From wk at gnupg.org Wed Mar 9 17:56:31 2011 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 Mar 2011 17:56:31 +0100 Subject: gcry_kdf_derive Message-ID: <874o7cnsg0.fsf@vigenere.g10code.de> Hi, Libgcrypt 1.5.0 will have a new fucntion: -- Function: gpg_error_t gcry_kdf_derive ( const void *PASSPHRASE, size_t PASSPHRASELEN, int ALGO, int SUBALGO, const void *SALT, size_t SALTLEN, unsigned long ITERATIONS, size_t KEYSIZE, void *KEYBUFFER ) Derive a key from a passphrase. KEYSIZE gives the requested size of the keys in octets. KEYBUFFER is a caller provided buffer filled on success with the derived key. The input passphrase is taken from PASSPHRASE which is an arbitrary memory buffer of PASSPHRASELEN octets. ALGO specifies the KDF algorithm to use; see below. SUBALGO specifies an algorithm used internally by the KDF algorithms; this is usually a hash algorithm but certain KDF algorithms may use it differently. SALT is a salt of length SALTLEN octets, as needed by most KDF algorithms. ITERATIONS is a positive integer parameter to most KDFs. On success 0 is returned; on failure an error code. Currently supported KDFs (parameter ALGO): `GCRY_KDF_SIMPLE_S2K' The OpenPGP simple S2K algorithm (cf. RFC4880). Its use is strongly deprecated. SALT and ITERATIONS are not needed and may be passed as `NULL'/`0'. `GCRY_KDF_SALTED_S2K' The OpenPGP salted S2K algorithm (cf. RFC4880). Usually not used. ITERATIONS is not needed and may be passed as `0'. SALTLEN must be given as 8. `GCRY_KDF_ITERSALTED_S2K' The OpenPGP iterated+salted S2K algorithm (cf. RFC4880). This is the default for most OpenPGP applications. SALTLEN must be given as 8. Note that OpenPGP defines a special encoding of the ITERATIONS; however this function takes the plain decoded iteration count. plain decoded iteration count. `GCRY_KDF_PBKDF2' The PKCS#5 Passphrase Based Key Derivation Function number 2. This allows us to factor the S2k code from gpg and gpg-agent out to Libgcrypt. Created a bunch of test vectors using a hacked gpg 1.4. The function also implements PBKDF2; tested against the RFC-6070 test vectors. See tests/t-kdf.c for usage examples. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From arfrever.fta at gmail.com Wed Mar 9 18:19:08 2011 From: arfrever.fta at gmail.com (Arfrever Frehtes Taifersar Arahesis) Date: Wed, 9 Mar 2011 18:19:08 +0100 Subject: Libgcrypt 1.5.0-beta1 released In-Reply-To: <87oc652w0c.fsf@vigenere.g10code.de> References: <87oc652w0c.fsf@vigenere.g10code.de> Message-ID: <201103091819.43722.Arfrever.FTA@gmail.com> 2011-02-21 17:27:31 Werner Koch napisa?(a): > to help with testing the new ECC code in GnuPG, I just uploaded > a beta version of libgcrypt 1.5 I have added Libgcrypt 1.5.0-beta1 to Gentoo's main repository on 2011-02-23. Until now, only problem [1] with libotr [2] has been reported. Could you check if it is a bug in Libgcrypt 1.5.0-beta1 or in libotr? If it is a bug in libotr, could you advise how to fix it? [1] https://bugs.gentoo.org/show_bug.cgi?id=356325 [2] http://www.cypherpunks.ca/otr/ -- Arfrever Frehtes Taifersar Arahesis -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Wed Mar 9 19:45:35 2011 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 Mar 2011 19:45:35 +0100 Subject: Libgcrypt 1.5.0-beta1 released In-Reply-To: <201103091819.43722.Arfrever.FTA@gmail.com> (Arfrever Frehtes Taifersar Arahesis's message of "Wed, 9 Mar 2011 18:19:08 +0100") References: <87oc652w0c.fsf@vigenere.g10code.de> <201103091819.43722.Arfrever.FTA@gmail.com> Message-ID: <87zkp4m8ts.fsf@vigenere.g10code.de> On Wed, 9 Mar 2011 18:19, arfrever.fta at gmail.com said: > I have added Libgcrypt 1.5.0-beta1 to Gentoo's main repository on 2011-02-23. > Until now, only problem [1] with libotr [2] has been reported. > Could you check if it is a bug in Libgcrypt 1.5.0-beta1 or in libotr? Well, I need a bit more of info. Which function returns with "invalid length"? I need a small test case (w/o any gentoo or KDE specific stuff). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From vincent.torri at gmail.com Sun Mar 13 21:31:11 2011 From: vincent.torri at gmail.com (Vincent Torri) Date: Sun, 13 Mar 2011 21:31:11 +0100 Subject: using .pc file Message-ID: Hey I would like to know if pkg-config support can be added. I can provide a patch if the devs agree with such addition regards Vincent Torri -------------- next part -------------- An HTML attachment was scrubbed... URL: From ametzler at downhill.at.eu.org Mon Mar 14 15:30:16 2011 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Mon, 14 Mar 2011 15:30:16 +0100 Subject: using .pc file References: Message-ID: Vincent Torri wrote: > I would like to know if pkg-config support can be added. I can provide a > patch if the devs agree with such addition [...] I had proposed this in 2007, but it was denied. Rationale is here: http://article.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/1733 cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From n3npq at mac.com Mon Mar 14 16:56:03 2011 From: n3npq at mac.com (Jeff Johnson) Date: Mon, 14 Mar 2011 11:56:03 -0400 Subject: using .pc file In-Reply-To: References: Message-ID: <6C85FE72-9DBA-4409-95EF-9DD415306488@mac.com> On Mar 14, 2011, at 10:30 AM, Andreas Metzler wrote: > Vincent Torri wrote: >> I would like to know if pkg-config support can be added. I can provide a >> patch if the devs agree with such addition > [...] > > I had proposed this in 2007, but it was denied. Rationale is here: > http://article.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/1733 > Retrofitting pkgconfig onto any project isn't impossibly hard. Try an add-on patch. The rationale is perfectly sane for "portable" code. While pkgconfig might be very useful on uglix, pkgconfig is not sufficiently widely deployed to use everywhere. Having multiple (the other 2 are *.la files and /usr/bin/fooconfig scripts) hinting mechanisms to carry around compiler flags and linkage arguments introduces unreliability. Werner: FYI only, your gcrypt "portability" issues are hard to solve, and I have no easy answers. RPM has similarly hard "portability" issues. Ralf Engelschall wrote a rather nice M4 macro called RPM_CHECK_LIB() that handles not only all of fooconfig and foo.pc and *.la hinting, but also permits choosing internal <-> external libraries. E.g. here's the AutoFu by which RPM finds out how to link with -lgcrypt: dnl # GCrypt RPM_CHECK_LIB( [GCrypt], [gcrypt], [gcrypt], [gcry_pk_verify], [gcrypt.h], [no,external:none], [], [ AC_DEFINE(WITH_GCRYPT, 1, [Define if building with GCrypt]) ], []) RPM_CHECK_LIB() would tranparently handle any of /usr/bin/gcryptconfig /usr/lib*/pkgconfig/gcrypt.pc /usr/lib/libgcrypt.la as well as (if I was crazy enough to distribute gcrypt w RPM) an internal sub-tree of gcrypt. I pass along RPM_CHECK_LIB() solely for your professional hacking pleasure. Ralf did a *very* nice job writing RPM_CHECK_LIB(), solving a complex "portability" problem, and (I believe) RPM_CHECK_LIB() as much wider usage cases than just in RPM. hth 73 de Jeff I'm not crazy enough to re-distribute gcrypt+rpm. No need ... b > cu andreas > -- > `What a good friend you are to him, Dr. Maturin. His other friends are > so grateful to you.' > `I sew his ears on from time to time, sure' > > > _______________________________________________ > Gcrypt-devel mailing list > Gcrypt-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gcrypt-devel From vincent.torri at gmail.com Mon Mar 14 19:30:13 2011 From: vincent.torri at gmail.com (Vincent Torri) Date: Mon, 14 Mar 2011 19:30:13 +0100 Subject: using .pc file In-Reply-To: References: Message-ID: On Mon, Mar 14, 2011 at 3:30 PM, Andreas Metzler < ametzler at downhill.at.eu.org> wrote: > Vincent Torri wrote: > > I would like to know if pkg-config support can be added. I can provide a > > patch if the devs agree with such addition > [...] > > I had proposed this in 2007, but it was denied. Rationale is here: > http://article.