): Fix return type. * src/visibility.c (gcry_md_extract): Change return type to match the prototype. -- IBM compiler optimize enums and thus enums may be shorter than an unsigned int. Thus an assert (sizeof (gpg_error_t) == sizeof (gpg_err_code_t) would fail. The deatils seem to depend on the passed compiler options which explains that it has been only reported now. GnuPG-bug-id: 3256 Signed-off-by: Werner Koch diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 8d20c83..9a9acc4 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -189,7 +189,7 @@ int gcry_err_code_to_errno (gcry_err_code_t code); gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err); /* Return an error value with the system error ERR. */ -gcry_err_code_t gcry_error_from_errno (int err); +gcry_error_t gcry_error_from_errno (int err); /* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore diff --git a/src/visibility.c b/src/visibility.c index 7bf3d57..fe46c82 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -1174,10 +1174,10 @@ gcry_md_read (gcry_md_hd_t hd, int algo) return _gcry_md_read (hd, algo); } -gcry_err_code_t +gcry_error_t gcry_md_extract (gcry_md_hd_t hd, int algo, void *buffer, size_t length) { - return _gcry_md_extract(hd, algo, buffer, length); + return gpg_error (_gcry_md_extract(hd, algo, buffer, length)); } void commit 0d30a4a9791d20c8881b5b12bd44611d9f4274cd Author: Werner Koch Date: Wed Jul 5 20:05:41 2017 +0200 tools: Add left shift to mpicalc. * src/mpicalc.c (do_lshift): New. (main): Handle '<'. Signed-off-by: Werner Koch diff --git a/src/mpicalc.c b/src/mpicalc.c index ebd1bbb..11246f3 100644 --- a/src/mpicalc.c +++ b/src/mpicalc.c @@ -232,6 +232,17 @@ do_gcd (void) } static void +do_lshift (void) +{ + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_lshift (stack[stackidx - 1], stack[stackidx - 1], 1); +} + +static void do_rshift (void) { if (stackidx < 1) @@ -242,7 +253,6 @@ do_rshift (void) mpi_rshift (stack[stackidx - 1], stack[stackidx - 1], 1); } - static void do_nbits (void) { @@ -305,6 +315,7 @@ print_help (void) "* multiply [0] := [1] * [0] {-1}\n" "/ divide [0] := [1] - [0] {-1}\n" "% modulo [0] := [1] % [0] {-1}\n" + "< left shift [0] := [0] << 1 {0}\n" "> right shift [0] := [0] >> 1 {0}\n" "++ increment [0] := [0]++ {0}\n" "-- decrement [0] := [0]-- {0}\n" @@ -487,6 +498,9 @@ main (int argc, char **argv) case '^': do_powm (); break; + case '<': + do_lshift (); + break; case '>': do_rshift (); break; ----------------------------------------------------------------------- Summary of changes: src/gcrypt.h.in | 2 +- src/mpicalc.c | 16 +++++++++++++++- src/visibility.c | 4 ++-- 3 files changed, 18 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From Anindo.Burman at wellsfargo.com Wed Jul 5 17:43:03 2017 From: Anindo.Burman at wellsfargo.com (Anindo.Burman at wellsfargo.com) Date: Wed, 5 Jul 2017 15:43:03 +0000 Subject: GNU Libgcrypt Message-ID: <754C2B80AFF3D1498BB7B101B6CE3D7A0F2D2E@MSGEXSIL1143.ent.wfb.bank.corp> Hi, Can you please provide me with the Vendor support details for different versions of GNU Libgcrypt , I understand the latest stable version of Libgcrypt is 1.7.8 . Can you please provide me the vendor support end dates for the versions 1.1 , 1.2 , 1.4 , 1.5 and 1.6 . Regards, Anindo Burman -------------- next part -------------- An HTML attachment was scrubbed... URL: From cvs at cvs.gnupg.org Thu Jul 6 10:31:13 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 06 Jul 2017 10:31:13 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-116-ge235f6a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e235f6a62f6268538c784154c2d1470ff073b6a8 (commit) via 208aba6f9a0475ba049f5a66fe02cf9a6214a887 (commit) from 85a9a913da9ecc6b2cd6f743e90e49983251d706 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e235f6a62f6268538c784154c2d1470ff073b6a8 Author: Werner Koch Date: Thu Jul 6 10:26:24 2017 +0200 Update NEWS -- Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index c97f425..b29bb89 100644 --- a/NEWS +++ b/NEWS @@ -63,6 +63,10 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] - Fix long standing bug in secure memory implementation which could lead to a segv on free. [bug#3027] [also in 1.7.7] + - Mitigate a flush+reload side-channel attack on RSA secret keys + dubbed "Sliding right into disaster". For details see + . [CVE-2017-7526] [also in 1.7.8] + * Interface changes relative to the 1.7.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -73,6 +77,7 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] * Release dates of 1.7.x versions: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + Version 1.7.8 (2017-06-29) [C21/A1/R8] Version 1.7.7 (2017-06-02) [C21/A1/R7] Version 1.7.6 (2017-01-18) [C21/A1/R6] Version 1.7.5 (2016-12-15) [C21/A1/R5] commit 208aba6f9a0475ba049f5a66fe02cf9a6214a887 Author: Werner Koch Date: Thu Jun 29 08:31:27 2017 +0200 rsa: Use modern MPI allocation function. * cipher/rsa.c (secret_core_crt): Use modern function _gcry_mpi_snew. -- Eventually we want to get rid of the notion of limb sizes in mpi using code. Thus it is better to use the modern function/macro. Signed-off-by: Werner Koch diff --git a/cipher/rsa.c b/cipher/rsa.c index ce73f10..575ea94 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -1026,7 +1026,7 @@ secret_core_crt (gcry_mpi_t M, gcry_mpi_t C, r_nbits = mpi_get_nbits (P) / 4; if (r_nbits < 96) r_nbits = 96; - r = mpi_alloc_secure ( (r_nbits + BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + r = mpi_secure_new (r_nbits); /* d_blind = (d mod (p-1)) + (p-1) * r */ /* m1 = c ^ d_blind mod p */ ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ cipher/rsa.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From wk at gnupg.org Thu Jul 6 10:36:54 2017 From: wk at gnupg.org (Werner Koch) Date: Thu, 06 Jul 2017 10:36:54 +0200 Subject: GNU Libgcrypt In-Reply-To: <754C2B80AFF3D1498BB7B101B6CE3D7A0F2D2E@MSGEXSIL1143.ent.wfb.bank.corp> (Anindo Burman's message of "Wed, 5 Jul 2017 15:43:03 +0000") References: <754C2B80AFF3D1498BB7B101B6CE3D7A0F2D2E@MSGEXSIL1143.ent.wfb.bank.corp> Message-ID: <871spuq7vd.fsf@wheatstone.g10code.de> On Wed, 5 Jul 2017 17:43, Anindo.Burman at wellsfargo.com said: > Can you please provide me with the Vendor support details for different versions of GNU Libgcrypt , I understand the latest stable version of Libgcrypt is 1.7.8 . Can you please provide me the vendor support end dates for the versions 1.1 , 1.2 , 1.4 , 1.5 and 1.6 . The 1.6 branch reached end-of-life 6 days ago. The other branches are also end-of-life. Except for the dropping of the ac interface in 1.6 (depreccated since the first stable 1.2 version) all versions are ABI and API upward compatible. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From jussi.kivilinna at iki.fi Thu Jul 6 13:43:00 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 6 Jul 2017 14:43:00 +0300 Subject: [PATCH] Add script to run basic tests with all supported HWF combinations In-Reply-To: <87podv9lrv.fsf@wheatstone.g10code.de> References: <149777423075.11382.13316874479543249672.stgit@localhost.localdomain> <87podv9lrv.fsf@wheatstone.g10code.de> Message-ID: On 23.06.2017 11:00, Werner Koch wrote: > Hi! > > I indeed think that this test is very useful. > > On Sun, 18 Jun 2017 10:23, jussi.kivilinna at iki.fi said: > >> +++ b/tests/basic_all_hwfeature_combinations.sh >> @@ -0,0 +1,73 @@ >> +#!/bin/bash > > Unfortunately we can't depend on bash. There are enough systems w/o > bash installed. > >> +# For example for Windows executables: BINEXT=.exe >> +if [ "x$BINEXT" != "x" ] && [ -e "tests/version$BINEXT" ]; then >> + binext="$BINEXT" >> +else >> + binext="" > > Hmmm, running the script on Windows would require the installation of a > Unix shell. That is too troublesome. With the new gcry_get_config > fucntion we can get the features form a C program and the we would only > need to fork/exec - oh well, not on Windows :-( Yes, that would be problematic if testing on Windows. One can instead cross-compile win32 & win64 binaries on Linux and running tests on command-line with Wine (+ binfmt plugin) which works quite nicely. I've also found Qemu+binfmt to be quite useful when testing code with different architectures, although there is some caveats especially with missing unaligned memory access problems when running program in Qemu on top of x86. > > tests/random also forks but skips these checks on Windows. Which it > should not. To avoid cluttering all code with a platform dependent > implemtation of a spawing function I would suggest to wait until we have > put such a function into libgpgrt (aka libgpg-error). We plan this > because we several such spawning implementations in the GnuPG stack and > libgpgrt is a common dependency of all.> > If you want to push your change, I would suggest to do it as > maintainer-only tool _for now_ so that it is not run by "make check". > Dedicated program would be nicer, but I'm not sure if that would be worth of the extra effort. Problem with this check is that it can take quite a long time and I would not recommend to run it as part of "make check". For example, with current Intel Skylake CPU, number of different HWF combinations is 4096 and running all basic tests can take tens of minutes. -Jussi From cvs at cvs.gnupg.org Fri Jul 7 05:02:46 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 07 Jul 2017 05:02:46 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-118-g66ed4d5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 66ed4d53789892def7b237756d8a0ab28df9d222 (commit) via 619ebae9847831f43314a95cc3180f4b329b4d3b (commit) from e235f6a62f6268538c784154c2d1470ff073b6a8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 66ed4d53789892def7b237756d8a0ab28df9d222 Author: NIIBE Yutaka Date: Fri Jul 7 12:00:03 2017 +0900 mpi: Fix mpi_pow alternative implementation. * mpi/mpi-pow.c [USE_ALGORITHM_SIMPLE_EXPONENTIATION] (_gcry_mpi_powm): Use mpi_set_cond. -- Limbs of RES may be allocated more before the call of mpi_pow, but it only uses the space of SIZE. Signed-off-by: NIIBE Yutaka diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 3d6d68c..54f477b 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -188,10 +188,16 @@ _gcry_mpi_powm (gcry_mpi_t res, mpi_limb_t e; mpi_limb_t carry_limb; struct karatsuba_ctx karactx; + struct gcry_mpi w, u; xp_nlimbs = msec? size:0; xp = xp_marker = mpi_alloc_limb_space( size, msec ); + w.sign = u.sign = 0; + w.flags = u.flags = 0; + w.alloced = w.nlimbs = size; /* RES->alloc may be longer. */ + u.alloced = u.nlimbs = size; + memset( &karactx, 0, sizeof karactx ); negative_result = (ep[0] & 1) && bsign; @@ -267,11 +273,11 @@ _gcry_mpi_powm (gcry_mpi_t res, xsize = msize; } } - if ( (mpi_limb_signed_t)e < 0 ) - { - tp = rp; rp = xp; xp = tp; - rsize = xsize; - } + + w.d = rp; + u.d = xp; + mpi_set_cond (&w, &u, ((mpi_limb_signed_t)e < 0)); + e <<= 1; c--; } commit 619ebae9847831f43314a95cc3180f4b329b4d3b Author: NIIBE Yutaka Date: Fri Jul 7 11:39:09 2017 +0900 Fix mpi_pow alternative implementation. * mpi/mpi-pow.c [USE_ALGORITHM_SIMPLE_EXPONENTIATION] (_gcry_mpi_powm): Allocate size fix. Signed-off-by: NIIBE Yutaka diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 3cba690..3d6d68c 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -189,8 +189,8 @@ _gcry_mpi_powm (gcry_mpi_t res, mpi_limb_t carry_limb; struct karatsuba_ctx karactx; - xp_nlimbs = msec? (2 * (msize + 1)):0; - xp = xp_marker = mpi_alloc_limb_space( 2 * (msize + 1), msec ); + xp_nlimbs = msec? size:0; + xp = xp_marker = mpi_alloc_limb_space( size, msec ); memset( &karactx, 0, sizeof karactx ); negative_result = (ep[0] & 1) && bsign; ----------------------------------------------------------------------- Summary of changes: mpi/mpi-pow.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Fri Jul 7 07:57:42 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 07 Jul 2017 07:57:42 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-119-g61b0f52 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 61b0f52c1cc85bf8c3cac9aba40e28682e4e1b8b (commit) from 66ed4d53789892def7b237756d8a0ab28df9d222 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 61b0f52c1cc85bf8c3cac9aba40e28682e4e1b8b Author: NIIBE Yutaka Date: Fri Jul 7 14:48:17 2017 +0900 mpi: Minor fix of mpi_pow. * mpi/mpi-pow.c (_gcry_mpi_powm): Allocate size fix. -- Same thing of 619ebae9847831f43314a95cc3180f4b329b4d3b applied. Signed-off-by: NIIBE Yutaka diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 54f477b..62b4a80 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -552,8 +552,8 @@ _gcry_mpi_powm (gcry_mpi_t res, struct karatsuba_ctx karactx; mpi_ptr_t tp; - xp_nlimbs = msec? (2 * (msize + 1)):0; - xp = xp_marker = mpi_alloc_limb_space( 2 * (msize + 1), msec ); + xp_nlimbs = msec? size:0; + xp = xp_marker = mpi_alloc_limb_space( size, msec ); memset( &karactx, 0, sizeof karactx ); negative_result = (ep[0] & 1) && bsign; ----------------------------------------------------------------------- Summary of changes: mpi/mpi-pow.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From nathan at nathanrossi.com Mon Jul 17 12:37:54 2017 From: nathan at nathanrossi.com (Nathan Rossi) Date: Mon, 17 Jul 2017 20:37:54 +1000 Subject: [PATCH] configure.ac: Set 'mym4_revision' to 0 if not a git repo In-Reply-To: <87y3yfeyl4.fsf@wheatstone.g10code.de> References: <20170110144112.5361-1-nathan@nathanrossi.com> <87o9zeqvis.fsf@alice.fifthhorseman.net> <87y3yfeyl4.fsf@wheatstone.g10code.de> Message-ID: On 14 January 2017 at 02:03, Werner Koch wrote: > On Thu, 12 Jan 2017 06:03, nathan at nathanrossi.com said: >> That was the intention, I did send a patch like this for libgpg-error >> at the same time as this (however I think I mucked up the > > I noticed your pacthed and looked at it. However, I considere the way > we handle this in gnupg better... > >> have a look at some of the gnupg related tools/libraries but they use >> differing mechanisms for this process (most use autogen.sh >> --find-version). > > Right, This is easier to maintain because autogen.sh should be > identical for all gnupg related packages, Meanwhile I have ported this > to libgpg-error but nut yet pushed. I need to do a few more tests, > though. > > Thanks for your work and please have some patience until I can push that > to libgpg-error and other packages. > Hi Werner, Just bumping this thread. I noticed you had made the change to libgpg-error, and that works great. Anything preventing the updating of autogen.sh in libgcrypt? Thanks, Nathan From cvs at cvs.gnupg.org Mon Jul 17 14:14:01 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 17 Jul 2017 14:14:01 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-121-gde1e125 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via de1e12504dd72bbedd3441be9aab3cad6dbca251 (commit) via 9d99c6b973caa7fdf93b53cf764066214f763803 (commit) from 61b0f52c1cc85bf8c3cac9aba40e28682e4e1b8b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit de1e12504dd72bbedd3441be9aab3cad6dbca251 Author: Werner Koch Date: Mon Jul 17 14:04:30 2017 +0200 build: Bump LT version to C22/A2/R0. -- This is required to allow installation of 1.7 and 1.8. Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index d36673f..9aa89c7 100644 --- a/configure.ac +++ b/configure.ac @@ -51,12 +51,13 @@ m4_define([mym4_full_version],[mym4_version[]mym4_betastring]) AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # LT Version numbers, remember to change them just *before* a release. +# !!!NOTE: Already updated for 1.8.0 !! # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) -LIBGCRYPT_LT_CURRENT=21 -LIBGCRYPT_LT_AGE=1 -LIBGCRYPT_LT_REVISION=3 +LIBGCRYPT_LT_CURRENT=22 +LIBGCRYPT_LT_AGE=2 +LIBGCRYPT_LT_REVISION=0 # If the API is changed in an incompatible way: increment the next counter. commit 9d99c6b973caa7fdf93b53cf764066214f763803 Author: Werner Koch Date: Mon Jul 17 12:34:13 2017 +0200 random: Minor fix for getting the rndjent version. * random/rndjent.c (_gcry_rndjent_get_version): Always set R_ACTIVE. * tests/version.c (test_get_config): Check number of fields for rng-type. Signed-off-by: Werner Koch diff --git a/random/rndjent.c b/random/rndjent.c index b1432e4..6e56c8a 100644 --- a/random/rndjent.c +++ b/random/rndjent.c @@ -327,6 +327,8 @@ _gcry_rndjent_poll (void (*add)(const void*, size_t, enum random_origins), unsigned int _gcry_rndjent_get_version (int *r_active) { + if (r_active) + *r_active = 0; #ifdef USE_JENT if ( is_rng_available () ) { diff --git a/tests/version.c b/tests/version.c index 6a01610..7e68cd6 100644 --- a/tests/version.c +++ b/tests/version.c @@ -43,6 +43,8 @@ static void test_get_config (void) { char *string; + const char *s; + int i; string = gcry_get_config (0, NULL); if (!string) @@ -81,6 +83,21 @@ test_get_config (void) fail ("gcry_get_config(\"no-such-item\") returned wrong error: %s\n", gpg_strerror (gpg_error_from_syserror ())); + /* Check the rng-type. */ + xfree (string); + string = gcry_get_config (0, "rng-type"); + if (!string) + fail ("gcry_get_config(\"rng-type\") not returned\n"); + else + { + for (i=0, s = string; *s; s++) + if (*s == ':') + i++; + if (i < 5) + fail ("gcry_get_config(\"rng-type\") has not enough fields\n"); + } + + xfree (string); } ----------------------------------------------------------------------- Summary of changes: configure.ac | 7 ++++--- random/rndjent.c | 2 ++ tests/version.c | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From wk at gnupg.org Mon Jul 17 17:21:56 2017 From: wk at gnupg.org (Werner Koch) Date: Mon, 17 Jul 2017 17:21:56 +0200 Subject: [PATCH] configure.ac: Set 'mym4_revision' to 0 if not a git repo In-Reply-To: (Nathan Rossi's message of "Mon, 17 Jul 2017 20:37:54 +1000") References: <20170110144112.5361-1-nathan@nathanrossi.com> <87o9zeqvis.fsf@alice.fifthhorseman.net> <87y3yfeyl4.fsf@wheatstone.g10code.de> Message-ID: <8760erf5rf.fsf@wheatstone.g10code.de> On Mon, 17 Jul 2017 12:37, nathan at nathanrossi.com said: > Just bumping this thread. I noticed you had made the change to > libgpg-error, and that works great. Anything preventing the updating > of autogen.sh in libgcrypt? Seems we should do that. Thanks for the reminder. Tracked in https://dev.gnupg.org/T3283 Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Tue Jul 18 10:00:14 2017 From: wk at gnupg.org (Werner Koch) Date: Tue, 18 Jul 2017 10:00:14 +0200 Subject: best way to copy a gcry_mpi_point_t? In-Reply-To: <20160619230219.GF3509@trolle> (Markus Teich's message of "Mon, 20 Jun 2016 01:02:19 +0200") References: <20160619230219.GF3509@trolle> Message-ID: <87pocydvjl.fsf@wheatstone.g10code.de> On Mon, 20 Jun 2016 01:02, teichm at in.tum.de said: > since I only see gcry_mpi_copy, but no gcry_mpi_point_copy, what would be the > most efficient way to copy a point? Using something like the following seems > confusing: > > gcry_mpi_ec_mul(new, GCRYMPI_CONST_ONE, old, ctx); 1.8 will come with gcry_mpi_point_copy. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From cvs at cvs.gnupg.org Tue Jul 18 10:21:09 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 18 Jul 2017 10:21:09 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-122-gecf73da Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via ecf73dafb7aafed0d0f339d07235b58c2113f94c (commit) from de1e12504dd72bbedd3441be9aab3cad6dbca251 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ecf73dafb7aafed0d0f339d07235b58c2113f94c Author: Werner Koch Date: Tue Jul 18 10:16:07 2017 +0200 api: New function gcry_mpi_point_copy. * src/gcrypt.h.in (gcry_mpi_point_copy): New. (mpi_point_copy): New macro. * src/visibility.c (gcry_mpi_point_copy): New. * src/libgcrypt.def, src/libgcrypt.vers: Add function. * mpi/ec.c (_gcry_mpi_point_copy): New. * tests/t-mpi-point.c (set_get_point): Add test. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index b29bb89..17c9a42 100644 --- a/NEWS +++ b/NEWS @@ -72,6 +72,7 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GCRYCTL_REINIT_SYSCALL_CLAMP NEW macro. gcry_get_config NEW function. + gcry_mpi_point_copy NEW function. gcry_md_info DEPRECATED. diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index cab1318..649332b 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -4876,6 +4876,13 @@ Release @var{point} and free all associated resources. Passing @code{NULL} is allowed and ignored. @end deftypefun + at deftypefun gcry_mpi_point_t gcry_mpi_point_copy (@w{gcry_mpi_point_t @var{point}}) + +Allocate and return a new point object and initialize it with + at var{point}. If @var{point} is NULL the function is identical to + at code{gcry_mpi_point_new(0)}. + at end deftypefun + @deftypefun void gcry_mpi_point_get (@w{gcry_mpi_t @var{x}}, @ @w{gcry_mpi_t @var{y}}, @w{gcry_mpi_t @var{z}}, @ @w{gcry_mpi_point_t @var{point}}) diff --git a/mpi/ec.c b/mpi/ec.c index 8a6a656..a0f7357 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -139,6 +139,20 @@ point_set (mpi_point_t d, mpi_point_t s) } +/* Return a copy of POINT. */ +gcry_mpi_point_t +_gcry_mpi_point_copy (gcry_mpi_point_t point) +{ + mpi_point_t newpoint; + + newpoint = _gcry_mpi_point_new (0); + if (point) + point_set (newpoint, point); + + return newpoint; +} + + static void point_resize (mpi_point_t p, mpi_ec_t ctx) { diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h index ef5337b..ddcafa5 100644 --- a/src/gcrypt-int.h +++ b/src/gcrypt-int.h @@ -400,6 +400,7 @@ int _gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b); int _gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m); gcry_mpi_point_t _gcry_mpi_point_new (unsigned int nbits); void _gcry_mpi_point_release (gcry_mpi_point_t point); +gcry_mpi_point_t _gcry_mpi_point_copy (gcry_mpi_point_t point); void _gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, gcry_mpi_point_t point); void _gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, @@ -498,6 +499,8 @@ int _gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); } \ while (0) +#define mpi_point_copy(p) _gcry_mpi_point_copy((p)) + #define mpi_point_get(x,y,z,p) _gcry_mpi_point_get((x),(y),(z),(p)) #define mpi_point_snatch_get(x,y,z,p) _gcry_mpi_point_snatch_get((x),(y), \ (z),(p)) diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 9a9acc4..68c1f9e 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -698,6 +698,9 @@ gcry_mpi_point_t gcry_mpi_point_new (unsigned int nbits); /* Release the object POINT. POINT may be NULL. */ void gcry_mpi_point_release (gcry_mpi_point_t point); +/* Return a copy of POINT. */ +gcry_mpi_point_t gcry_mpi_point_copy (gcry_mpi_point_t point); + /* Store the projective coordinates from POINT into X, Y, and Z. */ void gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, gcry_mpi_point_t point); @@ -868,6 +871,7 @@ gcry_mpi_t _gcry_mpi_get_const (int no); (p) = NULL; \ } \ while (0) +#define mpi_point_copy(p) gcry_mpi_point_copy((p)) #define mpi_point_get(x,y,z,p) gcry_mpi_point_get((x),(y),(z),(p)) #define mpi_point_snatch_get(x,y,z,p) gcry_mpi_point_snatch_get((x),(y),(z),(p)) #define mpi_point_set(p,x,y,z) gcry_mpi_point_set((p),(x),(y),(z)) diff --git a/src/libgcrypt.def b/src/libgcrypt.def index c4a9eac..a76b377 100644 --- a/src/libgcrypt.def +++ b/src/libgcrypt.def @@ -284,4 +284,6 @@ EXPORTS gcry_get_config @247 + gcry_mpi_point_copy @248 + ;; end of file with public symbols for Windows. diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers index 1d2d150..1aa830f 100644 --- a/src/libgcrypt.vers +++ b/src/libgcrypt.vers @@ -107,6 +107,7 @@ GCRYPT_1.6 { gcry_mpi_ec_get_affine; gcry_mpi_ec_dup; gcry_mpi_ec_add; gcry_mpi_ec_sub; gcry_mpi_ec_mul; gcry_mpi_ec_curve_point; gcry_mpi_ec_decode_point; + gcry_mpi_point_copy; gcry_log_debug; gcry_log_debughex; gcry_log_debugmpi; gcry_log_debugpnt; gcry_log_debugsxp; diff --git a/src/visibility.c b/src/visibility.c index fe46c82..104c70d 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -484,6 +484,12 @@ gcry_mpi_point_release (gcry_mpi_point_t point) _gcry_mpi_point_release (point); } +gcry_mpi_point_t +gcry_mpi_point_copy (gcry_mpi_point_t point) +{ + return _gcry_mpi_point_copy (point); +} + void gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, gcry_mpi_point_t point) diff --git a/src/visibility.h b/src/visibility.h index d28993a..df2caf6 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -246,6 +246,7 @@ MARK_VISIBLEX (gcry_mpi_new) MARK_VISIBLEX (gcry_mpi_point_get) MARK_VISIBLEX (gcry_mpi_point_new) MARK_VISIBLEX (gcry_mpi_point_release) +MARK_VISIBLEX (gcry_mpi_point_copy) MARK_VISIBLEX (gcry_mpi_point_set) MARK_VISIBLEX (gcry_mpi_point_snatch_get) MARK_VISIBLEX (gcry_mpi_point_snatch_set) @@ -466,6 +467,7 @@ MARK_VISIBLEX (_gcry_mpi_get_const) #define gcry_mpi_point_get _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_point_new _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_point_release _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_copy _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_point_set _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_point_snatch_get _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_point_snatch_set _gcry_USE_THE_UNDERSCORED_FUNCTION diff --git a/tests/t-mpi-point.c b/tests/t-mpi-point.c index 9919932..1eaa08a 100644 --- a/tests/t-mpi-point.c +++ b/tests/t-mpi-point.c @@ -306,7 +306,7 @@ ec_p_new (gcry_ctx_t *r_ctx, gcry_mpi_t p, gcry_mpi_t a) static void set_get_point (void) { - gcry_mpi_point_t point; + gcry_mpi_point_t point, point2; gcry_mpi_t x, y, z; wherestr = "set_get_point"; @@ -350,7 +350,22 @@ set_get_point (void) || gcry_mpi_cmp_ui (y, 42) || gcry_mpi_cmp_ui (z, 11371)) fail ("point_snatch_set/point_get failed\n"); + point2 = gcry_mpi_point_copy (point); + + gcry_mpi_point_get (x, y, z, point2); + if (gcry_mpi_cmp_ui (x, 17) + || gcry_mpi_cmp_ui (y, 42) || gcry_mpi_cmp_ui (z, 11371)) + fail ("point_copy failed (1)\n"); + gcry_mpi_point_release (point); + + gcry_mpi_point_get (x, y, z, point2); + if (gcry_mpi_cmp_ui (x, 17) + || gcry_mpi_cmp_ui (y, 42) || gcry_mpi_cmp_ui (z, 11371)) + fail ("point_copy failed (2)\n"); + + gcry_mpi_point_release (point2); + gcry_mpi_release (x); gcry_mpi_release (y); gcry_mpi_release (z); ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + doc/gcrypt.texi | 7 +++++++ mpi/ec.c | 14 ++++++++++++++ src/gcrypt-int.h | 3 +++ src/gcrypt.h.in | 4 ++++ src/libgcrypt.def | 2 ++ src/libgcrypt.vers | 1 + src/visibility.c | 6 ++++++ src/visibility.h | 2 ++ tests/t-mpi-point.c | 17 ++++++++++++++++- 10 files changed, 56 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Tue Jul 18 14:30:12 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 18 Jul 2017 14:30:12 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-123-g95194c5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 95194c550443e8d5558856633f920daec8a975c4 (commit) from ecf73dafb7aafed0d0f339d07235b58c2113f94c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 95194c550443e8d5558856633f920daec8a975c4 Author: Werner Koch Date: Tue Jul 18 14:11:26 2017 +0200 mac: Add selftests for HMAC-SHA3-xxx. * cipher/hmac-tests.c (check_one): Add arg trunc and change all callers to pass false. (selftests_sha3): New. (run_selftests): Call new selftests. Signed-off-by: Werner Koch diff --git a/cipher/hmac-tests.c b/cipher/hmac-tests.c index 8c04708..78d260a 100644 --- a/cipher/hmac-tests.c +++ b/cipher/hmac-tests.c @@ -20,13 +20,18 @@ /* Although algorithm self-tests are usually implemented in the module implementing the algorithm, the case for HMAC is different because - HMAC is implemnetd on a higher level using a special feature of the + HMAC is implemented on a higher level using a special feature of the gcry_md_ functions. It would be possible to do this also in the digest algorithm modules, but that would blow up the code too much and spread the hmac tests over several modules. Thus we implement all HMAC tests in this test module and provide a function to run the tests. + + To run all the Libgcrypt selftest in a verbose mode, use + + $ tests/basic --selftest + */ #include @@ -42,21 +47,30 @@ #include "hmac256.h" /* Check one HMAC with digest ALGO using the regualr HAMC - API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key - and (EXPECT,EXPECTLEN) the expected result. Returns NULL on - succdess or a string describing the failure. */ + * API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key + * and (EXPECT,EXPECTLEN) the expected result. If TRUNC is set, the + * EXPECTLEN may be less than the digest length. Returns NULL on + * success or a string describing the failure. */ static const char * check_one (int algo, const void *data, size_t datalen, const void *key, size_t keylen, - const void *expect, size_t expectlen) + const void *expect, size_t expectlen, int trunc) { gcry_md_hd_t hd; const unsigned char *digest; /* printf ("HMAC algo %d\n", algo); */ - if (_gcry_md_get_algo_dlen (algo) != expectlen) - return "invalid tests data"; + if (trunc) + { + if (_gcry_md_get_algo_dlen (algo) < expectlen) + return "invalid tests data"; + } + else + { + if (_gcry_md_get_algo_dlen (algo) != expectlen) + return "invalid tests data"; + } if (_gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC)) return "gcry_md_open failed"; if (_gcry_md_setkey (hd, key, keylen)) @@ -107,7 +121,7 @@ selftests_sha1 (int extended, selftest_report_func_t report) "Sample #1", 9, key, 64, "\x4f\x4c\xa3\xd5\xd6\x8b\xa7\xcc\x0a\x12" - "\x08\xc9\xc6\x1e\x9c\x5d\xa0\x40\x3c\x0a", 20); + "\x08\xc9\xc6\x1e\x9c\x5d\xa0\x40\x3c\x0a", 20, 0); if (errtxt) goto failed; @@ -120,7 +134,7 @@ selftests_sha1 (int extended, selftest_report_func_t report) "Sample #2", 9, key, 20, "\x09\x22\xd3\x40\x5f\xaa\x3d\x19\x4f\x82" - "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24", 20); + "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24", 20, 0); if (errtxt) goto failed; @@ -131,7 +145,7 @@ selftests_sha1 (int extended, selftest_report_func_t report) "Sample #3", 9, key, 100, "\xbc\xf4\x1e\xab\x8b\xb2\xd8\x02\xf3\xd0" - "\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa", 20 ); + "\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa", 20, 0); if (errtxt) goto failed; @@ -142,7 +156,7 @@ selftests_sha1 (int extended, selftest_report_func_t report) "Sample #4", 9, key, 49, "\x9e\xa8\x86\xef\xe2\x68\xdb\xec\xce\x42" - "\x0c\x75\x24\xdf\x32\xe0\x75\x1a\x2a\x26", 20 ); + "\x0c\x75\x24\xdf\x32\xe0\x75\x1a\x2a\x26", 20, 0); if (errtxt) goto failed; } @@ -255,7 +269,7 @@ selftests_sha224 (int extended, selftest_report_func_t report) errtxt = check_one (GCRY_MD_SHA224, tv[tvidx].data, strlen (tv[tvidx].data), tv[tvidx].key, strlen (tv[tvidx].key), - tv[tvidx].expect, DIM (tv[tvidx].expect) ); + tv[tvidx].expect, DIM (tv[tvidx].expect), 0); if (errtxt) goto failed; if (!extended) @@ -373,7 +387,7 @@ selftests_sha256 (int extended, selftest_report_func_t report) errtxt = check_one (GCRY_MD_SHA256, tv[tvidx].data, strlen (tv[tvidx].data), tv[tvidx].key, strlen (tv[tvidx].key), - tv[tvidx].expect, DIM (tv[tvidx].expect) ); + tv[tvidx].expect, DIM (tv[tvidx].expect), 0); if (errtxt) goto failed; @@ -523,7 +537,7 @@ selftests_sha384 (int extended, selftest_report_func_t report) errtxt = check_one (GCRY_MD_SHA384, tv[tvidx].data, strlen (tv[tvidx].data), tv[tvidx].key, strlen (tv[tvidx].key), - tv[tvidx].expect, DIM (tv[tvidx].expect) ); + tv[tvidx].expect, DIM (tv[tvidx].expect), 0); if (errtxt) goto failed; if (!extended) @@ -661,7 +675,7 @@ selftests_sha512 (int extended, selftest_report_func_t report) errtxt = check_one (GCRY_MD_SHA512, tv[tvidx].data, strlen (tv[tvidx].data), tv[tvidx].key, strlen (tv[tvidx].key), - tv[tvidx].expect, DIM (tv[tvidx].expect) ); + tv[tvidx].expect, DIM (tv[tvidx].expect), 0); if (errtxt) goto failed; if (!extended) @@ -678,6 +692,412 @@ selftests_sha512 (int extended, selftest_report_func_t report) +/* Test for the SHA3 algorithms. Vectors taken on 2017-07-18 from + * http://www.wolfgang-ehrhardt.de/hmac-sha3-testvectors.html */ +static gpg_err_code_t +selftests_sha3 (int hashalgo, int extended, selftest_report_func_t report) +{ + static struct + { + const char * const desc; + const char * const data; + const char * const key; + const char expect_224[28]; + const char expect_256[32]; + const char expect_384[48]; + const char expect_512[64]; + unsigned char trunc; + } tv[] = + { + { "data-9 key-20", /* Test 1 */ + "Hi There", + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + + { 0x3b, 0x16, 0x54, 0x6b, 0xbc, 0x7b, 0xe2, 0x70, + 0x6a, 0x03, 0x1d, 0xca, 0xfd, 0x56, 0x37, 0x3d, + 0x98, 0x84, 0x36, 0x76, 0x41, 0xd8, 0xc5, 0x9a, + 0xf3, 0xc8, 0x60, 0xf7 }, + { 0xba, 0x85, 0x19, 0x23, 0x10, 0xdf, 0xfa, 0x96, + 0xe2, 0xa3, 0xa4, 0x0e, 0x69, 0x77, 0x43, 0x51, + 0x14, 0x0b, 0xb7, 0x18, 0x5e, 0x12, 0x02, 0xcd, + 0xcc, 0x91, 0x75, 0x89, 0xf9, 0x5e, 0x16, 0xbb }, + { 0x68, 0xd2, 0xdc, 0xf7, 0xfd, 0x4d, 0xdd, 0x0a, + 0x22, 0x40, 0xc8, 0xa4, 0x37, 0x30, 0x5f, 0x61, + 0xfb, 0x73, 0x34, 0xcf, 0xb5, 0xd0, 0x22, 0x6e, + 0x1b, 0xc2, 0x7d, 0xc1, 0x0a, 0x2e, 0x72, 0x3a, + 0x20, 0xd3, 0x70, 0xb4, 0x77, 0x43, 0x13, 0x0e, + 0x26, 0xac, 0x7e, 0x3d, 0x53, 0x28, 0x86, 0xbd }, + { 0xeb, 0x3f, 0xbd, 0x4b, 0x2e, 0xaa, 0xb8, 0xf5, + 0xc5, 0x04, 0xbd, 0x3a, 0x41, 0x46, 0x5a, 0xac, + 0xec, 0x15, 0x77, 0x0a, 0x7c, 0xab, 0xac, 0x53, + 0x1e, 0x48, 0x2f, 0x86, 0x0b, 0x5e, 0xc7, 0xba, + 0x47, 0xcc, 0xb2, 0xc6, 0xf2, 0xaf, 0xce, 0x8f, + 0x88, 0xd2, 0x2b, 0x6d, 0xc6, 0x13, 0x80, 0xf2, + 0x3a, 0x66, 0x8f, 0xd3, 0x88, 0x8b, 0xb8, 0x05, + 0x37, 0xc0, 0xa0, 0xb8, 0x64, 0x07, 0x68, 0x9e } + }, + + { "data-28 key-4", /* Test 2 */ + /* Test with a key shorter than the length of the HMAC output. */ + "what do ya want for nothing?", + "Jefe", + + { 0x7f, 0xdb, 0x8d, 0xd8, 0x8b, 0xd2, 0xf6, 0x0d, + 0x1b, 0x79, 0x86, 0x34, 0xad, 0x38, 0x68, 0x11, + 0xc2, 0xcf, 0xc8, 0x5b, 0xfa, 0xf5, 0xd5, 0x2b, + 0xba, 0xce, 0x5e, 0x66 }, + { 0xc7, 0xd4, 0x07, 0x2e, 0x78, 0x88, 0x77, 0xae, + 0x35, 0x96, 0xbb, 0xb0, 0xda, 0x73, 0xb8, 0x87, + 0xc9, 0x17, 0x1f, 0x93, 0x09, 0x5b, 0x29, 0x4a, + 0xe8, 0x57, 0xfb, 0xe2, 0x64, 0x5e, 0x1b, 0xa5 }, + { 0xf1, 0x10, 0x1f, 0x8c, 0xbf, 0x97, 0x66, 0xfd, + 0x67, 0x64, 0xd2, 0xed, 0x61, 0x90, 0x3f, 0x21, + 0xca, 0x9b, 0x18, 0xf5, 0x7c, 0xf3, 0xe1, 0xa2, + 0x3c, 0xa1, 0x35, 0x08, 0xa9, 0x32, 0x43, 0xce, + 0x48, 0xc0, 0x45, 0xdc, 0x00, 0x7f, 0x26, 0xa2, + 0x1b, 0x3f, 0x5e, 0x0e, 0x9d, 0xf4, 0xc2, 0x0a }, + { 0x5a, 0x4b, 0xfe, 0xab, 0x61, 0x66, 0x42, 0x7c, + 0x7a, 0x36, 0x47, 0xb7, 0x47, 0x29, 0x2b, 0x83, + 0x84, 0x53, 0x7c, 0xdb, 0x89, 0xaf, 0xb3, 0xbf, + 0x56, 0x65, 0xe4, 0xc5, 0xe7, 0x09, 0x35, 0x0b, + 0x28, 0x7b, 0xae, 0xc9, 0x21, 0xfd, 0x7c, 0xa0, + 0xee, 0x7a, 0x0c, 0x31, 0xd0, 0x22, 0xa9, 0x5e, + 0x1f, 0xc9, 0x2b, 0xa9, 0xd7, 0x7d, 0xf8, 0x83, + 0x96, 0x02, 0x75, 0xbe, 0xb4, 0xe6, 0x20, 0x24 } + }, + + { "data-50 key-20", /* Test 3 */ + /* Test with a combined length of key and data that is larger + * than 64 bytes (= block-size of SHA-224 and SHA-256). */ + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + + { 0x67, 0x6c, 0xfc, 0x7d, 0x16, 0x15, 0x36, 0x38, + 0x78, 0x03, 0x90, 0x69, 0x2b, 0xe1, 0x42, 0xd2, + 0xdf, 0x7c, 0xe9, 0x24, 0xb9, 0x09, 0xc0, 0xc0, + 0x8d, 0xbf, 0xdc, 0x1a }, + { 0x84, 0xec, 0x79, 0x12, 0x4a, 0x27, 0x10, 0x78, + 0x65, 0xce, 0xdd, 0x8b, 0xd8, 0x2d, 0xa9, 0x96, + 0x5e, 0x5e, 0xd8, 0xc3, 0x7b, 0x0a, 0xc9, 0x80, + 0x05, 0xa7, 0xf3, 0x9e, 0xd5, 0x8a, 0x42, 0x07 }, + { 0x27, 0x5c, 0xd0, 0xe6, 0x61, 0xbb, 0x8b, 0x15, + 0x1c, 0x64, 0xd2, 0x88, 0xf1, 0xf7, 0x82, 0xfb, + 0x91, 0xa8, 0xab, 0xd5, 0x68, 0x58, 0xd7, 0x2b, + 0xab, 0xb2, 0xd4, 0x76, 0xf0, 0x45, 0x83, 0x73, + 0xb4, 0x1b, 0x6a, 0xb5, 0xbf, 0x17, 0x4b, 0xec, + 0x42, 0x2e, 0x53, 0xfc, 0x31, 0x35, 0xac, 0x6e }, + { 0x30, 0x9e, 0x99, 0xf9, 0xec, 0x07, 0x5e, 0xc6, + 0xc6, 0xd4, 0x75, 0xed, 0xa1, 0x18, 0x06, 0x87, + 0xfc, 0xf1, 0x53, 0x11, 0x95, 0x80, 0x2a, 0x99, + 0xb5, 0x67, 0x74, 0x49, 0xa8, 0x62, 0x51, 0x82, + 0x85, 0x1c, 0xb3, 0x32, 0xaf, 0xb6, 0xa8, 0x9c, + 0x41, 0x13, 0x25, 0xfb, 0xcb, 0xcd, 0x42, 0xaf, + 0xcb, 0x7b, 0x6e, 0x5a, 0xab, 0x7e, 0xa4, 0x2c, + 0x66, 0x0f, 0x97, 0xfd, 0x85, 0x84, 0xbf, 0x03 } + }, + + { "data-50 key-25", /* Test 4 */ + /* Test with a combined length of key and data that is larger + * than 64 bytes (= block-size of SHA-224 and SHA-256). */ + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + + { 0xa9, 0xd7, 0x68, 0x5a, 0x19, 0xc4, 0xe0, 0xdb, + 0xd9, 0xdf, 0x25, 0x56, 0xcc, 0x8a, 0x7d, 0x2a, + 0x77, 0x33, 0xb6, 0x76, 0x25, 0xce, 0x59, 0x4c, + 0x78, 0x27, 0x0e, 0xeb }, + { 0x57, 0x36, 0x6a, 0x45, 0xe2, 0x30, 0x53, 0x21, + 0xa4, 0xbc, 0x5a, 0xa5, 0xfe, 0x2e, 0xf8, 0xa9, + 0x21, 0xf6, 0xaf, 0x82, 0x73, 0xd7, 0xfe, 0x7b, + 0xe6, 0xcf, 0xed, 0xb3, 0xf0, 0xae, 0xa6, 0xd7 }, + { 0x3a, 0x5d, 0x7a, 0x87, 0x97, 0x02, 0xc0, 0x86, + 0xbc, 0x96, 0xd1, 0xdd, 0x8a, 0xa1, 0x5d, 0x9c, + 0x46, 0x44, 0x6b, 0x95, 0x52, 0x13, 0x11, 0xc6, + 0x06, 0xfd, 0xc4, 0xe3, 0x08, 0xf4, 0xb9, 0x84, + 0xda, 0x2d, 0x0f, 0x94, 0x49, 0xb3, 0xba, 0x84, + 0x25, 0xec, 0x7f, 0xb8, 0xc3, 0x1b, 0xc1, 0x36 }, + { 0xb2, 0x7e, 0xab, 0x1d, 0x6e, 0x8d, 0x87, 0x46, + 0x1c, 0x29, 0xf7, 0xf5, 0x73, 0x9d, 0xd5, 0x8e, + 0x98, 0xaa, 0x35, 0xf8, 0xe8, 0x23, 0xad, 0x38, + 0xc5, 0x49, 0x2a, 0x20, 0x88, 0xfa, 0x02, 0x81, + 0x99, 0x3b, 0xbf, 0xff, 0x9a, 0x0e, 0x9c, 0x6b, + 0xf1, 0x21, 0xae, 0x9e, 0xc9, 0xbb, 0x09, 0xd8, + 0x4a, 0x5e, 0xba, 0xc8, 0x17, 0x18, 0x2e, 0xa9, + 0x74, 0x67, 0x3f, 0xb1, 0x33, 0xca, 0x0d, 0x1d } + }, + + { "data-20 key-20 trunc", /* Test 5 */ + /* Test with a truncation of output to 128 bits. */ + "Test With Truncation", + "\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c" + "\x0c\x0c\x0c\x0c", + + { 0x49, 0xfd, 0xd3, 0xab, 0xd0, 0x05, 0xeb, 0xb8, + 0xae, 0x63, 0xfe, 0xa9, 0x46, 0xd1, 0x88, 0x3c }, + { 0x6e, 0x02, 0xc6, 0x45, 0x37, 0xfb, 0x11, 0x80, + 0x57, 0xab, 0xb7, 0xfb, 0x66, 0xa2, 0x3b, 0x3c }, + { 0x47, 0xc5, 0x1a, 0xce, 0x1f, 0xfa, 0xcf, 0xfd, + 0x74, 0x94, 0x72, 0x46, 0x82, 0x61, 0x57, 0x83 }, + { 0x0f, 0xa7, 0x47, 0x59, 0x48, 0xf4, 0x3f, 0x48, + 0xca, 0x05, 0x16, 0x67, 0x1e, 0x18, 0x97, 0x8c }, + 16 + }, + + { "data-54 key-131", /* Test 6 */ + /* Test with a key larger than 128 bytes (= block-size of + * SHA-384 and SHA-512). */ + "Test Using Larger Than Block-Size Key - Hash Key First", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + + { 0xb4, 0xa1, 0xf0, 0x4c, 0x00, 0x28, 0x7a, 0x9b, + 0x7f, 0x60, 0x75, 0xb3, 0x13, 0xd2, 0x79, 0xb8, + 0x33, 0xbc, 0x8f, 0x75, 0x12, 0x43, 0x52, 0xd0, + 0x5f, 0xb9, 0x99, 0x5f }, + { 0xed, 0x73, 0xa3, 0x74, 0xb9, 0x6c, 0x00, 0x52, + 0x35, 0xf9, 0x48, 0x03, 0x2f, 0x09, 0x67, 0x4a, + 0x58, 0xc0, 0xce, 0x55, 0x5c, 0xfc, 0x1f, 0x22, + 0x3b, 0x02, 0x35, 0x65, 0x60, 0x31, 0x2c, 0x3b }, + { 0x0f, 0xc1, 0x95, 0x13, 0xbf, 0x6b, 0xd8, 0x78, + 0x03, 0x70, 0x16, 0x70, 0x6a, 0x0e, 0x57, 0xbc, + 0x52, 0x81, 0x39, 0x83, 0x6b, 0x9a, 0x42, 0xc3, + 0xd4, 0x19, 0xe4, 0x98, 0xe0, 0xe1, 0xfb, 0x96, + 0x16, 0xfd, 0x66, 0x91, 0x38, 0xd3, 0x3a, 0x11, + 0x05, 0xe0, 0x7c, 0x72, 0xb6, 0x95, 0x3b, 0xcc }, + { 0x00, 0xf7, 0x51, 0xa9, 0xe5, 0x06, 0x95, 0xb0, + 0x90, 0xed, 0x69, 0x11, 0xa4, 0xb6, 0x55, 0x24, + 0x95, 0x1c, 0xdc, 0x15, 0xa7, 0x3a, 0x5d, 0x58, + 0xbb, 0x55, 0x21, 0x5e, 0xa2, 0xcd, 0x83, 0x9a, + 0xc7, 0x9d, 0x2b, 0x44, 0xa3, 0x9b, 0xaf, 0xab, + 0x27, 0xe8, 0x3f, 0xde, 0x9e, 0x11, 0xf6, 0x34, + 0x0b, 0x11, 0xd9, 0x91, 0xb1, 0xb9, 0x1b, 0xf2, + 0xee, 0xe7, 0xfc, 0x87, 0x24, 0x26, 0xc3, 0xa4 } + }, + + { "data-54 key-147", /* Test 6a */ + /* Test with a key larger than 144 bytes (= block-size of + * SHA3-224). */ + "Test Using Larger Than Block-Size Key - Hash Key First", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + + { 0xb9, 0x6d, 0x73, 0x0c, 0x14, 0x8c, 0x2d, 0xaa, + 0xd8, 0x64, 0x9d, 0x83, 0xde, 0xfa, 0xa3, 0x71, + 0x97, 0x38, 0xd3, 0x47, 0x75, 0x39, 0x7b, 0x75, + 0x71, 0xc3, 0x85, 0x15 }, + { 0xa6, 0x07, 0x2f, 0x86, 0xde, 0x52, 0xb3, 0x8b, + 0xb3, 0x49, 0xfe, 0x84, 0xcd, 0x6d, 0x97, 0xfb, + 0x6a, 0x37, 0xc4, 0xc0, 0xf6, 0x2a, 0xae, 0x93, + 0x98, 0x11, 0x93, 0xa7, 0x22, 0x9d, 0x34, 0x67 }, + { 0x71, 0x3d, 0xff, 0x03, 0x02, 0xc8, 0x50, 0x86, + 0xec, 0x5a, 0xd0, 0x76, 0x8d, 0xd6, 0x5a, 0x13, + 0xdd, 0xd7, 0x90, 0x68, 0xd8, 0xd4, 0xc6, 0x21, + 0x2b, 0x71, 0x2e, 0x41, 0x64, 0x94, 0x49, 0x11, + 0x14, 0x80, 0x23, 0x00, 0x44, 0x18, 0x5a, 0x99, + 0x10, 0x3e, 0xd8, 0x20, 0x04, 0xdd, 0xbf, 0xcc }, + { 0xb1, 0x48, 0x35, 0xc8, 0x19, 0xa2, 0x90, 0xef, + 0xb0, 0x10, 0xac, 0xe6, 0xd8, 0x56, 0x8d, 0xc6, + 0xb8, 0x4d, 0xe6, 0x0b, 0xc4, 0x9b, 0x00, 0x4c, + 0x3b, 0x13, 0xed, 0xa7, 0x63, 0x58, 0x94, 0x51, + 0xe5, 0xdd, 0x74, 0x29, 0x28, 0x84, 0xd1, 0xbd, + 0xce, 0x64, 0xe6, 0xb9, 0x19, 0xdd, 0x61, 0xdc, + 0x9c, 0x56, 0xa2, 0x82, 0xa8, 0x1c, 0x0b, 0xd1, + 0x4f, 0x1f, 0x36, 0x5b, 0x49, 0xb8, 0x3a, 0x5b } + }, + + { "data-152 key-131", /* Test 7 */ + /* Test with a key and data that is larger than 128 bytes (= + * block-size of SHA-384 and SHA-512). */ + "This is a test using a larger than block-size key and a larger " + "than block-size data. The key needs to be hashed before being " + "used by the HMAC algorithm.", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + + { 0x05, 0xd8, 0xcd, 0x6d, 0x00, 0xfa, 0xea, 0x8d, + 0x1e, 0xb6, 0x8a, 0xde, 0x28, 0x73, 0x0b, 0xbd, + 0x3c, 0xba, 0xb6, 0x92, 0x9f, 0x0a, 0x08, 0x6b, + 0x29, 0xcd, 0x62, 0xa0 }, + { 0x65, 0xc5, 0xb0, 0x6d, 0x4c, 0x3d, 0xe3, 0x2a, + 0x7a, 0xef, 0x87, 0x63, 0x26, 0x1e, 0x49, 0xad, + 0xb6, 0xe2, 0x29, 0x3e, 0xc8, 0xe7, 0xc6, 0x1e, + 0x8d, 0xe6, 0x17, 0x01, 0xfc, 0x63, 0xe1, 0x23 }, + { 0x02, 0x6f, 0xdf, 0x6b, 0x50, 0x74, 0x1e, 0x37, + 0x38, 0x99, 0xc9, 0xf7, 0xd5, 0x40, 0x6d, 0x4e, + 0xb0, 0x9f, 0xc6, 0x66, 0x56, 0x36, 0xfc, 0x1a, + 0x53, 0x00, 0x29, 0xdd, 0xf5, 0xcf, 0x3c, 0xa5, + 0xa9, 0x00, 0xed, 0xce, 0x01, 0xf5, 0xf6, 0x1e, + 0x2f, 0x40, 0x8c, 0xdf, 0x2f, 0xd3, 0xe7, 0xe8 }, + { 0x38, 0xa4, 0x56, 0xa0, 0x04, 0xbd, 0x10, 0xd3, + 0x2c, 0x9a, 0xb8, 0x33, 0x66, 0x84, 0x11, 0x28, + 0x62, 0xc3, 0xdb, 0x61, 0xad, 0xcc, 0xa3, 0x18, + 0x29, 0x35, 0x5e, 0xaf, 0x46, 0xfd, 0x5c, 0x73, + 0xd0, 0x6a, 0x1f, 0x0d, 0x13, 0xfe, 0xc9, 0xa6, + 0x52, 0xfb, 0x38, 0x11, 0xb5, 0x77, 0xb1, 0xb1, + 0xd1, 0xb9, 0x78, 0x9f, 0x97, 0xae, 0x5b, 0x83, + 0xc6, 0xf4, 0x4d, 0xfc, 0xf1, 0xd6, 0x7e, 0xba } + }, + + { "data-152 key-147", /* Test 7a */ + /* Test with a key larger than 144 bytes (= block-size of + * SHA3-224). */ + "This is a test using a larger than block-size key and a larger " + "than block-size data. The key needs to be hashed before being " + "used by the HMAC algorithm.", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + + { 0xc7, 0x9c, 0x9b, 0x09, 0x34, 0x24, 0xe5, 0x88, + 0xa9, 0x87, 0x8b, 0xbc, 0xb0, 0x89, 0xe0, 0x18, + 0x27, 0x00, 0x96, 0xe9, 0xb4, 0xb1, 0xa9, 0xe8, + 0x22, 0x0c, 0x86, 0x6a }, + { 0xe6, 0xa3, 0x6d, 0x9b, 0x91, 0x5f, 0x86, 0xa0, + 0x93, 0xca, 0xc7, 0xd1, 0x10, 0xe9, 0xe0, 0x4c, + 0xf1, 0xd6, 0x10, 0x0d, 0x30, 0x47, 0x55, 0x09, + 0xc2, 0x47, 0x5f, 0x57, 0x1b, 0x75, 0x8b, 0x5a }, + { 0xca, 0xd1, 0x8a, 0x8f, 0xf6, 0xc4, 0xcc, 0x3a, + 0xd4, 0x87, 0xb9, 0x5f, 0x97, 0x69, 0xe9, 0xb6, + 0x1c, 0x06, 0x2a, 0xef, 0xd6, 0x95, 0x25, 0x69, + 0xe6, 0xe6, 0x42, 0x18, 0x97, 0x05, 0x4c, 0xfc, + 0x70, 0xb5, 0xfd, 0xc6, 0x60, 0x5c, 0x18, 0x45, + 0x71, 0x12, 0xfc, 0x6a, 0xaa, 0xd4, 0x55, 0x85 }, + { 0xdc, 0x03, 0x0e, 0xe7, 0x88, 0x70, 0x34, 0xf3, + 0x2c, 0xf4, 0x02, 0xdf, 0x34, 0x62, 0x2f, 0x31, + 0x1f, 0x3e, 0x6c, 0xf0, 0x48, 0x60, 0xc6, 0xbb, + 0xd7, 0xfa, 0x48, 0x86, 0x74, 0x78, 0x2b, 0x46, + 0x59, 0xfd, 0xbd, 0xf3, 0xfd, 0x87, 0x78, 0x52, + 0x88, 0x5c, 0xfe, 0x6e, 0x22, 0x18, 0x5f, 0xe7, + 0xb2, 0xee, 0x95, 0x20, 0x43, 0x62, 0x9b, 0xc9, + 0xd5, 0xf3, 0x29, 0x8a, 0x41, 0xd0, 0x2c, 0x66 } + }/*,*/ + + /* Our API does not allow to specify a bit count and thus we + * can't use the following test. */ + /* { "data-5bit key-4", /\* Test 8 *\/ */ + /* /\* Test with data bit size no multiple of 8, the data bits are */ + /* * '11001' from the NIST example using SHA-3 order (= 5 bits */ + /* * from LSB hex byte 13 or 5 bits from MSB hex byte c8). *\/ */ + /* "\xc8", */ + /* "Jefe", */ + + /* { 0x5f, 0x8c, 0x0e, 0xa7, 0xfa, 0xfe, 0xcd, 0x0c, */ + /* 0x34, 0x63, 0xaa, 0xd0, 0x97, 0x42, 0xce, 0xce, */ + /* 0xb1, 0x42, 0xfe, 0x0a, 0xb6, 0xf4, 0x53, 0x94, */ + /* 0x38, 0xc5, 0x9d, 0xe8 }, */ + /* { 0xec, 0x82, 0x22, 0x77, 0x3f, 0xac, 0x68, 0xb3, */ + /* 0xd3, 0xdc, 0xb1, 0x82, 0xae, 0xc8, 0xb0, 0x50, */ + /* 0x7a, 0xce, 0x44, 0x48, 0xd2, 0x0a, 0x11, 0x47, */ + /* 0xe6, 0x82, 0x11, 0x8d, 0xa4, 0xe3, 0xf4, 0x4c }, */ + /* { 0x21, 0xfb, 0xd3, 0xbf, 0x3e, 0xbb, 0xa3, 0xcf, */ + /* 0xc9, 0xef, 0x64, 0xc0, 0x59, 0x1c, 0x92, 0xc5, */ + /* 0xac, 0xb2, 0x65, 0xe9, 0x2d, 0x87, 0x61, 0xd1, */ + /* 0xf9, 0x1a, 0x52, 0xa1, 0x03, 0xa6, 0xc7, 0x96, */ + /* 0x94, 0xcf, 0xd6, 0x7a, 0x9a, 0x2a, 0xc1, 0x32, */ + /* 0x4f, 0x02, 0xfe, 0xa6, 0x3b, 0x81, 0xef, 0xfc }, */ + /* { 0x27, 0xf9, 0x38, 0x8c, 0x15, 0x67, 0xef, 0x4e, */ + /* 0xf2, 0x00, 0x60, 0x2a, 0x6c, 0xf8, 0x71, 0xd6, */ + /* 0x8a, 0x6f, 0xb0, 0x48, 0xd4, 0x73, 0x7a, 0xc4, */ + /* 0x41, 0x8a, 0x2f, 0x02, 0x12, 0x89, 0xd1, 0x3d, */ + /* 0x1f, 0xd1, 0x12, 0x0f, 0xec, 0xb9, 0xcf, 0x96, */ + /* 0x4c, 0x5b, 0x11, 0x7a, 0xb5, 0xb1, 0x1c, 0x61, */ + /* 0x4b, 0x2d, 0xa3, 0x9d, 0xad, 0xd5, 0x1f, 0x2f, */ + /* 0x5e, 0x22, 0xaa, 0xcc, 0xec, 0x7d, 0x57, 0x6e } */ + /* } */ + + }; + const char *what; + const char *errtxt; + int tvidx; + const char *expect; + int nexpect; + + for (tvidx=0; tvidx < DIM(tv); tvidx++) + { + what = tv[tvidx].desc; + if (hashalgo == GCRY_MD_SHA3_224) + { + expect = tv[tvidx].expect_224; + nexpect = DIM (tv[tvidx].expect_224); + } + else if (hashalgo == GCRY_MD_SHA3_256) + { + expect = tv[tvidx].expect_256; + nexpect = DIM (tv[tvidx].expect_256); + } + else if (hashalgo == GCRY_MD_SHA3_384) + { + expect = tv[tvidx].expect_384; + nexpect = DIM (tv[tvidx].expect_384); + } + else if (hashalgo == GCRY_MD_SHA3_512) + { + expect = tv[tvidx].expect_512; + nexpect = DIM (tv[tvidx].expect_512); + } + else + BUG(); + + if (tv[tvidx].trunc && tv[tvidx].trunc < nexpect) + nexpect = tv[tvidx].trunc; + + errtxt = check_one (hashalgo, + tv[tvidx].data, strlen (tv[tvidx].data), + tv[tvidx].key, strlen (tv[tvidx].key), + expect, nexpect, !!tv[tvidx].trunc); + if (errtxt) + goto failed; + if (!extended) + break; + } + + return 0; /* Succeeded. */ + + failed: + if (report) + report ("hmac", hashalgo, what, errtxt); + return GPG_ERR_SELFTEST_FAILED; +} + + /* Run a full self-test for ALGO and return 0 on success. */ static gpg_err_code_t run_selftests (int algo, int extended, selftest_report_func_t report) @@ -706,10 +1126,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report) case GCRY_MD_SHA3_256: case GCRY_MD_SHA3_384: case GCRY_MD_SHA3_512: - ec = 0; /* FIXME: Add selftests. */ -#if defined(__GNUC__) && defined(IS_DEVELOPMENT_VERSION) -# warning Please add self test functions for HMAC-SHA3 -#endif + ec = selftests_sha3 (algo, extended, report); break; default: ----------------------------------------------------------------------- Summary of changes: cipher/hmac-tests.c | 455 +++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 436 insertions(+), 19 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Tue Jul 18 16:32:49 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 18 Jul 2017 16:32:49 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-126-g2c90586 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 2c905868abdfecad1442712346ed1a950faed3d7 (commit) via 850aca744eeda5fd410f478a0778e353045ac962 (commit) via ffb66ff0f9af0f5caccfbe355684821e2a3861e7 (commit) from 95194c550443e8d5558856633f920daec8a975c4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2c905868abdfecad1442712346ed1a950faed3d7 Author: Werner Koch Date: Tue Jul 18 16:27:13 2017 +0200 Post release updates -- diff --git a/NEWS b/NEWS index 66e3b62..5460bae 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.8.1 (unreleased) [C22/A2/R_] +------------------------------------------------ + + Noteworthy changes in version 1.8.0 (2017-07-18) [C22/A2/R0] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index bbe8104..27faa7f 100644 --- a/configure.ac +++ b/configure.ac @@ -30,7 +30,7 @@ min_automake_version="1.14" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [8]) -m4_define(mym4_version_micro, [0]) +m4_define(mym4_version_micro, [1]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit 850aca744eeda5fd410f478a0778e353045ac962 Author: Werner Koch Date: Tue Jul 18 16:13:18 2017 +0200 Release 1.8.0 Signed-off-by: Werner Koch diff --git a/AUTHORS b/AUTHORS index c1e813d..0d1da12 100644 --- a/AUTHORS +++ b/AUTHORS @@ -21,7 +21,7 @@ year that would otherwise be listed individually. List of Copyright holders ========================= - Copyright (C) 1989,1991-2016 Free Software Foundation, Inc. + Copyright (C) 1989,1991-2017 Free Software Foundation, Inc. Copyright (C) 1994 X Consortium Copyright (C) 1996 L. Peter Deutsch Copyright (C) 1997 Werner Koch @@ -34,7 +34,7 @@ List of Copyright holders Copyright (C) 2012 Simon Josefsson, Niels M??ller Copyright (c) 2012 Intel Corporation Copyright (C) 2013 Christian Grothoff - Copyright (C) 2013-2016 Jussi Kivilinna + Copyright (C) 2013-2017 Jussi Kivilinna Copyright (C) 2013-2014 Dmitry Eremin-Solenikov Copyright (C) 2014 Stephan Mueller Copyright (C) 2017 Bundesamt f??r Sicherheit in der Informationstechnik diff --git a/NEWS b/NEWS index 17c9a42..66e3b62 100644 --- a/NEWS +++ b/NEWS @@ -1,17 +1,36 @@ -Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] +Noteworthy changes in version 1.8.0 (2017-07-18) [C22/A2/R0] ------------------------------------------------ * New interfaces: + - New cipher mode XTS + + - New hash function Blake-2 + + - New function gcry_mpi_point_copy. + + - New function gcry_get_config. + - GCRYCTL_REINIT_SYSCALL_CLAMP allows to init nPth after Libgcrypt. + - New gobal configuration file /etc/gcrypt/random.conf. + * Extended interfaces: - GCRYCTL_PRINT_CONFIG does now also print build information for libgpg-error and the used compiler version. + - GCRY_CIPHER_MODE_CFB8 is now supported. + + - Add Stribog OIDs. [also in 1.7.4] + * Performance: + - A jitter based entropy collector is now used in addition to the + other entropy collectors. + + - Optimized gcry_md_hash_buffers for SHA-256 and SHA-512. + - More ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1. [also in 1.7.4] @@ -21,8 +40,6 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] - Add bulk processing implementation for ARMv8/AArch32. [also in 1.7.4] - - Add Stribog OIDs. [also in 1.7.4] - - Improve the DRBG performance and sync the code with the Linux version. [also in 1.7.4] @@ -67,15 +84,22 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] dubbed "Sliding right into disaster". For details see . [CVE-2017-7526] [also in 1.7.8] - * Interface changes relative to the 1.7.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - GCRYCTL_REINIT_SYSCALL_CLAMP NEW macro. gcry_get_config NEW function. gcry_mpi_point_copy NEW function. + GCRYCTL_REINIT_SYSCALL_CLAMP NEW macro. + GCRY_MD_BLAKE2B_512 NEW constant. + GCRY_MD_BLAKE2B_384 NEW constant. + GCRY_MD_BLAKE2B_256 NEW constant. + GCRY_MD_BLAKE2B_160 NEW constant. + GCRY_MD_BLAKE2S_256 NEW constant. + GCRY_MD_BLAKE2S_224 NEW constant. + GCRY_MD_BLAKE2S_160 NEW constant. + GCRY_MD_BLAKE2S_128 NEW constant. + GCRY_CIPHER_MODE_XTS NEW constant. gcry_md_info DEPRECATED. - * Release dates of 1.7.x versions: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Version 1.7.8 (2017-06-29) [C21/A1/R8] diff --git a/README b/README index 1148a24..c14181a 100644 --- a/README +++ b/README @@ -2,9 +2,9 @@ ------------------------------------ Version 1.7 - Copyright (C) 1989,1991-2016 Free Software Foundation, Inc. - Copyright (C) 2012-2016 g10 Code GmbH - Copyright (C) 2013-2016 Jussi Kivilinna + Copyright (C) 1989,1991-2017 Free Software Foundation, Inc. + Copyright (C) 2012-2017 g10 Code GmbH + Copyright (C) 2013-2017 Jussi Kivilinna Libgcrypt is free software. See the file AUTHORS for full copying notices, and LICENSES for notices about contributions that require diff --git a/compat/compat.c b/compat/compat.c index 96b3e2e..b835293 100644 --- a/compat/compat.c +++ b/compat/compat.c @@ -30,9 +30,9 @@ _gcry_compat_identification (void) static const char blurb[] = "\n\n" "This is Libgcrypt " PACKAGE_VERSION " - The GNU Crypto Library\n" - "Copyright (C) 2000-2016 Free Software Foundation, Inc.\n" - "Copyright (C) 2012-2016 g10 Code GmbH\n" - "Copyright (C) 2013-2016 Jussi Kivilinna\n" + "Copyright (C) 2000-2017 Free Software Foundation, Inc.\n" + "Copyright (C) 2012-2017 g10 Code GmbH\n" + "Copyright (C) 2013-2017 Jussi Kivilinna\n" "\n" "(" BUILD_REVISION " " BUILD_TIMESTAMP ")\n" "\n\n"; diff --git a/configure.ac b/configure.ac index d4e78cd..bbe8104 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # Configure.ac script for Libgcrypt # Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006, # 2007, 2008, 2009, 2011 Free Software Foundation, Inc. -# Copyright (C) 2012, 2013, 2014, 2015, 2016 g10 Code GmbH +# Copyright (C) 2012-2017 g10 Code GmbH # # This file is part of Libgcrypt. # @@ -51,7 +51,6 @@ m4_define([mym4_full_version],[mym4_version[]mym4_betastring]) AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # LT Version numbers, remember to change them just *before* a release. -# !!!NOTE: Already updated for 1.8.0 !! # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 649332b..2bf23a5 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -14,7 +14,7 @@ which is GNU's library of cryptographic building blocks. @noindent Copyright @copyright{} 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011, 2012 Free Software Foundation, Inc. @* -Copyright @copyright{} 2012, 2013, 2016 g10 Code GmbH +Copyright @copyright{} 2012, 2013, 2016, 2017 g10 Code GmbH @quotation Permission is granted to copy, distribute and/or modify this document diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 68c1f9e..89b1303 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1,6 +1,6 @@ /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- - * Copyright (C) 1998-2016 Free Software Foundation, Inc. - * Copyright (C) 2012-2016 g10 Code GmbH + * Copyright (C) 1998-2017 Free Software Foundation, Inc. + * Copyright (C) 2012-2017 g10 Code GmbH * * This file is part of Libgcrypt. * diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in index 1adb4e9..b85d494 100644 --- a/src/versioninfo.rc.in +++ b/src/versioninfo.rc.in @@ -39,7 +39,7 @@ BEGIN VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT at .@LIBGCRYPT_LT_AGE at .@LIBGCRYPT_LT_REVISION at .@BUILD_REVISION@\0" VALUE "InternalName", "libgcrypt\0" - VALUE "LegalCopyright", "Copyright ? 2016 Free Software Foundation, Inc.\0" + VALUE "LegalCopyright", "Copyright ? 2017 Free Software Foundation, Inc.\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libgcrypt.dll\0" VALUE "PrivateBuild", "\0" commit ffb66ff0f9af0f5caccfbe355684821e2a3861e7 Author: Werner Koch Date: Tue Jul 18 14:57:36 2017 +0200 build: Remove the configure run notice on EGD. -- Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index 9aa89c7..d4e78cd 100644 --- a/configure.ac +++ b/configure.ac @@ -213,7 +213,6 @@ auto_random_modules="$available_random_modules" LIBGCRYPT_THREAD_MODULES="" # Other definitions. -print_egd_notice=no have_w32_system=no have_w32ce_system=no have_pthread=no @@ -2473,7 +2472,6 @@ LIST_MEMBER(unix, $random_modules) if test "$found" = "1" ; then GCRYPT_RANDOM="$GCRYPT_RANDOM rndunix.lo" AC_DEFINE(USE_RNDUNIX, 1, [Defined if the default Unix RNG should be used.]) - print_egd_notice=yes fi LIST_MEMBER(egd, $random_modules) @@ -2655,23 +2653,6 @@ cat < This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 1d8e4c2c3a7d0a4154caf5bd720a9a0b04179390 (commit) from 2c905868abdfecad1442712346ed1a950faed3d7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1d8e4c2c3a7d0a4154caf5bd720a9a0b04179390 Author: NIIBE Yutaka Date: Wed Jul 19 14:28:14 2017 +0900 Remove byte order mark. * random/jitterentropy-base.c, random/jitterentropy.h: Remove byte order mark. Signed-off-by: NIIBE Yutaka diff --git a/random/jitterentropy-base.c b/random/jitterentropy-base.c index 4f3de10..dc907b2 100644 --- a/random/jitterentropy-base.c +++ b/random/jitterentropy-base.c @@ -1,4 +1,4 @@ -?/* +/* * Non-physical true random number generator based on timing jitter. * * Copyright Stephan Mueller , 2014 - 2017 diff --git a/random/jitterentropy.h b/random/jitterentropy.h index 28859f5..3b7d14a 100644 --- a/random/jitterentropy.h +++ b/random/jitterentropy.h @@ -1,4 +1,4 @@ -?/* +/* * Non-physical true random number generator based on timing jitter. * * Copyright Stephan Mueller , 2014 ----------------------------------------------------------------------- Summary of changes: random/jitterentropy-base.c | 2 +- random/jitterentropy.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Thu Jul 20 10:54:14 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 20 Jul 2017 10:54:14 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.0-3-g9347809 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 93478098dce6a123ffb511767861b09255a3f784 (commit) from 1d8e4c2c3a7d0a4154caf5bd720a9a0b04179390 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 93478098dce6a123ffb511767861b09255a3f784 Author: Werner Koch Date: Thu Jul 20 10:49:24 2017 +0200 doc: Typo fix. -- diff --git a/NEWS b/NEWS index 5460bae..4ca8bc2 100644 --- a/NEWS +++ b/NEWS @@ -17,7 +17,7 @@ Noteworthy changes in version 1.8.0 (2017-07-18) [C22/A2/R0] - GCRYCTL_REINIT_SYSCALL_CLAMP allows to init nPth after Libgcrypt. - - New gobal configuration file /etc/gcrypt/random.conf. + - New global configuration file /etc/gcrypt/random.conf. * Extended interfaces: ----------------------------------------------------------------------- Summary of changes: NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From ametzler at bebt.de Thu Jul 20 18:12:20 2017 From: ametzler at bebt.de (Andreas Metzler) Date: Thu, 20 Jul 2017 18:12:20 +0200 Subject: 1.8.0 testsuite error on PowerPC* Message-ID: <20170720161220.zsj4qvxhkijxj2r2@argenau.bebt.de> Hello, on many (all?) PowerPC variants gcrypt 1.8.0 FTBFS with t-secmem: allocation did not fail as expected It is not specific to endianness: https://buildd.debian.org/status/package.php?p=libgcrypt20&suite=experimental cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -------------- next part -------------- t-secmem: allocation did not fail as expected secmem usage: 512/65536 bytes in 1 blocks secmem usage: 20992/65536 bytes in 41 blocks secmem usage: 41472/65536 bytes in 81 blocks secmem usage: 61952/65536 bytes in 121 blocks Warning: using insecure memory! SECMEM: pool 0 used block 0 size 512 SECMEM: pool 0 used block 1 size 512 SECMEM: pool 0 used block 2 size 512 SECMEM: pool 0 used block 3 size 512 SECMEM: pool 0 used block 4 size 512 SECMEM: pool 0 used block 5 size 512 SECMEM: pool 0 used block 6 size 512 SECMEM: pool 0 used block 7 size 512 SECMEM: pool 0 used block 8 size 512 SECMEM: pool 0 used block 9 size 512 SECMEM: pool 0 used block 10 size 512 SECMEM: pool 0 used block 11 size 512 SECMEM: pool 0 used block 12 size 512 SECMEM: pool 0 used block 13 size 512 SECMEM: pool 0 used block 14 size 512 SECMEM: pool 0 used block 15 size 512 SECMEM: pool 0 used block 16 size 512 SECMEM: pool 0 used block 17 size 512 SECMEM: pool 0 used block 18 size 512 SECMEM: pool 0 used block 19 size 512 SECMEM: pool 0 used block 20 size 512 SECMEM: pool 0 used block 21 size 512 SECMEM: pool 0 used block 22 size 512 SECMEM: pool 0 used block 23 size 512 SECMEM: pool 0 used block 24 size 512 SECMEM: pool 0 used block 25 size 512 SECMEM: pool 0 used block 26 size 512 SECMEM: pool 0 used block 27 size 512 SECMEM: pool 0 used block 28 size 512 SECMEM: pool 0 used block 29 size 512 SECMEM: pool 0 used block 30 size 512 SECMEM: pool 0 used block 31 size 512 SECMEM: pool 0 used block 32 size 512 SECMEM: pool 0 used block 33 size 512 SECMEM: pool 0 used block 34 size 512 SECMEM: pool 0 used block 35 size 512 SECMEM: pool 0 used block 36 size 512 SECMEM: pool 0 used block 37 size 512 SECMEM: pool 0 used block 38 size 512 SECMEM: pool 0 used block 39 size 512 SECMEM: pool 0 used block 40 size 512 SECMEM: pool 0 used block 41 size 512 SECMEM: pool 0 used block 42 size 512 SECMEM: pool 0 used block 43 size 512 SECMEM: pool 0 used block 44 size 512 SECMEM: pool 0 used block 45 size 512 SECMEM: pool 0 used block 46 size 512 SECMEM: pool 0 used block 47 size 512 SECMEM: pool 0 used block 48 size 512 SECMEM: pool 0 used block 49 size 512 SECMEM: pool 0 used block 50 size 512 SECMEM: pool 0 used block 51 size 512 SECMEM: pool 0 used block 52 size 512 SECMEM: pool 0 used block 53 size 512 SECMEM: pool 0 used block 54 size 512 SECMEM: pool 0 used block 55 size 512 SECMEM: pool 0 used block 56 size 512 SECMEM: pool 0 used block 57 size 512 SECMEM: pool 0 used block 58 size 512 SECMEM: pool 0 used block 59 size 512 SECMEM: pool 0 used block 60 size 512 SECMEM: pool 0 used block 61 size 512 SECMEM: pool 0 used block 62 size 512 SECMEM: pool 0 used block 63 size 512 SECMEM: pool 0 used block 64 size 512 SECMEM: pool 0 used block 65 size 512 SECMEM: pool 0 used block 66 size 512 SECMEM: pool 0 used block 67 size 512 SECMEM: pool 0 used block 68 size 512 SECMEM: pool 0 used block 69 size 512 SECMEM: pool 0 used block 70 size 512 SECMEM: pool 0 used block 71 size 512 SECMEM: pool 0 used block 72 size 512 SECMEM: pool 0 used block 73 size 512 SECMEM: pool 0 used block 74 size 512 SECMEM: pool 0 used block 75 size 512 SECMEM: pool 0 used block 76 size 512 SECMEM: pool 0 used block 77 size 512 SECMEM: pool 0 used block 78 size 512 SECMEM: pool 0 used block 79 size 512 SECMEM: pool 0 used block 80 size 512 SECMEM: pool 0 used block 81 size 512 SECMEM: pool 0 used block 82 size 512 SECMEM: pool 0 used block 83 size 512 SECMEM: pool 0 used block 84 size 512 SECMEM: pool 0 used block 85 size 512 SECMEM: pool 0 used block 86 size 512 SECMEM: pool 0 used block 87 size 512 SECMEM: pool 0 used block 88 size 512 SECMEM: pool 0 used block 89 size 512 SECMEM: pool 0 used block 90 size 512 SECMEM: pool 0 used block 91 size 512 SECMEM: pool 0 used block 92 size 512 SECMEM: pool 0 used block 93 size 512 SECMEM: pool 0 used block 94 size 512 SECMEM: pool 0 used block 95 size 512 SECMEM: pool 0 used block 96 size 512 SECMEM: pool 0 used block 97 size 512 SECMEM: pool 0 used block 98 size 512 SECMEM: pool 0 used block 99 size 512 SECMEM: pool 0 used block 100 size 512 SECMEM: pool 0 used block 101 size 512 SECMEM: pool 0 used block 102 size 512 SECMEM: pool 0 used block 103 size 512 SECMEM: pool 0 used block 104 size 512 SECMEM: pool 0 used block 105 size 512 SECMEM: pool 0 used block 106 size 512 SECMEM: pool 0 used block 107 size 512 SECMEM: pool 0 used block 108 size 512 SECMEM: pool 0 used block 109 size 512 SECMEM: pool 0 used block 110 size 512 SECMEM: pool 0 used block 111 size 512 SECMEM: pool 0 used block 112 size 512 SECMEM: pool 0 used block 113 size 512 SECMEM: pool 0 used block 114 size 512 SECMEM: pool 0 used block 115 size 512 SECMEM: pool 0 used block 116 size 512 SECMEM: pool 0 used block 117 size 512 SECMEM: pool 0 used block 118 size 512 SECMEM: pool 0 used block 119 size 512 SECMEM: pool 0 used block 120 size 512 SECMEM: pool 0 used block 121 size 512 SECMEM: pool 0 used block 122 size 512 SECMEM: pool 0 used block 123 size 512 SECMEM: pool 0 used block 124 size 512 SECMEM: pool 0 used block 125 size 512 SECMEM: pool 0 free block 126 size 8 SECMEM: pool 1 used block 0 size 512 SECMEM: pool 1 used block 1 size 512 SECMEM: pool 1 used block 2 size 512 SECMEM: pool 1 used block 3 size 512 SECMEM: pool 1 used block 4 size 512 SECMEM: pool 1 used block 5 size 512 SECMEM: pool 1 used block 6 size 512 SECMEM: pool 1 used block 7 size 512 SECMEM: pool 1 used block 8 size 512 SECMEM: pool 1 used block 9 size 512 SECMEM: pool 1 used block 10 size 512 SECMEM: pool 1 used block 11 size 512 SECMEM: pool 1 used block 12 size 512 SECMEM: pool 1 used block 13 size 512 SECMEM: pool 1 used block 14 size 512 SECMEM: pool 1 used block 15 size 512 SECMEM: pool 1 used block 16 size 512 SECMEM: pool 1 used block 17 size 512 SECMEM: pool 1 used block 18 size 512 SECMEM: pool 1 used block 19 size 512 SECMEM: pool 1 used block 20 size 512 SECMEM: pool 1 used block 21 size 512 SECMEM: pool 1 used block 22 size 512 SECMEM: pool 1 used block 23 size 512 SECMEM: pool 1 free block 24 size 20280 secmem usage: 64512/65536 bytes in 126 blocks 12288/32768 bytes in 24 blocks SECMEM: pool 0 free block 0 size 65528 SECMEM: pool 1 free block 0 size 32760 secmem usage: 0/65536 bytes in 0 blocks 0/32768 bytes in 0 blocks t-secmem: All tests completed. Errors: 1 From gniibe at fsij.org Fri Jul 21 07:53:53 2017 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 21 Jul 2017 14:53:53 +0900 Subject: 1.8.0 testsuite error on PowerPC* In-Reply-To: <20170720161220.zsj4qvxhkijxj2r2@argenau.bebt.de> References: <20170720161220.zsj4qvxhkijxj2r2@argenau.bebt.de> Message-ID: <87efta1gjy.fsf@iwagami.gniibe.org> Andreas Metzler wrote: > on many (all?) PowerPC variants gcrypt 1.8.0 FTBFS with > t-secmem: allocation did not fail as expected I think that this is due to the page size of PowerPC. Is it larger than 16K? The test program should be modified for this case. -- From ametzler at bebt.de Fri Jul 21 19:28:54 2017 From: ametzler at bebt.de (Andreas Metzler) Date: Fri, 21 Jul 2017 19:28:54 +0200 Subject: 1.8.0 testsuite error on PowerPC* In-Reply-To: <87efta1gjy.fsf@iwagami.gniibe.org> References: <20170720161220.zsj4qvxhkijxj2r2@argenau.bebt.de> <87efta1gjy.fsf@iwagami.gniibe.org> Message-ID: <20170721172854.bhpy3onzhsrkybsc@argenau.bebt.de> On 2017-07-21 NIIBE Yutaka wrote: > Andreas Metzler wrote: >> on many (all?) PowerPC variants gcrypt 1.8.0 FTBFS with > > t-secmem: allocation did not fail as expected > I think that this is due to the page size of PowerPC. > Is it larger than 16K? [...] Indeed it is: ametzler at partch:~$ getconf PAGESIZE 65536 cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From zerbey at gmail.com Sat Jul 22 16:47:58 2017 From: zerbey at gmail.com (Chris Horry) Date: Sat, 22 Jul 2017 10:47:58 -0400 Subject: Compile errors for 1.8.0 on ARM processors Message-ID: Hello Team, I'm compiling 1.8.0 on an ARM system (armv7l, Raspberry Pi 3) and receiving the following error: make[2]: Entering directory '/usr/local/src/gnupg/libgcrypt-1.8.0/cipher' /bin/bash ../libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -Wa,--noexecstack -g -O2 -MT rijndael-armv8-aarch32-ce.lo -MD -MP -MF .deps/rijndael-armv8-aarch32-ce.Tpo -c -o rijndael-armv8-aarch32-ce.lo rijndael-armv8-aarch32-ce.S libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -Wa,--noexecstack -g -O2 -MT rijndael-armv8-aarch32-ce.lo -MD -MP -MF .deps/rijndael-armv8-aarch32-ce.Tpo -c rijndael-armv8-aarch32-ce.S -fPIC -DPIC -o .libs/rijndael-armv8-aarch32-ce.o rijndael-armv8-aarch32-ce.S: Assembler messages: rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1166: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1166: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1166: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1166: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1166: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1167: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1167: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1167: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1167: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1167: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1339: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1339: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1339: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1339: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1339: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1340: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1340: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1340: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1340: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1340: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1341: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1341: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1341: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1341: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1341: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1492: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1492: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1492: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1492: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1492: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1493: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1493: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1493: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1493: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1493: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1494: Error: selected processor does not support ARM mode `rbit r8,lr' rijndael-armv8-aarch32-ce.S:1494: Error: selected processor does not support ARM mode `rbit r9,r9' rijndael-armv8-aarch32-ce.S:1494: Error: selected processor does not support ARM mode `rbit r10,r10' rijndael-armv8-aarch32-ce.S:1494: Error: selected processor does not support ARM mode `rbit r11,r11' rijndael-armv8-aarch32-ce.S:1494: Error: selected processor does not support ARM mode `rbit r8,lr' Makefile:647: recipe for target 'rijndael-armv8-aarch32-ce.lo' failed make[2]: *** [rijndael-armv8-aarch32-ce.lo] Error 1 make[2]: Leaving directory '/usr/local/src/gnupg/libgcrypt-1.8.0/cipher' Makefile:477: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/usr/local/src/gnupg/libgcrypt-1.8.0' Makefile:408: recipe for target 'all' failed make: *** [all] Error 2 gcc (Raspbian 4.9.2-10) 4.9.2 Copyright (C) 2014 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Linux sluggo 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux Please let me know if you need any other information. I have previously compiled 1.7.x with no issues. Chris -- Chris Horry Ham Radio - KG4TSM zerbey at gmail.com http://twitter.com/zerbey -------------- next part -------------- An HTML attachment was scrubbed... URL: From jussi.kivilinna at iki.fi Sun Jul 23 01:17:24 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Sun, 23 Jul 2017 02:17:24 +0300 Subject: Compile errors for 1.8.0 on ARM processors In-Reply-To: References: Message-ID: On 22.07.2017 17:47, Chris Horry wrote: > Hello Team, > > I'm compiling 1.8.0 on an ARM system (armv7l, Raspberry Pi 3) and receiving the following error: > > make[2]: Entering directory '/usr/local/src/gnupg/libgcrypt-1.8.0/cipher' > /bin/bash ../libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -Wa,--noexecstack -g -O2 -MT rijndael-armv8-aarch32-ce.lo -MD -MP -MF .deps/rijndael-armv8-aarch32-ce.Tpo -c -o rijndael-armv8-aarch32-ce.lo rijndael-armv8-aarch32-ce.S > libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -Wa,--noexecstack -g -O2 -MT rijndael-armv8-aarch32-ce.lo -MD -MP -MF .deps/rijndael-armv8-aarch32-ce.Tpo -c rijndael-armv8-aarch32-ce.S -fPIC -DPIC -o .libs/rijndael-armv8-aarch32-ce.o > rijndael-armv8-aarch32-ce.S: Assembler messages: > rijndael-armv8-aarch32-ce.S:1165: Error: selected processor does not support ARM mode `rbit r8,lr' ..snip.. > > gcc (Raspbian 4.9.2-10) 4.9.2 > Copyright (C) 2014 Free Software Foundation, Inc. > This is free software; see the source for copying conditions. There is NO > warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. > > Linux sluggo 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux > > Please let me know if you need any other information. I have previously compiled 1.7.x with no issues. > Does the attached patch solve the issue? -Jussi -------------- next part -------------- A non-text attachment was scrubbed... Name: 01-fix-building-aarch32-ce.patch Type: text/x-patch Size: 2185 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 671 bytes Desc: OpenPGP digital signature URL: From cvs at cvs.gnupg.org Mon Jul 24 09:38:31 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 24 Jul 2017 09:38:31 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.0-4-gac39522 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via ac39522ab08fcd2483edc223334c6ab9d19e91f3 (commit) from 93478098dce6a123ffb511767861b09255a3f784 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ac39522ab08fcd2483edc223334c6ab9d19e91f3 Author: Werner Koch Date: Mon Jul 24 09:32:25 2017 +0200 random: Fix the command line munging for jitterbase. * random/Makefile.am (o_flag_munging): Make the first sed term also global. -- The sed script did not caught multiple -O which are not -O0. GnuPG-bug-id: 3293 Signed-off-by: Werner Koch diff --git a/random/Makefile.am b/random/Makefile.am index 7698a72..60af5b4 100644 --- a/random/Makefile.am +++ b/random/Makefile.am @@ -55,7 +55,7 @@ jitterentropy-base.c jitterentropy.h jitterentropy-base-user.h # The rndjent module needs to be compiled without optimization. */ if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/-O$[1-9s][1-9s]*$/-O0/' -e 's/-Ofast/-O0/g' +o_flag_munging = sed -e 's/-O$[1-9s][1-9s]*$/-O0/g' -e 's/-Ofast/-O0/g' else o_flag_munging = cat endif ----------------------------------------------------------------------- Summary of changes: random/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From stefbon at gmail.com Mon Jul 24 11:46:26 2017 From: stefbon at gmail.com (Stef Bon) Date: Mon, 24 Jul 2017 11:46:26 +0200 Subject: best way to copy a gcry_mpi_point_t? In-Reply-To: <87pocydvjl.fsf@wheatstone.g10code.de> References: <20160619230219.GF3509@trolle> <87pocydvjl.fsf@wheatstone.g10code.de> Message-ID: 2017-07-18 10:00 GMT+02:00 Werner Koch : > On Mon, 20 Jun 2016 01:02, teichm at in.tum.de said: > >> since I only see gcry_mpi_copy, but no gcry_mpi_point_copy, what would be the >> most efficient way to copy a point? Using something like the following seems >> confusing: >> >> gcry_mpi_ec_mul(new, GCRYMPI_CONST_ONE, old, ctx); > > > 1.8 will come with gcry_mpi_point_copy. Does this also come with other functions like reading mpi_point from buffer? Stef From cvs at cvs.gnupg.org Tue Jul 25 08:27:22 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 25 Jul 2017 08:27:22 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.0-5-gb7cd443 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via b7cd44335d9cde43be6f693dca6399ed0762649c (commit) from ac39522ab08fcd2483edc223334c6ab9d19e91f3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b7cd44335d9cde43be6f693dca6399ed0762649c Author: NIIBE Yutaka Date: Tue Jul 25 15:26:33 2017 +0900 sexp: Add fall through annotation. * src/dumpsexp.c (parse_and_print): It's fall through. Signed-off-by: NIIBE Yutaka diff --git a/src/dumpsexp.c b/src/dumpsexp.c index f6384d7..5aeb77d 100644 --- a/src/dumpsexp.c +++ b/src/dumpsexp.c @@ -546,6 +546,7 @@ parse_and_print (FILE *fp) state = IN_DATA; printctl ("begindata"); init_data (); + /* fall through */ case IN_DATA: if (datalen) { ----------------------------------------------------------------------- Summary of changes: src/dumpsexp.c | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From wk at gnupg.org Tue Jul 25 16:50:54 2017 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jul 2017 16:50:54 +0200 Subject: best way to copy a gcry_mpi_point_t? In-Reply-To: (Stef Bon's message of "Mon, 24 Jul 2017 11:46:26 +0200") References: <20160619230219.GF3509@trolle> <87pocydvjl.fsf@wheatstone.g10code.de> Message-ID: <87o9s8604x.fsf@wheatstone.g10code.de> On Mon, 24 Jul 2017 11:46, stefbon at gmail.com said: > Does this also come with other functions like reading mpi_point from buffer? No. There is no common format for this. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available URL: