From jussi.kivilinna at iki.fi Sat May 13 15:14:48 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Sat, 13 May 2017 16:14:48 +0300 Subject: Disable FIPS by application? In-Reply-To: <3858270.S30Y4vnIA1@tauon.chronox.de> References: <20170411122026.GC25751@al> <3858270.S30Y4vnIA1@tauon.chronox.de> Message-ID: Hello, On 11.04.2017 17:48, Stephan M?ller wrote: > It is the idea of the FIPS mode to not allow MD5 and friends. > > However, for FIPS 140-2 level 1 validations (this is the highest that can be > achieved by libgcrypt), there is *no* need for a techncial enforcement. I.e. > it is perfectly viable to drop all code that disallows ciphers when in FIPS > mode. > So, to clarify, following code in cipher.c (and similar piece in md.c) could be removed altogether? gcry_err_code_t _gcry_cipher_init (void) { if (fips_mode()) { /* disable algorithms that are disallowed in fips */ int idx; gcry_cipher_spec_t *spec; for (idx = 0; (spec = cipher_list[idx]); idx++) if (!spec->flags.fips) spec->flags.disabled = 1; } return 0; } -Jussi From smueller at chronox.de Sat May 13 16:57:55 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Sat, 13 May 2017 16:57:55 +0200 Subject: Disable FIPS by application? In-Reply-To: References: <20170411122026.GC25751@al> <3858270.S30Y4vnIA1@tauon.chronox.de> Message-ID: <1609755.eLyqaMFmPN@tauon.chronox.de> Am Samstag, 13. Mai 2017, 15:14:48 CEST schrieb Jussi Kivilinna: Hi Jussi, > Hello, > > On 11.04.2017 17:48, Stephan M?ller wrote: > > It is the idea of the FIPS mode to not allow MD5 and friends. > > > > However, for FIPS 140-2 level 1 validations (this is the highest that can > > be achieved by libgcrypt), there is *no* need for a techncial > > enforcement. I.e. it is perfectly viable to drop all code that disallows > > ciphers when in FIPS mode. > > So, to clarify, following code in cipher.c (and similar piece in md.c) could > be removed altogether? > > gcry_err_code_t > _gcry_cipher_init (void) > { > if (fips_mode()) > { > /* disable algorithms that are disallowed in fips */ > int idx; > gcry_cipher_spec_t *spec; > > for (idx = 0; (spec = cipher_list[idx]); idx++) > if (!spec->flags.fips) > spec->flags.disabled = 1; > } > > return 0; > } If I interpret that code snippet correctly, it disables ciphers that do not have the fips flag. If my interpretation of the code is correct, the code could be removed, but can also stay. Ciao Stephan From ineiev at gnu.org Mon May 15 13:46:29 2017 From: ineiev at gnu.org (Ineiev) Date: Mon, 15 May 2017 07:46:29 -0400 Subject: SSSE3 fails when built with GCC 4.6.3 Message-ID: <20170515114629.GA25850@gnu.org> As of 9b651fb632f369, on one of my machines tests/basic fails like AES-128 test decryption failed. basic: pass 0, algo 7, mode 1, gcry_cipher_setkey failed: Selftest failed basic: pass 0, algo 7, mode 2, gcry_cipher_setkey failed: Selftest failed ... basic: cipher-ocb, gcry_cipher_setkey failed (large, algo 7): Selftest failed basic: cipher-ocb, gcry_cipher_setkey failed (large, algo 7): Selftest failed basic: stopped after 50 errors. It seems related to SSSE3 because when I #undef HAVE_GCC_INLINE_ASM_SSSE3 in config.h, the test succeeds; it also succeeds when compiled without optimization (CFLAGS=-g2). $ gcc --version gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3 ... (When built with gcc 6.2.0, it passes the test.) $ uname -srvmpio Linux 3.2.0-118-generic #1trisquel1 SMP Tue Dec 6 16:49:50 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux $ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 23 model name : Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz stepping : 10 microcode : 0xa07 cpu MHz : 1603.000 cache size : 3072 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm dtherm tpr_shadow vnmi flexpriority ... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: Digital signature URL: From jussi.kivilinna at iki.fi Tue May 16 20:24:14 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Tue, 16 May 2017 21:24:14 +0300 Subject: SSSE3 fails when built with GCC 4.6.3 In-Reply-To: <20170515114629.GA25850@gnu.org> References: <20170515114629.GA25850@gnu.org> Message-ID: <4299d70e-408d-0bf6-1fc9-a6ade61f36e0@iki.fi> Hello, Does the attached patch help? -Jussi On 15.05.2017 14:46, Ineiev wrote: > As of 9b651fb632f369, on one of my machines tests/basic fails like > > AES-128 test decryption failed. > basic: pass 0, algo 7, mode 1, gcry_cipher_setkey failed: Selftest failed > basic: pass 0, algo 7, mode 2, gcry_cipher_setkey failed: Selftest failed > ... > basic: cipher-ocb, gcry_cipher_setkey failed (large, algo 7): Selftest failed > basic: cipher-ocb, gcry_cipher_setkey failed (large, algo 7): Selftest failed > basic: stopped after 50 errors. > > It seems related to SSSE3 because when I > #undef HAVE_GCC_INLINE_ASM_SSSE3 > in config.h, the test succeeds; it also succeeds when compiled without > optimization (CFLAGS=-g2). > > $ gcc --version > gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3 > ... > > (When built with gcc 6.2.0, it passes the test.) > > $ uname -srvmpio > Linux 3.2.0-118-generic #1trisquel1 SMP Tue Dec 6 16:49:50 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux > > $ cat /proc/cpuinfo > processor : 0 > vendor_id : GenuineIntel > cpu family : 6 > model : 23 > model name : Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz > stepping : 10 > microcode : 0xa07 > cpu MHz : 1603.000 > cache size : 3072 KB > physical id : 0 > siblings : 2 > core id : 0 > cpu cores : 2 > apicid : 0 > initial apicid : 0 > fpu : yes > fpu_exception : yes > cpuid level : 13 > wp : yes > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm dtherm tpr_shadow vnmi flexpriority > ... > > > > _______________________________________________ > Gcrypt-devel mailing list > Gcrypt-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gcrypt-devel > -------------- next part -------------- A non-text attachment was scrubbed... Name: 06-rijndael-ssse3-fix-functions.patch Type: text/x-patch Size: 3885 bytes Desc: not available URL: From chris.westervelt at advantor.com Tue May 16 21:57:31 2017 From: chris.westervelt at advantor.com (Chris Westervelt) Date: Tue, 16 May 2017 19:57:31 +0000 Subject: 1.7.6 DRBG selftest fails vector DRBG_NORP_CTRAES128 and DRBG_PR_CTRAES128 Message-ID: So I have the self test for the RNG running in 1.7.6 but it fails on vector DRBG_NORP_CTRAES128 and DRBG_PR_CTRAES128. What could be the cause? Each time it runs, it produces different results for the output which seems really strange. The library was cross compiled for ARMv5. All other vectors pass fine! Chris Westervelt Senior Product Development Engineer Advantor Systems. 