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/1733 > I don't understand the argument about propoer crosscompilation problem. I am compiling for Windows : * for XP on XP with MSYS+MinGW * for XP on linux using the cross-compilation toolchain that is on my distro * for CE on linux using mingw32ce There is no problem at all with pkg-config. Can Werner Koch elaborate a bit ? thank you Vincent Torri -------------- next part -------------- An HTML attachment was scrubbed... URL: From mabrand at mabrand.nl Mon Mar 14 21:36:12 2011 From: mabrand at mabrand.nl (Mark Brand) Date: Mon, 14 Mar 2011 21:36:12 +0100 Subject: using .pc file In-Reply-To: References: Message-ID: <4D7E7C3C.9060903@mabrand.nl> On 03/14/2011 07:30 PM, Vincent Torri wrote: > On Mon, Mar 14, 2011 at 3:30 PM, Andreas Metzler > > wrote: > > Vincent Torri > wrote: > > I would like to know if pkg-config support can be added. I can > provide a > > patch if the devs agree with such addition > [...] > > I had proposed this in 2007, but it was denied. Rationale is here: > http://article.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/1733 > > > I don't understand the argument about propoer crosscompilation > problem. I am compiling for Windows : > > * for XP on XP with MSYS+MinGW > * for XP on linux using the cross-compilation toolchain that is on my > distro > * for CE on linux using mingw32ce > > There is no problem at all with pkg-config. Can Werner Koch elaborate > a bit ? I think Vincent has a point. Pkg-config can be useful when building for MinGW. It's quite valuable actually for the mingw-cross-env project because the project uses static linking. Mark From wk at gnupg.org Mon Mar 14 23:47:04 2011 From: wk at gnupg.org (Werner Koch) Date: Mon, 14 Mar 2011 23:47:04 +0100 Subject: using .pc file In-Reply-To: <4D7E7C3C.9060903@mabrand.nl> (Mark Brand's message of "Mon, 14 Mar 2011 21:36:12 +0100") References: <4D7E7C3C.9060903@mabrand.nl> Message-ID: <87sjupjp5j.fsf@vigenere.g10code.de> On Mon, 14 Mar 2011 21:36, mabrand at mabrand.nl said: > On 03/14/2011 07:30 PM, Vincent Torri wrote: >> * for XP on linux using the cross-compilation toolchain that is on >> my distro >> * for CE on linux using mingw32ce > I think Vincent has a point. Pkg-config can be useful when building > for MinGW. It's quite valuable actually for the mingw-cross-env On short: Except that we need to use the wrapper script below around pkg-config to do it properly: No such problem with the native libgcrypt et al config scripts - they just work. See the gpg4win meta installer for the whole stuff. Shalom-Salam, Werner === Stuff in the Makefile === # We need to fix the prefix in the various packages using pkgconfig, # or we can't substitute it properly in our pkg-config wrapper. define gpg4win_pkg_glib_post_install (cd $$$${pkgidir}; \ perl -pi -e 's/^prefix=.*$$$$/prefix=\/usr/' `find . -name \*.pc`) endef === pkg-config ==== CMD=/usr/bin/pkg-config PREFIX=/usr if [ ! "$SYSROOT" ]; then echo "pkg-config-filter: missing \$SYSROOT environment variable" exit 2 fi #if [ ! "$PKG_CONFIG_LIBDIR" ]; then # export PKG_CONFIG_LIBDIR=$SYSROOT/lib/pkgconfig/ #fi export PKG_CONFIG_LIBDIR export PKG_CONFIG_PATH if $CMD $* | sed -e "s~\-L/*$SYSROOT/*~-L=/~g; s~\-I/*$SYSROOT/*~-I=/~g;" | # protect already given sysroot sed -e "s~\-L$PREFIX/~-L=/~g; s~\-I$PREFIX/~-I=/~g;" | # add sysroot symbol to all absolute pathes sed -e "s~\-L\=~-L$SYSROOT~g; s~\-I\=~-I$SYSROOT~g;" # replace sysroot sign to sysroot path # sed -e "s~\-x11\-~-win32-~g;" # replace x11 with win32 (target) # sed -e "s~pangoxft~pangow32ft~g;" # replace x11 with win32 (target) then # echo "PKG_CONFIG_LIBDIR=$PKG_CONFIG_LIBDIR" >&2 # echo "PKG_CONFIG_PATH=$PKG_CONFIG_PATH" >&2 # echo "OKAY" >&2; # See question 11 in comp.unix.shell FAQ. exit ${PIPESTATUS[0]}; else echo "pkg-config pipe failed!" >&2 exit 1 fi -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.