12612 Challenger Pkwy Suite 300 Orlando, FL 32826 http://www.advantor.com Office: (407) 926-6983 Mobile: (407) 595-7023 Fax: (407) 857-1635 Notice of Confidentiality: This e-mail communication and the attachments hereto, if any, are intended solely for the information and use of the addressee(s) identified above and may contain information which is legally privileged and/or otherwise confidential. If a recipient of this e-mail communication is not an addressee (or an authorized representative of an addressee), such recipient is hereby advised that any review, disclosure, reproduction, re-transmission or other dissemination or use of this e-mail communication (or any information contained herein) is strictly prohibited. If you are not an addressee and have received this e-mail communication in error, please advise the sender of that circumstance either by reply e-mail or by telephone at (800) 238-2686, immediately delete this e-mail communication from any computer and destroy all physical copies of same. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5101 bytes Desc: not available URL: From chris.westervelt at advantor.com Tue May 16 23:33:50 2017 From: chris.westervelt at advantor.com (Chris Westervelt) Date: Tue, 16 May 2017 21:33:50 +0000 Subject: drbg_generate_long Message-ID: Are there any gotchas with 32 bit ARM vs 64 bit Intel you could see here? Two of RNG Vectors won't pass the baked in test Chris Westervelt Senior Product Development Engineer Advantor Systems. 12612 Challenger Pkwy Suite 300 Orlando, FL 32826 http://www.advantor.com Office: (407) 926-6983 Mobile: (407) 595-7023 Fax: (407) 857-1635 Notice of Confidentiality: This e-mail communication and the attachments hereto, if any, are intended solely for the information and use of the addressee(s) identified above and may contain information which is legally privileged and/or otherwise confidential. If a recipient of this e-mail communication is not an addressee (or an authorized representative of an addressee), such recipient is hereby advised that any review, disclosure, reproduction, re-transmission or other dissemination or use of this e-mail communication (or any information contained herein) is strictly prohibited. If you are not an addressee and have received this e-mail communication in error, please advise the sender of that circumstance either by reply e-mail or by telephone at (800) 238-2686, immediately delete this e-mail communication from any computer and destroy all physical copies of same. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5101 bytes Desc: not available URL: From smueller at chronox.de Wed May 17 03:46:53 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Wed, 17 May 2017 03:46:53 +0200 Subject: drbg_generate_long In-Reply-To: References: Message-ID: <2934464.GsV4yFa5xf@tauon.chronox.de> Am Dienstag, 16. Mai 2017, 23:33:50 CEST schrieb Chris Westervelt: Hi Chris, > Are there any gotchas with 32 bit ARM vs 64 bit Intel you could see here? > Two of RNG Vectors won't pass the baked in test After checking the code, I do not see anything immediately obvious. By any chance: does the DRBG work fine with version 1.7.3 (there was a big change for the CTR DRBG introduced with 1.7.4)? Ciao Stephan From chris.westervelt at advantor.com Wed May 17 14:38:33 2017 From: chris.westervelt at advantor.com (Chris Westervelt) Date: Wed, 17 May 2017 12:38:33 +0000 Subject: drbg_generate_long In-Reply-To: <2934464.GsV4yFa5xf@tauon.chronox.de> References: <2934464.GsV4yFa5xf@tauon.chronox.de> Message-ID: Not sure but I'll check. I know that something was failing in the patched version of 1.6.4 I had been working with from roughly a couple of years ago so I'll test 1.7.3 and get back to you in a few -----Original Message----- From: Stephan M?ller [mailto:smueller at chronox.de] Sent: Tuesday, May 16, 2017 9:47 PM To: gcrypt-devel at gnupg.org Cc: Chris Westervelt Subject: Re: drbg_generate_long Am Dienstag, 16. Mai 2017, 23:33:50 CEST schrieb Chris Westervelt: Hi Chris, > Are there any gotchas with 32 bit ARM vs 64 bit Intel you could see here? > Two of RNG Vectors won't pass the baked in test After checking the code, I do not see anything immediately obvious. By any chance: does the DRBG work fine with version 1.7.3 (there was a big change for the CTR DRBG introduced with 1.7.4)? Ciao Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5101 bytes Desc: not available URL: From ineiev at gnu.org Thu May 18 10:44:05 2017 From: ineiev at gnu.org (Ineiev) Date: Thu, 18 May 2017 04:44:05 -0400 Subject: SSSE3 fails when built with GCC 4.6.3 In-Reply-To: <4299d70e-408d-0bf6-1fc9-a6ade61f36e0@iki.fi> References: <20170515114629.GA25850@gnu.org> <4299d70e-408d-0bf6-1fc9-a6ade61f36e0@iki.fi> Message-ID: <20170518084404.GK25850@gnu.org> Hello, Jussi; On Tue, May 16, 2017 at 09:24:14PM +0300, Jussi Kivilinna wrote: > > Does the attached patch help? Yes; 'make check' runs successfully. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: Digital signature URL: From jussi.kivilinna at iki.fi Thu May 18 19:27:29 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 18 May 2017 20:27:29 +0300 Subject: [PATCH 1/5] Fix building with x86-64 medium and large memory models Message-ID: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> * cipher/cast5-amd64.S [HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS] (GET_EXTERN_POINTER): Load 64-bit address instead of 32-bit. * cipher/rijndael.c (do_encrypt, do_decrypt) [USE_AMD64_ASM && !HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS]: Load table pointer through register instead of generic reference. -- Signed-off-by: Jussi Kivilinna --- cipher/cast5-amd64.S | 2 +- cipher/rijndael.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cipher/cast5-amd64.S b/cipher/cast5-amd64.S index a5f078e3..608fb64e 100644 --- a/cipher/cast5-amd64.S +++ b/cipher/cast5-amd64.S @@ -24,7 +24,7 @@ defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && defined(USE_CAST5) #if defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS) || !defined(__PIC__) -# define GET_EXTERN_POINTER(name, reg) leaq name, reg +# define GET_EXTERN_POINTER(name, reg) movabsq $name, reg #else # define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg #endif diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 66ea0f3a..8637195a 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -752,7 +752,7 @@ do_encrypt (const RIJNDAEL_context *ctx, "+d" (ax), "+c" (rounds) : "0" (_gcry_aes_amd64_encrypt_block), - [encT] "g" (encT) + [encT] "r" (encT) : "cc", "memory", "r8", "r9", "r10", "r11"); return ret; # endif /* HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS */ @@ -1135,7 +1135,7 @@ do_decrypt (const RIJNDAEL_context *ctx, unsigned char *bx, "+d" (ax), "+c" (rounds) : "0" (_gcry_aes_amd64_decrypt_block), - [dectabs] "g" (&dec_tables) + [dectabs] "r" (&dec_tables) : "cc", "memory", "r8", "r9", "r10", "r11"); return ret; # endif /* HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS */ From jussi.kivilinna at iki.fi Thu May 18 19:27:34 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 18 May 2017 20:27:34 +0300 Subject: [PATCH 2/5] cast5-amd64: use 64-bit relocation with large PIC memory model In-Reply-To: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> References: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> Message-ID: <149512845421.21734.9726889660337124034.stgit@localhost.localdomain> * cipher/cast5-amd64.S [__code_model_large__] (GET_EXTERN_POINTER): New. -- Signed-off-by: Jussi Kivilinna --- cipher/cast5-amd64.S | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/cipher/cast5-amd64.S b/cipher/cast5-amd64.S index 608fb64e..c04015a2 100644 --- a/cipher/cast5-amd64.S +++ b/cipher/cast5-amd64.S @@ -26,7 +26,20 @@ #if defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS) || !defined(__PIC__) # define GET_EXTERN_POINTER(name, reg) movabsq $name, reg #else -# define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg +# ifdef __code_model_large__ +# define GET_EXTERN_POINTER(name, reg) \ + pushq %r15; \ + pushq %r14; \ + 1: leaq 1b(%rip), reg; \ + movabsq $_GLOBAL_OFFSET_TABLE_-1b, %r14; \ + movabsq $name at GOT, %r15; \ + addq %r14, reg; \ + popq %r14; \ + movq (reg, %r15), reg; \ + popq %r15; +# else +# define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg +# endif #endif #ifdef HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS From jussi.kivilinna at iki.fi Thu May 18 19:27:39 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 18 May 2017 20:27:39 +0300 Subject: [PATCH 3/5] Move data in AMD64 assembly to text section In-Reply-To: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> References: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> Message-ID: <149512845923.21734.10660114340004970906.stgit@localhost.localdomain> * cipher/camellia-aesni-avx-amd64.S: Move data to .text section to ensure that RIP relative addressing of data will work. * cipher/camellia-aesni-avx2-amd64.S: Ditto. * cipher/chacha20-avx2-amd64.S: Ditto. * cipher/chacha20-ssse3-amd64.S: Ditto. * cipher/des-amd64.S: Ditto. * cipher/serpent-avx2-amd64.S: Ditto. * cipher/sha1-avx-amd64.S: Ditto. * cipher/sha1-avx-bmi2-amd64.S: Ditto. * cipher/sha1-ssse3-amd64.S: Ditto. * cipher/sha256-avx-amd64.S: Ditto. * cipher/sha256-avx2-bmi2-amd64.S: Ditto. * cipher/sha256-ssse3-amd64.S: Ditto. * cipher/sha512-avx-amd64.S: Ditto. * cipher/sha512-avx2-bmi2-amd64.S: Ditto. * cipher/sha512-ssse3-amd64.S: Ditto. -- Signed-off-by: Jussi Kivilinna --- cipher/camellia-aesni-avx-amd64.S | 5 +---- cipher/camellia-aesni-avx2-amd64.S | 3 +-- cipher/chacha20-avx2-amd64.S | 1 - cipher/chacha20-ssse3-amd64.S | 1 - cipher/des-amd64.S | 1 - cipher/serpent-avx2-amd64.S | 1 - cipher/sha1-avx-amd64.S | 3 +-- cipher/sha1-avx-bmi2-amd64.S | 3 +-- cipher/sha1-ssse3-amd64.S | 3 +-- cipher/sha256-avx-amd64.S | 1 - cipher/sha256-avx2-bmi2-amd64.S | 1 - cipher/sha256-ssse3-amd64.S | 1 - cipher/sha512-avx-amd64.S | 2 -- cipher/sha512-avx2-bmi2-amd64.S | 2 -- cipher/sha512-ssse3-amd64.S | 2 -- 15 files changed, 5 insertions(+), 25 deletions(-) diff --git a/cipher/camellia-aesni-avx-amd64.S b/cipher/camellia-aesni-avx-amd64.S index 5a3a3cbc..8022934f 100644 --- a/cipher/camellia-aesni-avx-amd64.S +++ b/cipher/camellia-aesni-avx-amd64.S @@ -629,7 +629,7 @@ vmovdqu y6, 14 * 16(rio); \ vmovdqu y7, 15 * 16(rio); -.data +.text .align 16 #define SHUFB_BYTES(idx) \ @@ -773,7 +773,6 @@ .L0f0f0f0f: .long 0x0f0f0f0f -.text .align 8 ELF(.type __camellia_enc_blk16, at function;) @@ -1702,7 +1701,6 @@ ELF(.size _gcry_camellia_aesni_avx_ocb_auth,.-_gcry_camellia_aesni_avx_ocb_auth; vpsllq $(64-(nror)), out, out; \ vpaddd t0, out, out; -.data .align 16 .Linv_shift_row_and_unpcklbw: @@ -1735,7 +1733,6 @@ ELF(.size _gcry_camellia_aesni_avx_ocb_auth,.-_gcry_camellia_aesni_avx_ocb_auth; .Lsigma6: .long 0xB3E6C1FD, 0xB05688C2; -.text .align 8 ELF(.type __camellia_avx_setup128, at function;) diff --git a/cipher/camellia-aesni-avx2-amd64.S b/cipher/camellia-aesni-avx2-amd64.S index 26381df0..897e4aee 100644 --- a/cipher/camellia-aesni-avx2-amd64.S +++ b/cipher/camellia-aesni-avx2-amd64.S @@ -613,7 +613,7 @@ vmovdqu y6, 14 * 32(rio); \ vmovdqu y7, 15 * 32(rio); -.data +.text .align 32 #define SHUFB_BYTES(idx) \ @@ -752,7 +752,6 @@ .L0f0f0f0f: .long 0x0f0f0f0f -.text .align 8 ELF(.type __camellia_enc_blk32, at function;) diff --git a/cipher/chacha20-avx2-amd64.S b/cipher/chacha20-avx2-amd64.S index 12bed35b..8c085bad 100644 --- a/cipher/chacha20-avx2-amd64.S +++ b/cipher/chacha20-avx2-amd64.S @@ -947,7 +947,6 @@ _gcry_chacha20_amd64_avx2_blocks: ret ELF(.size _gcry_chacha20_amd64_avx2_blocks,.-_gcry_chacha20_amd64_avx2_blocks;) -.data .align 16 .LC: .byte 2,3,0,1,6,7,4,5,10,11,8,9,14,15,12,13 /* pshufb rotate by 16 */ diff --git a/cipher/chacha20-ssse3-amd64.S b/cipher/chacha20-ssse3-amd64.S index a1a843fa..c04010e7 100644 --- a/cipher/chacha20-ssse3-amd64.S +++ b/cipher/chacha20-ssse3-amd64.S @@ -623,7 +623,6 @@ _gcry_chacha20_amd64_ssse3_blocks: ret ELF(.size _gcry_chacha20_amd64_ssse3_blocks,.-_gcry_chacha20_amd64_ssse3_blocks;) -.data .align 16; .LC: .byte 2,3,0,1,6,7,4,5,10,11,8,9,14,15,12,13 /* pshufb rotate by 16 */ diff --git a/cipher/des-amd64.S b/cipher/des-amd64.S index 307d2112..1b7cfba8 100644 --- a/cipher/des-amd64.S +++ b/cipher/des-amd64.S @@ -766,7 +766,6 @@ _gcry_3des_amd64_cfb_dec: ret; ELF(.size _gcry_3des_amd64_cfb_dec,.-_gcry_3des_amd64_cfb_dec;) -.data .align 16 .L_s1: .quad 0x0010100001010400, 0x0000000000000000 diff --git a/cipher/serpent-avx2-amd64.S b/cipher/serpent-avx2-amd64.S index 2902dab5..8d60a159 100644 --- a/cipher/serpent-avx2-amd64.S +++ b/cipher/serpent-avx2-amd64.S @@ -1113,7 +1113,6 @@ _gcry_serpent_avx2_ocb_auth: ret; ELF(.size _gcry_serpent_avx2_ocb_auth,.-_gcry_serpent_avx2_ocb_auth;) -.data .align 16 /* For CTR-mode IV byteswap */ diff --git a/cipher/sha1-avx-amd64.S b/cipher/sha1-avx-amd64.S index 3b3a6d11..b14603bf 100644 --- a/cipher/sha1-avx-amd64.S +++ b/cipher/sha1-avx-amd64.S @@ -58,7 +58,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -214,7 +214,6 @@ * _gcry_sha1_transform_amd64_avx (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_avx ELF(.type _gcry_sha1_transform_amd64_avx, at function) .align 16 diff --git a/cipher/sha1-avx-bmi2-amd64.S b/cipher/sha1-avx-bmi2-amd64.S index 22bcbb3c..b267693f 100644 --- a/cipher/sha1-avx-bmi2-amd64.S +++ b/cipher/sha1-avx-bmi2-amd64.S @@ -59,7 +59,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -212,7 +212,6 @@ * _gcry_sha1_transform_amd64_avx_bmi2 (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_avx_bmi2 ELF(.type _gcry_sha1_transform_amd64_avx_bmi2, at function) .align 16 diff --git a/cipher/sha1-ssse3-amd64.S b/cipher/sha1-ssse3-amd64.S index 98a19e60..2b439476 100644 --- a/cipher/sha1-ssse3-amd64.S +++ b/cipher/sha1-ssse3-amd64.S @@ -58,7 +58,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -226,7 +226,6 @@ * _gcry_sha1_transform_amd64_ssse3 (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_ssse3 ELF(.type _gcry_sha1_transform_amd64_ssse3, at function) .align 16 diff --git a/cipher/sha256-avx-amd64.S b/cipher/sha256-avx-amd64.S index 8bf26bd7..6953855b 100644 --- a/cipher/sha256-avx-amd64.S +++ b/cipher/sha256-avx-amd64.S @@ -496,7 +496,6 @@ _gcry_sha256_transform_amd64_avx: ret -.data .align 16 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha256-avx2-bmi2-amd64.S b/cipher/sha256-avx2-bmi2-amd64.S index 74b60631..85e663fe 100644 --- a/cipher/sha256-avx2-bmi2-amd64.S +++ b/cipher/sha256-avx2-bmi2-amd64.S @@ -763,7 +763,6 @@ _gcry_sha256_transform_amd64_avx2: ret -.data .align 64 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha256-ssse3-amd64.S b/cipher/sha256-ssse3-amd64.S index 9ec87e46..a9213e41 100644 --- a/cipher/sha256-ssse3-amd64.S +++ b/cipher/sha256-ssse3-amd64.S @@ -516,7 +516,6 @@ _gcry_sha256_transform_amd64_ssse3: ret -.data .align 16 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha512-avx-amd64.S b/cipher/sha512-avx-amd64.S index 699c271b..446a8b4e 100644 --- a/cipher/sha512-avx-amd64.S +++ b/cipher/sha512-avx-amd64.S @@ -368,8 +368,6 @@ _gcry_sha512_transform_amd64_avx: ;;; Binary Data */ -.data - .align 16 /* Mask for byte-swapping a couple of qwords in an XMM register using (v)pshufb. */ diff --git a/cipher/sha512-avx2-bmi2-amd64.S b/cipher/sha512-avx2-bmi2-amd64.S index 02f95af6..05bef64c 100644 --- a/cipher/sha512-avx2-bmi2-amd64.S +++ b/cipher/sha512-avx2-bmi2-amd64.S @@ -735,8 +735,6 @@ _gcry_sha512_transform_amd64_avx2: /*;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; */ /*;; Binary Data */ -.data - .align 64 /* K[t] used in SHA512 hashing */ .LK512: diff --git a/cipher/sha512-ssse3-amd64.S b/cipher/sha512-ssse3-amd64.S index c721bcf2..51193b36 100644 --- a/cipher/sha512-ssse3-amd64.S +++ b/cipher/sha512-ssse3-amd64.S @@ -373,8 +373,6 @@ _gcry_sha512_transform_amd64_ssse3: ;;; Binary Data */ -.data - .align 16 /* Mask for byte-swapping a couple of qwords in an XMM register using (v)pshufb. */ From jussi.kivilinna at iki.fi Thu May 18 19:27:49 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 18 May 2017 20:27:49 +0300 Subject: [PATCH 5/5] rijndael-ssse3: fix functions calls from assembly blocks In-Reply-To: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> References: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> Message-ID: <149512846926.21734.11342567047868802961.stgit@localhost.localdomain> * cipher/rijndael-ssse3-amd64.c (PUSH_STACK_PTR, POP_STACK_PTR): New. (vpaes_ssse3_prepare_enc, vpaes_ssse3_prepare_dec) (_gcry_aes_ssse3_do_setkey, _gcry_aes_ssse3_prepare_decryption) (do_vpaes_ssse3_enc, do_vpaes_ssse3_dec): Use PUSH_STACK_PTR and POP_STACK_PTR. -- Signed-off-by: Jussi Kivilinna --- cipher/rijndael-ssse3-amd64.c | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/cipher/rijndael-ssse3-amd64.c b/cipher/rijndael-ssse3-amd64.c index 78d8234d..da5339e3 100644 --- a/cipher/rijndael-ssse3-amd64.c +++ b/cipher/rijndael-ssse3-amd64.c @@ -110,6 +110,8 @@ extern void _gcry_aes_ssse3_decrypt_core(void); : \ : "r" (ssse3_state) \ : "memory" ) +# define PUSH_STACK_PTR +# define POP_STACK_PTR #else # define SSSE3_STATE_SIZE 1 # define vpaes_ssse3_prepare() (void)ssse3_state @@ -124,18 +126,27 @@ extern void _gcry_aes_ssse3_decrypt_core(void); "pxor %%xmm7, %%xmm7 \n\t" \ "pxor %%xmm8, %%xmm8 \n\t" \ ::: "memory" ) +/* Old GCC versions use red-zone of AMD64 SYSV ABI and stack pointer is + * not properly adjusted for assembly block. Therefore stack pointer + * needs to be manually corrected. */ +# define PUSH_STACK_PTR "subq $128, %%rsp;\n\t" +# define POP_STACK_PTR "addq $128, %%rsp;\n\t" #endif #define vpaes_ssse3_prepare_enc() \ vpaes_ssse3_prepare(); \ - asm volatile ("callq *%q[core] \n\t" \ + asm volatile (PUSH_STACK_PTR \ + "callq *%q[core] \n\t" \ + POP_STACK_PTR \ : \ : [core] "r" (_gcry_aes_ssse3_enc_preload) \ : "rax", "cc", "memory" ) #define vpaes_ssse3_prepare_dec() \ vpaes_ssse3_prepare(); \ - asm volatile ("callq *%q[core] \n\t" \ + asm volatile (PUSH_STACK_PTR \ + "callq *%q[core] \n\t" \ + POP_STACK_PTR \ : \ : [core] "r" (_gcry_aes_ssse3_dec_preload) \ : "rax", "cc", "memory" ) @@ -155,7 +166,9 @@ _gcry_aes_ssse3_do_setkey (RIJNDAEL_context *ctx, const byte *key) "leaq %[buf], %%rdx" "\n\t" "movl %[dir], %%ecx" "\n\t" "movl %[rotoffs], %%r8d" "\n\t" + PUSH_STACK_PTR "callq *%q[core]" "\n\t" + POP_STACK_PTR : : [core] "r" (&_gcry_aes_ssse3_schedule_core), [key] "m" (*key), @@ -208,7 +221,9 @@ _gcry_aes_ssse3_prepare_decryption (RIJNDAEL_context *ctx) "leaq %[buf], %%rdx" "\n\t" "movl %[dir], %%ecx" "\n\t" "movl %[rotoffs], %%r8d" "\n\t" + PUSH_STACK_PTR "callq *%q[core]" "\n\t" + POP_STACK_PTR : : [core] "r" (_gcry_aes_ssse3_schedule_core), [key] "m" (ctx->keyschdec32[0][0]), @@ -231,7 +246,9 @@ do_vpaes_ssse3_enc (const RIJNDAEL_context *ctx, unsigned int nrounds) unsigned int middle_rounds = nrounds - 1; const void *keysched = ctx->keyschenc32; - asm volatile ("callq *%q[core]" "\n\t" + asm volatile (PUSH_STACK_PTR + "callq *%q[core]" "\n\t" + POP_STACK_PTR : "+a" (middle_rounds), "+d" (keysched) : [core] "r" (_gcry_aes_ssse3_encrypt_core) : "rcx", "rsi", "rdi", "cc", "memory"); @@ -246,10 +263,12 @@ do_vpaes_ssse3_dec (const RIJNDAEL_context *ctx, unsigned int nrounds) unsigned int middle_rounds = nrounds - 1; const void *keysched = ctx->keyschdec32; - asm volatile ("callq *%q[core]" "\n\t" - : "+a" (middle_rounds), "+d" (keysched) + asm volatile (PUSH_STACK_PTR + "callq *%q[core]" "\n\t" + POP_STACK_PTR + : "+a" (middle_rounds), "+d" (keysched) : [core] "r" (_gcry_aes_ssse3_decrypt_core) - : "rcx", "rsi", "cc", "memory"); + : "rcx", "rsi", "cc", "memory"); } From jussi.kivilinna at iki.fi Thu May 18 19:27:44 2017 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 18 May 2017 20:27:44 +0300 Subject: [PATCH 4/5] chacha20-armv7-neon: fix to use fast code path when memory is aligned In-Reply-To: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> References: <149512844916.21734.3453227602174875241.stgit@localhost.localdomain> Message-ID: <149512846425.21734.17067011571180450992.stgit@localhost.localdomain> * cipher/chacha20-armv7-neon.S (UNALIGNED_LDMIA4): Uncomment instruction for jump to aligned code path. -- Signed-off-by: Jussi Kivilinna --- cipher/chacha20-armv7-neon.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cipher/chacha20-armv7-neon.S b/cipher/chacha20-armv7-neon.S index 4d3340b3..c1971fc7 100644 --- a/cipher/chacha20-armv7-neon.S +++ b/cipher/chacha20-armv7-neon.S @@ -54,7 +54,7 @@ #define UNALIGNED_LDMIA4(ptr, l0, l1, l2, l3) \ tst ptr, #3; \ - /*beq 1f;*/ \ + beq 1f; \ vpush {d0-d1}; \ vld1.32 {d0-d1}, [ptr]; \ add ptr, #16; \ From cvs at cvs.gnupg.org Sun May 21 18:07:08 2017 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sun, 21 May 2017 18:07:08 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-84-g4cd9499 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 4cd94994a9abec9b92fa5972869baf089a28fa76 (commit) via 68861ae5d3e007d7a39f14ea27dc3dd8ef13ba02 (commit) via 1a094bc5b2aa730833faf593a931d4e5d7f9ab4d (commit) via ff02fca39c83bcf30c79368611ac65e273e77f6c (commit) via 434d4f2af39033fc626044ba9a060da298522293 (commit) from 9b651fb632f3697e70685c9ee340ab0cb2274bdf (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4cd94994a9abec9b92fa5972869baf089a28fa76 Author: Jussi Kivilinna Date: Tue May 16 21:22:11 2017 +0300 rijndael-ssse3: fix functions calls from assembly blocks * cipher/rijndael-ssse3-amd64.c (PUSH_STACK_PTR, POP_STACK_PTR): New. (vpaes_ssse3_prepare_enc, vpaes_ssse3_prepare_dec) (_gcry_aes_ssse3_do_setkey, _gcry_aes_ssse3_prepare_decryption) (do_vpaes_ssse3_enc, do_vpaes_ssse3_dec): Use PUSH_STACK_PTR and POP_STACK_PTR. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/rijndael-ssse3-amd64.c b/cipher/rijndael-ssse3-amd64.c index 78d8234..da5339e 100644 --- a/cipher/rijndael-ssse3-amd64.c +++ b/cipher/rijndael-ssse3-amd64.c @@ -110,6 +110,8 @@ extern void _gcry_aes_ssse3_decrypt_core(void); : \ : "r" (ssse3_state) \ : "memory" ) +# define PUSH_STACK_PTR +# define POP_STACK_PTR #else # define SSSE3_STATE_SIZE 1 # define vpaes_ssse3_prepare() (void)ssse3_state @@ -124,18 +126,27 @@ extern void _gcry_aes_ssse3_decrypt_core(void); "pxor %%xmm7, %%xmm7 \n\t" \ "pxor %%xmm8, %%xmm8 \n\t" \ ::: "memory" ) +/* Old GCC versions use red-zone of AMD64 SYSV ABI and stack pointer is + * not properly adjusted for assembly block. Therefore stack pointer + * needs to be manually corrected. */ +# define PUSH_STACK_PTR "subq $128, %%rsp;\n\t" +# define POP_STACK_PTR "addq $128, %%rsp;\n\t" #endif #define vpaes_ssse3_prepare_enc() \ vpaes_ssse3_prepare(); \ - asm volatile ("callq *%q[core] \n\t" \ + asm volatile (PUSH_STACK_PTR \ + "callq *%q[core] \n\t" \ + POP_STACK_PTR \ : \ : [core] "r" (_gcry_aes_ssse3_enc_preload) \ : "rax", "cc", "memory" ) #define vpaes_ssse3_prepare_dec() \ vpaes_ssse3_prepare(); \ - asm volatile ("callq *%q[core] \n\t" \ + asm volatile (PUSH_STACK_PTR \ + "callq *%q[core] \n\t" \ + POP_STACK_PTR \ : \ : [core] "r" (_gcry_aes_ssse3_dec_preload) \ : "rax", "cc", "memory" ) @@ -155,7 +166,9 @@ _gcry_aes_ssse3_do_setkey (RIJNDAEL_context *ctx, const byte *key) "leaq %[buf], %%rdx" "\n\t" "movl %[dir], %%ecx" "\n\t" "movl %[rotoffs], %%r8d" "\n\t" + PUSH_STACK_PTR "callq *%q[core]" "\n\t" + POP_STACK_PTR : : [core] "r" (&_gcry_aes_ssse3_schedule_core), [key] "m" (*key), @@ -208,7 +221,9 @@ _gcry_aes_ssse3_prepare_decryption (RIJNDAEL_context *ctx) "leaq %[buf], %%rdx" "\n\t" "movl %[dir], %%ecx" "\n\t" "movl %[rotoffs], %%r8d" "\n\t" + PUSH_STACK_PTR "callq *%q[core]" "\n\t" + POP_STACK_PTR : : [core] "r" (_gcry_aes_ssse3_schedule_core), [key] "m" (ctx->keyschdec32[0][0]), @@ -231,7 +246,9 @@ do_vpaes_ssse3_enc (const RIJNDAEL_context *ctx, unsigned int nrounds) unsigned int middle_rounds = nrounds - 1; const void *keysched = ctx->keyschenc32; - asm volatile ("callq *%q[core]" "\n\t" + asm volatile (PUSH_STACK_PTR + "callq *%q[core]" "\n\t" + POP_STACK_PTR : "+a" (middle_rounds), "+d" (keysched) : [core] "r" (_gcry_aes_ssse3_encrypt_core) : "rcx", "rsi", "rdi", "cc", "memory"); @@ -246,10 +263,12 @@ do_vpaes_ssse3_dec (const RIJNDAEL_context *ctx, unsigned int nrounds) unsigned int middle_rounds = nrounds - 1; const void *keysched = ctx->keyschdec32; - asm volatile ("callq *%q[core]" "\n\t" - : "+a" (middle_rounds), "+d" (keysched) + asm volatile (PUSH_STACK_PTR + "callq *%q[core]" "\n\t" + POP_STACK_PTR + : "+a" (middle_rounds), "+d" (keysched) : [core] "r" (_gcry_aes_ssse3_decrypt_core) - : "rcx", "rsi", "cc", "memory"); + : "rcx", "rsi", "cc", "memory"); } commit 68861ae5d3e007d7a39f14ea27dc3dd8ef13ba02 Author: Jussi Kivilinna Date: Sat May 13 18:36:00 2017 +0300 chacha20-armv7-neon: fix to use fast code path when memory is aligned * cipher/chacha20-armv7-neon.S (UNALIGNED_LDMIA4): Uncomment instruction for jump to aligned code path. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/chacha20-armv7-neon.S b/cipher/chacha20-armv7-neon.S index 4d3340b..c1971fc 100644 --- a/cipher/chacha20-armv7-neon.S +++ b/cipher/chacha20-armv7-neon.S @@ -54,7 +54,7 @@ #define UNALIGNED_LDMIA4(ptr, l0, l1, l2, l3) \ tst ptr, #3; \ - /*beq 1f;*/ \ + beq 1f; \ vpush {d0-d1}; \ vld1.32 {d0-d1}, [ptr]; \ add ptr, #16; \ commit 1a094bc5b2aa730833faf593a931d4e5d7f9ab4d Author: Jussi Kivilinna Date: Sat May 13 18:53:08 2017 +0300 Move data in AMD64 assembly to text section * cipher/camellia-aesni-avx-amd64.S: Move data to .text section to ensure that RIP relative addressing of data will work. * cipher/camellia-aesni-avx2-amd64.S: Ditto. * cipher/chacha20-avx2-amd64.S: Ditto. * cipher/chacha20-ssse3-amd64.S: Ditto. * cipher/des-amd64.S: Ditto. * cipher/serpent-avx2-amd64.S: Ditto. * cipher/sha1-avx-amd64.S: Ditto. * cipher/sha1-avx-bmi2-amd64.S: Ditto. * cipher/sha1-ssse3-amd64.S: Ditto. * cipher/sha256-avx-amd64.S: Ditto. * cipher/sha256-avx2-bmi2-amd64.S: Ditto. * cipher/sha256-ssse3-amd64.S: Ditto. * cipher/sha512-avx-amd64.S: Ditto. * cipher/sha512-avx2-bmi2-amd64.S: Ditto. * cipher/sha512-ssse3-amd64.S: Ditto. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-aesni-avx-amd64.S b/cipher/camellia-aesni-avx-amd64.S index 5a3a3cb..8022934 100644 --- a/cipher/camellia-aesni-avx-amd64.S +++ b/cipher/camellia-aesni-avx-amd64.S @@ -629,7 +629,7 @@ vmovdqu y6, 14 * 16(rio); \ vmovdqu y7, 15 * 16(rio); -.data +.text .align 16 #define SHUFB_BYTES(idx) \ @@ -773,7 +773,6 @@ .L0f0f0f0f: .long 0x0f0f0f0f -.text .align 8 ELF(.type __camellia_enc_blk16, at function;) @@ -1702,7 +1701,6 @@ ELF(.size _gcry_camellia_aesni_avx_ocb_auth,.-_gcry_camellia_aesni_avx_ocb_auth; vpsllq $(64-(nror)), out, out; \ vpaddd t0, out, out; -.data .align 16 .Linv_shift_row_and_unpcklbw: @@ -1735,7 +1733,6 @@ ELF(.size _gcry_camellia_aesni_avx_ocb_auth,.-_gcry_camellia_aesni_avx_ocb_auth; .Lsigma6: .long 0xB3E6C1FD, 0xB05688C2; -.text .align 8 ELF(.type __camellia_avx_setup128, at function;) diff --git a/cipher/camellia-aesni-avx2-amd64.S b/cipher/camellia-aesni-avx2-amd64.S index 26381df..897e4ae 100644 --- a/cipher/camellia-aesni-avx2-amd64.S +++ b/cipher/camellia-aesni-avx2-amd64.S @@ -613,7 +613,7 @@ vmovdqu y6, 14 * 32(rio); \ vmovdqu y7, 15 * 32(rio); -.data +.text .align 32 #define SHUFB_BYTES(idx) \ @@ -752,7 +752,6 @@ .L0f0f0f0f: .long 0x0f0f0f0f -.text .align 8 ELF(.type __camellia_enc_blk32, at function;) diff --git a/cipher/chacha20-avx2-amd64.S b/cipher/chacha20-avx2-amd64.S index 12bed35..8c085ba 100644 --- a/cipher/chacha20-avx2-amd64.S +++ b/cipher/chacha20-avx2-amd64.S @@ -947,7 +947,6 @@ _gcry_chacha20_amd64_avx2_blocks: ret ELF(.size _gcry_chacha20_amd64_avx2_blocks,.-_gcry_chacha20_amd64_avx2_blocks;) -.data .align 16 .LC: .byte 2,3,0,1,6,7,4,5,10,11,8,9,14,15,12,13 /* pshufb rotate by 16 */ diff --git a/cipher/chacha20-ssse3-amd64.S b/cipher/chacha20-ssse3-amd64.S index a1a843f..c04010e 100644 --- a/cipher/chacha20-ssse3-amd64.S +++ b/cipher/chacha20-ssse3-amd64.S @@ -623,7 +623,6 @@ _gcry_chacha20_amd64_ssse3_blocks: ret ELF(.size _gcry_chacha20_amd64_ssse3_blocks,.-_gcry_chacha20_amd64_ssse3_blocks;) -.data .align 16; .LC: .byte 2,3,0,1,6,7,4,5,10,11,8,9,14,15,12,13 /* pshufb rotate by 16 */ diff --git a/cipher/des-amd64.S b/cipher/des-amd64.S index 307d211..1b7cfba 100644 --- a/cipher/des-amd64.S +++ b/cipher/des-amd64.S @@ -766,7 +766,6 @@ _gcry_3des_amd64_cfb_dec: ret; ELF(.size _gcry_3des_amd64_cfb_dec,.-_gcry_3des_amd64_cfb_dec;) -.data .align 16 .L_s1: .quad 0x0010100001010400, 0x0000000000000000 diff --git a/cipher/serpent-avx2-amd64.S b/cipher/serpent-avx2-amd64.S index 2902dab..8d60a15 100644 --- a/cipher/serpent-avx2-amd64.S +++ b/cipher/serpent-avx2-amd64.S @@ -1113,7 +1113,6 @@ _gcry_serpent_avx2_ocb_auth: ret; ELF(.size _gcry_serpent_avx2_ocb_auth,.-_gcry_serpent_avx2_ocb_auth;) -.data .align 16 /* For CTR-mode IV byteswap */ diff --git a/cipher/sha1-avx-amd64.S b/cipher/sha1-avx-amd64.S index 3b3a6d1..b14603b 100644 --- a/cipher/sha1-avx-amd64.S +++ b/cipher/sha1-avx-amd64.S @@ -58,7 +58,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -214,7 +214,6 @@ * _gcry_sha1_transform_amd64_avx (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_avx ELF(.type _gcry_sha1_transform_amd64_avx, at function) .align 16 diff --git a/cipher/sha1-avx-bmi2-amd64.S b/cipher/sha1-avx-bmi2-amd64.S index 22bcbb3..b267693 100644 --- a/cipher/sha1-avx-bmi2-amd64.S +++ b/cipher/sha1-avx-bmi2-amd64.S @@ -59,7 +59,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -212,7 +212,6 @@ * _gcry_sha1_transform_amd64_avx_bmi2 (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_avx_bmi2 ELF(.type _gcry_sha1_transform_amd64_avx_bmi2, at function) .align 16 diff --git a/cipher/sha1-ssse3-amd64.S b/cipher/sha1-ssse3-amd64.S index 98a19e6..2b43947 100644 --- a/cipher/sha1-ssse3-amd64.S +++ b/cipher/sha1-ssse3-amd64.S @@ -58,7 +58,7 @@ /* Constants */ -.data +.text #define K1 0x5A827999 #define K2 0x6ED9EBA1 #define K3 0x8F1BBCDC @@ -226,7 +226,6 @@ * _gcry_sha1_transform_amd64_ssse3 (void *ctx, const unsigned char *data, * size_t nblks) */ -.text .globl _gcry_sha1_transform_amd64_ssse3 ELF(.type _gcry_sha1_transform_amd64_ssse3, at function) .align 16 diff --git a/cipher/sha256-avx-amd64.S b/cipher/sha256-avx-amd64.S index 8bf26bd..6953855 100644 --- a/cipher/sha256-avx-amd64.S +++ b/cipher/sha256-avx-amd64.S @@ -496,7 +496,6 @@ _gcry_sha256_transform_amd64_avx: ret -.data .align 16 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha256-avx2-bmi2-amd64.S b/cipher/sha256-avx2-bmi2-amd64.S index 74b6063..85e663f 100644 --- a/cipher/sha256-avx2-bmi2-amd64.S +++ b/cipher/sha256-avx2-bmi2-amd64.S @@ -763,7 +763,6 @@ _gcry_sha256_transform_amd64_avx2: ret -.data .align 64 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha256-ssse3-amd64.S b/cipher/sha256-ssse3-amd64.S index 9ec87e4..a9213e4 100644 --- a/cipher/sha256-ssse3-amd64.S +++ b/cipher/sha256-ssse3-amd64.S @@ -516,7 +516,6 @@ _gcry_sha256_transform_amd64_ssse3: ret -.data .align 16 .LK256: .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 diff --git a/cipher/sha512-avx-amd64.S b/cipher/sha512-avx-amd64.S index 699c271..446a8b4 100644 --- a/cipher/sha512-avx-amd64.S +++ b/cipher/sha512-avx-amd64.S @@ -368,8 +368,6 @@ _gcry_sha512_transform_amd64_avx: ;;; Binary Data */ -.data - .align 16 /* Mask for byte-swapping a couple of qwords in an XMM register using (v)pshufb. */ diff --git a/cipher/sha512-avx2-bmi2-amd64.S b/cipher/sha512-avx2-bmi2-amd64.S index 02f95af..05bef64 100644 --- a/cipher/sha512-avx2-bmi2-amd64.S +++ b/cipher/sha512-avx2-bmi2-amd64.S @@ -735,8 +735,6 @@ _gcry_sha512_transform_amd64_avx2: /*;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; */ /*;; Binary Data */ -.data - .align 64 /* K[t] used in SHA512 hashing */ .LK512: diff --git a/cipher/sha512-ssse3-amd64.S b/cipher/sha512-ssse3-amd64.S index c721bcf..51193b3 100644 --- a/cipher/sha512-ssse3-amd64.S +++ b/cipher/sha512-ssse3-amd64.S @@ -373,8 +373,6 @@ _gcry_sha512_transform_amd64_ssse3: ;;; Binary Data */ -.data - .align 16 /* Mask for byte-swapping a couple of qwords in an XMM register using (v)pshufb. */ commit ff02fca39c83bcf30c79368611ac65e273e77f6c Author: Jussi Kivilinna Date: Sat May 13 18:35:30 2017 +0300 cast5-amd64: use 64-bit relocation with large PIC memory model * cipher/cast5-amd64.S [__code_model_large__] (GET_EXTERN_POINTER): New. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/cast5-amd64.S b/cipher/cast5-amd64.S index 608fb64..c04015a 100644 --- a/cipher/cast5-amd64.S +++ b/cipher/cast5-amd64.S @@ -26,7 +26,20 @@ #if defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS) || !defined(__PIC__) # define GET_EXTERN_POINTER(name, reg) movabsq $name, reg #else -# define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg +# ifdef __code_model_large__ +# define GET_EXTERN_POINTER(name, reg) \ + pushq %r15; \ + pushq %r14; \ + 1: leaq 1b(%rip), reg; \ + movabsq $_GLOBAL_OFFSET_TABLE_-1b, %r14; \ + movabsq $name at GOT, %r15; \ + addq %r14, reg; \ + popq %r14; \ + movq (reg, %r15), reg; \ + popq %r15; +# else +# define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg +# endif #endif #ifdef HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS commit 434d4f2af39033fc626044ba9a060da298522293 Author: Jussi Kivilinna Date: Sat May 13 17:53:27 2017 +0300 Fix building with x86-64 medium and large memory models * cipher/cast5-amd64.S [HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS] (GET_EXTERN_POINTER): Load 64-bit address instead of 32-bit. * cipher/rijndael.c (do_encrypt, do_decrypt) [USE_AMD64_ASM && !HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS]: Load table pointer through register instead of generic reference. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/cast5-amd64.S b/cipher/cast5-amd64.S index a5f078e..608fb64 100644 --- a/cipher/cast5-amd64.S +++ b/cipher/cast5-amd64.S @@ -24,7 +24,7 @@ defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && defined(USE_CAST5) #if defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS) || !defined(__PIC__) -# define GET_EXTERN_POINTER(name, reg) leaq name, reg +# define GET_EXTERN_POINTER(name, reg) movabsq $name, reg #else # define GET_EXTERN_POINTER(name, reg) movq name at GOTPCREL(%rip), reg #endif diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 66ea0f3..8637195 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -752,7 +752,7 @@ do_encrypt (const RIJNDAEL_context *ctx, "+d" (ax), "+c" (rounds) : "0" (_gcry_aes_amd64_encrypt_block), - [encT] "g" (encT) + [encT] "r" (encT) : "cc", "memory", "r8", "r9", "r10", "r11"); return ret; # endif /* HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS */ @@ -1135,7 +1135,7 @@ do_decrypt (const RIJNDAEL_context *ctx, unsigned char *bx, "+d" (ax), "+c" (rounds) : "0" (_gcry_aes_amd64_decrypt_block), - [dectabs] "g" (&dec_tables) + [dectabs] "r" (&dec_tables) : "cc", "memory", "r8", "r9", "r10", "r11"); return ret; # endif /* HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS */ ----------------------------------------------------------------------- Summary of changes: cipher/camellia-aesni-avx-amd64.S | 5 +---- cipher/camellia-aesni-avx2-amd64.S | 3 +-- cipher/cast5-amd64.S | 17 +++++++++++++++-- cipher/chacha20-armv7-neon.S | 2 +- cipher/chacha20-avx2-amd64.S | 1 - cipher/chacha20-ssse3-amd64.S | 1 - cipher/des-amd64.S | 1 - cipher/rijndael-ssse3-amd64.c | 31 +++++++++++++++++++++++++------ cipher/rijndael.c | 4 ++-- cipher/serpent-avx2-amd64.S | 1 - cipher/sha1-avx-amd64.S | 3 +-- cipher/sha1-avx-bmi2-amd64.S | 3 +-- cipher/sha1-ssse3-amd64.S | 3 +-- cipher/sha256-avx-amd64.S | 1 - cipher/sha256-avx2-bmi2-amd64.S | 1 - cipher/sha256-ssse3-amd64.S | 1 - cipher/sha512-avx-amd64.S | 2 -- cipher/sha512-avx2-bmi2-amd64.S | 2 -- cipher/sha512-ssse3-amd64.S | 2 -- 19 files changed, 48 insertions(+), 36 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Tue May 23 17:33:11 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 23 May 2017 17:33:11 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-85-gc1bb3d9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c1bb3d9fdb6fe5f336af1d5a03fc42bfdc1f8b0b (commit) from 4cd94994a9abec9b92fa5972869baf089a28fa76 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c1bb3d9fdb6fe5f336af1d5a03fc42bfdc1f8b0b Author: Werner Koch Date: Tue May 23 17:28:46 2017 +0200 doc: Comment fixes diff --git a/cipher/rsa.c b/cipher/rsa.c index 895ee04..7f12ecd 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -306,7 +306,7 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e, mpi_add_ui (e, e, 2); } - /* calculate the secret key d = e^1 mod phi */ + /* calculate the secret key d = e^-1 mod phi */ d = mpi_snew ( nbits ); mpi_invm (d, e, f ); /* calculate the inverse of p and q (used for chinese remainder theorem)*/ diff --git a/mpi/ec.c b/mpi/ec.c index 016af00..8a6a656 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -1255,7 +1255,12 @@ _gcry_mpi_ec_mul_point (mpi_point_t result, || (ctx->model == MPI_EC_WEIERSTRASS && mpi_is_secure (scalar))) { - /* Simple left to right binary method. GECC Algorithm 3.27 */ + /* Simple left to right binary method. Algorithm 3.27 from + * {author={Hankerson, Darrel and Menezes, Alfred J. and Vanstone, Scott}, + * title = {Guide to Elliptic Curve Cryptography}, + * year = {2003}, isbn = {038795273X}, + * url = {http://www.cacr.math.uwaterloo.ca/ecc/}, + * publisher = {Springer-Verlag New York, Inc.}} */ unsigned int nbits; int j; ----------------------------------------------------------------------- Summary of changes: cipher/rsa.c | 2 +- mpi/ec.c | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Tue May 23 17:53:20 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 23 May 2017 17:53:20 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-86-gd764c98 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via d764c9894013727ff82eb194da6030209c273528 (commit) from c1bb3d9fdb6fe5f336af1d5a03fc42bfdc1f8b0b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d764c9894013727ff82eb194da6030209c273528 Author: Werner Koch Date: Tue May 23 17:48:15 2017 +0200 cipher: Fix compiler warnings. * cipher/poly1305.c (poly1305_default_ops): Move to the top. Add prototypes and compile only if USE_SSE2 is not defined. (poly1305_init_ext_ref32): Compile only if USE_SSE2 is not defined. (poly1305_blocks_ref32): Ditto. (poly1305_finish_ext_ref32): Ditto. Signed-off-by: Werner Koch diff --git a/cipher/poly1305.c b/cipher/poly1305.c index 7ae3592..22255fb 100644 --- a/cipher/poly1305.c +++ b/cipher/poly1305.c @@ -55,7 +55,24 @@ static const poly1305_ops_t poly1305_amd64_sse2_ops = { _gcry_poly1305_amd64_sse2_finish_ext }; -#endif +#else /* !POLY1305_USE_SSE2 */ + +static OPS_FUNC_ABI void poly1305_init_ext_ref32 +/**/ (void *state, const poly1305_key_t *key); +static OPS_FUNC_ABI unsigned int poly1305_blocks_ref32 +/**/ (void *state, const byte *m, size_t bytes); +static OPS_FUNC_ABI unsigned int poly1305_finish_ext_ref32 +/**/ (void *state, const byte * m, + size_t remaining, byte mac[POLY1305_TAGLEN]); + +static const poly1305_ops_t poly1305_default_ops = { + POLY1305_REF_BLOCKSIZE, + poly1305_init_ext_ref32, + poly1305_blocks_ref32, + poly1305_finish_ext_ref32 +}; + +#endif /* !POLY1305_USE_SSE2 */ #ifdef POLY1305_USE_AVX2 @@ -111,6 +128,7 @@ typedef struct poly1305_state_ref32_s } poly1305_state_ref32_t; +#ifndef POLY1305_USE_SSE2 static OPS_FUNC_ABI void poly1305_init_ext_ref32 (void *state, const poly1305_key_t * key) { @@ -141,8 +159,10 @@ poly1305_init_ext_ref32 (void *state, const poly1305_key_t * key) st->final = 0; } +#endif /* !POLY1305_USE_SSE2 */ +#ifndef POLY1305_USE_SSE2 static OPS_FUNC_ABI unsigned int poly1305_blocks_ref32 (void *state, const byte * m, size_t bytes) { @@ -229,8 +249,10 @@ poly1305_blocks_ref32 (void *state, const byte * m, size_t bytes) return (16 * sizeof (u32) + 5 * sizeof (u64) + 5 * sizeof (void *)); } +#endif /* !POLY1305_USE_SSE2 */ +#ifndef POLY1305_USE_SSE2 static OPS_FUNC_ABI unsigned int poly1305_finish_ext_ref32 (void *state, const byte * m, size_t remaining, byte mac[POLY1305_TAGLEN]) @@ -347,15 +369,9 @@ poly1305_finish_ext_ref32 (void *state, const byte * m, return (13 * sizeof (u32) + sizeof (u64) + POLY1305_REF_BLOCKSIZE + 6 * sizeof (void *)) + burn; } +#endif /* !POLY1305_USE_SSE2*/ -static const poly1305_ops_t poly1305_default_ops = { - POLY1305_REF_BLOCKSIZE, - poly1305_init_ext_ref32, - poly1305_blocks_ref32, - poly1305_finish_ext_ref32 -}; - ----------------------------------------------------------------------- Summary of changes: cipher/poly1305.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Tue May 30 15:35:56 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 30 May 2017 15:35:56 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-88-gc65f955 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c65f9558f12ffa2810538ef616e71b4052dacb81 (commit) via 87e481137debabb7f989d7fa9b1c21c336e10c98 (commit) from d764c9894013727ff82eb194da6030209c273528 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c65f9558f12ffa2810538ef616e71b4052dacb81 Author: Werner Koch Date: Tue May 30 15:27:47 2017 +0200 mpi: Distribute asm files for aarch64 and asm * mpi/aarch64/distfiles: New. * mpi/arm/distfiles: New. Signed-off-by: Werner Koch diff --git a/mpi/aarch64/distfiles b/mpi/aarch64/distfiles new file mode 100644 index 0000000..1327bd4 --- /dev/null +++ b/mpi/aarch64/distfiles @@ -0,0 +1,6 @@ +mpih-add1.S +mpih-mul1.S +mpih-mul2.S +mpih-mul3.S +mpih-sub1.S +mpi-asm-defs.h diff --git a/mpi/arm/distfiles b/mpi/arm/distfiles new file mode 100644 index 0000000..27a2ca5 --- /dev/null +++ b/mpi/arm/distfiles @@ -0,0 +1,6 @@ +mpi-asm-defs.h +mpih-add1.S +mpih-mul1.S +mpih-mul2.S +mpih-mul3.S +mpih-sub1.S commit 87e481137debabb7f989d7fa9b1c21c336e10c98 Author: Werner Koch Date: Tue May 30 15:23:45 2017 +0200 mpi: Distribute asm definitions for amd64 * mpi/amd64/distfiles: Add mpi-asm-defs.h. -- The problem exhibits itself only on Windows64 where sizeof(long) == sizeof(int). For other platforms the definition from generic/mpi-asm-defs.h works also for amd64. GnuPG-bug-id: 3184 Signed-off-by: Werner Koch diff --git a/mpi/amd64/distfiles b/mpi/amd64/distfiles index e7f92c8..44aad5f 100644 --- a/mpi/amd64/distfiles +++ b/mpi/amd64/distfiles @@ -6,3 +6,4 @@ mpih-mul2.S mpih-mul3.S mpih-rshift.S mpih-sub1.S +mpi-asm-defs.h ----------------------------------------------------------------------- Summary of changes: mpi/{pentium4/sse2 => aarch64}/distfiles | 1 + mpi/amd64/distfiles | 1 + mpi/{pentium4/sse2 => arm}/distfiles | 1 + 3 files changed, 3 insertions(+) copy mpi/{pentium4/sse2 => aarch64}/distfiles (80%) copy mpi/{pentium4/sse2 => arm}/distfiles (80%) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From cvs at cvs.gnupg.org Wed May 31 13:03:52 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 31 May 2017 13:03:52 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-89-g45c3934 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 45c39340c9926c2c5801dbab7609687c41e9ff1f (commit) from c65f9558f12ffa2810538ef616e71b4052dacb81 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 45c39340c9926c2c5801dbab7609687c41e9ff1f Author: Werner Koch Date: Wed May 31 13:00:05 2017 +0200 api: Deprecate gcry_md_info Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 995aac3..48ddeb3 100644 --- a/NEWS +++ b/NEWS @@ -62,6 +62,7 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] * Interface changes relative to the 1.7.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GCRYCTL_REINIT_SYSCALL_CLAMP NEW macro. + gcry_md_info DEPRECATED. * Release dates of 1.7.x versions: diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 8e49967..210ea2f 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1333,9 +1333,9 @@ int gcry_md_is_enabled (gcry_md_hd_t a, int algo); /* Return true if the digest object A is allocated in "secure" memory. */ int gcry_md_is_secure (gcry_md_hd_t a); -/* Retrieve various information about the object H. */ +/* Deprecated: Use gcry_md_is_enabled or gcry_md_is_secure. */ gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer, - size_t *nbytes); + size_t *nbytes) _GCRY_ATTR_INTERNAL; /* Retrieve various information about the algorithm ALGO. */ gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer, ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + src/gcrypt.h.in | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits