From gniibe at fsij.org Mon May 2 01:50:36 2016 From: gniibe at fsij.org (NIIBE Yutaka) Date: Mon, 2 May 2016 08:50:36 +0900 Subject: libgcrypt-1.7 fails self-test for all 'basic' with 'Checksum error' (log attached) In-Reply-To: <87fuu5exle.fsf@wheatstone.g10code.de> References: <87twinpc4v.fsf@wheatstone.g10code.de> <877ffim784.fsf@wheatstone.g10code.de> <572227C0.4030107@iki.fi> <87fuu5exle.fsf@wheatstone.g10code.de> Message-ID: <5726964C.1090301@fsij.org> On 04/29/2016 03:30 PM, Werner Koch wrote: > - check whether this bug has been fixed in a later gcc version Just FYI, I couldn't reproduce this bug on Debian (with 5.3.1-16 and with 6.0.1-2). -- From cvs at cvs.gnupg.org Fri May 6 06:24:35 2016 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 06 May 2016 06:24:35 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.0-4-gc7430aa Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c7430aa752232aa690c5d8f16575a345442ad8d7 (commit) from ee5a32226a7ca4ab067864e06623fc11a1768900 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c7430aa752232aa690c5d8f16575a345442ad8d7 Author: NIIBE Yutaka Date: Fri May 6 13:21:17 2016 +0900 ecc: Fix ecc_verify for cofactor support. * cipher/ecc.c (ecc_verify): Fix the argument for cofactor "h". -- Thanks to onitake. GnuPG-bug-id: 2347 Signed-off-by: NIIBE Yutaka diff --git a/cipher/ecc.c b/cipher/ecc.c index a437a1f..b09902e 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1071,7 +1071,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) if ((ctx.flags & PUBKEY_FLAG_PARAM)) rc = sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?h?/q", &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, - &pk.E.n, &mpi_q, NULL); + &pk.E.h, &mpi_q, NULL); else rc = sexp_extract_param (s_keyparms, NULL, "/q", &mpi_q, NULL); ----------------------------------------------------------------------- Summary of changes: cipher/ecc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From wk at gnupg.org Mon May 9 09:43:12 2016 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 May 2016 09:43:12 +0200 Subject: [Jeremie Courreges-Anglas] [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c Message-ID: <87d1ovk773.fsf@wheatstone.g10code.de> An embedded message was scrubbed... From: jca at wxcvbn.org (Jeremie Courreges-Anglas) Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c Date: Mon, 09 May 2016 04:22:14 +0200 Size: 10932 URL: -------------- next part -------------- -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jca at wxcvbn.org Mon May 9 19:17:45 2016 From: jca at wxcvbn.org (Jeremie Courreges-Anglas) Date: Mon, 09 May 2016 19:17:45 +0200 Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c Message-ID: <87posvb16u.fsf@ritchie.wxcvbn.org> Hi, (looks like Werner has already forwarded this here, but the archive shows the mail as mangled: https://lists.gnupg.org/pipermail/gcrypt-devel/2016-May/003866.html). compilation of crc-intel-pclmul.c from libgcrypt-1.7.0 fails on OpenBSD/amd64: $ ./configure && make [...] /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I/usr/local/include -g -O2 -fvisibility=hidden -Wall -MT crc-intel-pclmul.lo -MD -MP -MF .deps/crc-intel-pclmul.Tpo -c -o crc-intel-pclmul.lo crc-intel-pclmul.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I/usr/local/include -g -O2 -fvisibility=hidden -Wall -MT crc-intel-pclmul.lo -MD -MP -MF .deps/crc-intel-pclmul.Tpo -c crc-intel-pclmul.c -fPIC -DPIC -o .libs/crc-intel-pclmul.o /tmp//ccK05MkC.s: Assembler messages: /tmp//ccK05MkC.s:113: Error: no such instruction: `pextrd $2,%xmm0,(%rdi)' /tmp//ccK05MkC.s:130: Error: no such instruction: `pinsrd $1,-4(%rsi,%rcx),%xmm0' /tmp//ccK05MkC.s:153: Error: no such instruction: `pextrd $2,%xmm0,(%rdi)' /tmp//ccK05MkC.s:210: Error: no such instruction: `pextrd $1,%xmm0,(%rdi)' /tmp//ccK05MkC.s:359: Error: no such instruction: `pextrd $1,%xmm0,(%rdi)' /tmp//ccK05MkC.s:530: Error: no such instruction: `pinsrd $1,-4(%rsi,%rcx),%xmm0' *** Error 1 in cipher (Makefile:643 'crc-intel-pclmul.lo') *** Error 1 in . (Makefile:502 'all-recursive') *** Error 1 in /tmp/libgcrypt-1.7.0 (Makefile:408 'all') (This is after applying the diff from http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff_plain;h=4545372c0f8dd35aef2a7abc12b588ed1a4a0363;hp=eecc081f8ae02c43454abaee4a4f72efaee42745) The problem is that PCLMUL support is activated, since the OpenBSD compiler supports it, but the asm also uses SSE4.1 instructions, which the compiler doesn't support. One possible way to fix this would be to implement autoconf tests for the SSE4.1 instructions used above, and disable the PCLMUL CRC code if appropriate. Please find attached a patch for this, tested against gcc from OpenBSD (pclmul/no sse4.1) and clang-3.7.1 (pclmul/sse4.1). -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Check-for-compiler-SSE4.1-support-in-PCLMUL-CRC-code.patch Type: text/x-patch Size: 5357 bytes Desc: not available URL: -------------- next part -------------- -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE From jca at wxcvbn.org Wed May 25 18:21:16 2016 From: jca at wxcvbn.org (Jeremie Courreges-Anglas) Date: Wed, 25 May 2016 18:21:16 +0200 Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c In-Reply-To: <87posvb16u.fsf@ritchie.wxcvbn.org> (Jeremie Courreges-Anglas's message of "Mon, 09 May 2016 19:17:45 +0200") References: <87posvb16u.fsf@ritchie.wxcvbn.org> Message-ID: <87y46yrtvn.fsf@ritchie.wxcvbn.org> Hi, any feedback regarding this problem / diff? -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE From jussi.kivilinna at iki.fi Thu May 26 17:29:55 2016 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 26 May 2016 18:29:55 +0300 Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c In-Reply-To: <87y46yrtvn.fsf@ritchie.wxcvbn.org> References: <87posvb16u.fsf@ritchie.wxcvbn.org> <87y46yrtvn.fsf@ritchie.wxcvbn.org> Message-ID: <57471673.2050901@iki.fi> Hello, I checked patch and it is ok. Can you send signed DCO to mailing list (see libgcrypt/doc/HACKING)? -Jussi On 25.05.2016 19:21, Jeremie Courreges-Anglas wrote: > > Hi, > > any feedback regarding this problem / diff? > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: From jca at wxcvbn.org Thu May 26 19:02:23 2016 From: jca at wxcvbn.org (=?utf-8?Q?J=C3=A9r=C3=A9mie_Courr=C3=A8ges-Anglas?=) Date: Thu, 26 May 2016 19:02:23 +0200 Subject: DCO Message-ID: <87bn3ssqg0.fsf@ritchie.wxcvbn.org> Libgcrypt Developer's Certificate of Origin. Version 1.0 ========================================================= By making a contribution to the Libgcrypt project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: J?r?mie Courr?ges-Anglas -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 818 bytes Desc: not available URL: From jca at wxcvbn.org Thu May 26 20:38:44 2016 From: jca at wxcvbn.org (=?utf-8?Q?J=C3=A9r=C3=A9mie_Courr=C3=A8ges-Anglas?=) Date: Thu, 26 May 2016 20:38:44 +0200 Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c In-Reply-To: <57471673.2050901@iki.fi> (Jussi Kivilinna's message of "Thu, 26 May 2016 18:29:55 +0300") References: <87posvb16u.fsf@ritchie.wxcvbn.org> <87y46yrtvn.fsf@ritchie.wxcvbn.org> <57471673.2050901@iki.fi> Message-ID: <8737p4slzf.fsf@ritchie.wxcvbn.org> Jussi Kivilinna writes: > Hello, Hi, > I checked patch and it is ok. Can you send signed DCO to > mailing list (see libgcrypt/doc/HACKING)? Done, here's a patch with an additional Signed-off-by: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Check-for-compiler-SSE4.1-support-in-PCLMUL-CRC-code.patch Type: text/x-patch Size: 5356 bytes Desc: not available URL: -------------- next part -------------- -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 818 bytes Desc: not available URL: From stefbon at gmail.com Fri May 27 10:35:08 2016 From: stefbon at gmail.com (Stef Bon) Date: Fri, 27 May 2016 10:35:08 +0200 Subject: Howto use libgrcypt for signature? Message-ID: Hi, I'm writing a fuse fs for sftp, and using libgcrypt for encryption, hmac, digest and dh. Now I m working on the checking of the signature of H send by the sender. The client creates also H, and has to check the signature of H using the public key. I've got the signature of H from the server, H and the public hostkey of the server as string (length, buffer). How to go futher? I know I have to use the function gcry_pk_verify, but how? Do I have to convert the strings to some s-expressions using a format first? Thanks in advance, Stef From justus at g10code.com Fri May 27 11:47:12 2016 From: justus at g10code.com (Justus Winter) Date: Fri, 27 May 2016 11:47:12 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: References: Message-ID: <20160527094712.29332.53086@thinkbox.jade-hamburg.de> Hi :) Quoting Stef Bon (2016-05-27 10:35:08) > I'm writing a fuse fs for sftp, and using libgcrypt for encryption, > hmac, digest and dh. Shouldn't you be rather using e.g. libssh then? If using libgcrypt rather than openssl is important to you, libssh can be configured to use it at compile time. > How to go futher? I know I have to use the function gcry_pk_verify, but how? > > Do I have to convert the strings to some s-expressions using a format first? Yes. Justus From stefbon at gmail.com Fri May 27 12:17:23 2016 From: stefbon at gmail.com (Stef Bon) Date: Fri, 27 May 2016 12:17:23 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: <1959291.J4VgKGTmo4@tauon.atsec.com> References: <1959291.J4VgKGTmo4@tauon.atsec.com> Message-ID: Aha thanks! That helps a lot! How does the struct struct rsa_sigver_data look like? I see the values e and n which from the publickey, but I only have the publickey as one string as part of the SSH_MSG_KEXDH_REPLY message. I'v read rfc4253 6.6 and find sit hard to understand. Can I use the rsa hostkey just as string or do I have to get the e and the n from it? Stef Bon BTW I want to try the libkcapi as backend library when everything works. I've read you've written it. Are there any indications this library performs better? From stefbon at gmail.com Fri May 27 11:59:14 2016 From: stefbon at gmail.com (Stef Bon) Date: Fri, 27 May 2016 11:59:14 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: <20160527094712.29332.53086@thinkbox.jade-hamburg.de> References: <20160527094712.29332.53086@thinkbox.jade-hamburg.de> Message-ID: 2016-05-27 11:47 GMT+02:00 Justus Winter : > Hi :) > > Quoting Stef Bon (2016-05-27 10:35:08) >> I'm writing a fuse fs for sftp, and using libgcrypt for encryption, >> hmac, digest and dh. > > Shouldn't you be rather using e.g. libssh then? If using libgcrypt > rather than openssl is important to you, libssh can be configured to > use it at compile time. No, I've found it very complicated to use libssh with the fuse fs I want to write. First the integration with my own eventloop is complicated to write. I've asked the libssh devellist about this, no help there. Second I want to extend the ssh/sftp protocol with handling extended attributes (for use in the FUSE fs of course). There is a request for the openssh developers, but they don't want to do anything about it: https://bugzilla.mindrot.org/show_bug.cgi?id=1953 Knowing this reaction I guess it's better to create my own ssh/sftp library. >> Do I have to convert the strings to some s-expressions using a format first? >Yes. Just converting the string to an s-expression like: gcry_sexp_build(&sig, NULL, "%b", sigH->len, sigH->ptr) or do I have to use another hostkey algo specific format? Stef From smueller at chronox.de Fri May 27 11:53:15 2016 From: smueller at chronox.de (Stephan Mueller) Date: Fri, 27 May 2016 11:53:15 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: References: Message-ID: <1959291.J4VgKGTmo4@tauon.atsec.com> Am Freitag, 27. Mai 2016, 10:35:08 schrieb Stef Bon: Hi Stef, > Hi, > > I'm writing a fuse fs for sftp, and using libgcrypt for encryption, > hmac, digest and dh. > > Now I m working on the checking of the signature of H send by the > sender. The client creates also H, > and has to check the signature of H using the public key. > > I've got the signature of H from the server, H and the public hostkey > of the server as string (length, buffer). > > How to go futher? I know I have to use the function gcry_pk_verify, but > how? > > Do I have to convert the strings to some s-expressions using a format first? some example code: static int libgcrypt_rsa_sigver(struct rsa_sigver_data *data) { gcry_sexp_t s_data = NULL; gcry_sexp_t s_key = NULL; gcry_sexp_t s_sig = NULL; int algo = 0; int mode = 0; int ret = 1; gpg_error_t err; unsigned char hash[64]; unsigned int hashsize; gcry_mpi_t n = NULL; gcry_mpi_t e = NULL; gcry_mpi_t sig = NULL; libgcrypt_init(1); if (libgcrypt_cipher(data->cipher, 0, &algo, &mode)) return 1; hashsize = gcry_md_get_algo_dlen(algo); if (!hashsize || hashsize > sizeof hash) { dolog(LOG_WARN, "digest too long for buffer or unknown hash algorithm\n"); return 1; } /* Generate and convert the hash */ gcry_md_hash_buffer(algo, hash, data->msg.buf, data->msg.len); err = gcry_sexp_build (&s_data, NULL, "(data (flags pkcs1)(hash %s %b))", gcry_md_algo_name(algo), (int)hashsize, hash); if (err) { dolog(LOG_WARN, "gcry_sexp_build failed for RSA data input: %s\n", gpg_strerror (err)); return 1; } /* Convert public key */ err = gcry_mpi_scan(&n, GCRYMPI_FMT_USG, data->n.buf, data->n.len, NULL); if (err) { dolog(LOG_WARN, "error scanning RSA parameter n: %s\n", gpg_strerror(err)); goto out; } err = gcry_mpi_scan(&e, GCRYMPI_FMT_USG, data->e.buf, data->e.len, NULL); if (err) { dolog(LOG_WARN, "error scanning RSA parameter e: %s\n", gpg_strerror(err)); goto out; } err = gcry_sexp_build(&s_key, NULL, "(public-key(rsa(n%m)(e%m)))", n, e); if (err) { dolog(LOG_WARN, "error building S-expression: %s\n", gpg_strerror (err)); goto out; } /* Convert signature */ err = gcry_mpi_scan(&sig, GCRYMPI_FMT_USG, data->sig.buf, data->sig.len, NULL); if (err) { dolog(LOG_WARN, "error scanning RSA parameter signature: %s\n", gpg_strerror(err)); goto out; } err = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s %m)))", sig); if (err) { dolog(LOG_WARN, "error building S-expression: %s\n", gpg_strerror (err)); goto out; } /* sig verification */ err = gcry_pk_verify(s_sig, s_data, s_key); if (!err) ret = 0; else if (gpg_err_code (err) == GPG_ERR_BAD_SIGNATURE) ret = -1; else ret = 1; out: if (n) gcry_mpi_release(n); if (e) gcry_mpi_release(e); if (sig) gcry_mpi_release(sig); if (s_sig) gcry_sexp_release (s_sig); if (s_key) gcry_sexp_release (s_key); if (s_data) gcry_sexp_release (s_data); return ret; } > > Thanks in advance, > > Stef > > _______________________________________________ > Gcrypt-devel mailing list > Gcrypt-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gcrypt-devel Ciao Stephan From smueller at chronox.de Fri May 27 13:18:11 2016 From: smueller at chronox.de (Stephan Mueller) Date: Fri, 27 May 2016 13:18:11 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: References: <1959291.J4VgKGTmo4@tauon.atsec.com> Message-ID: <6116062.RN98z5HhJp@tauon.atsec.com> Am Freitag, 27. Mai 2016, 12:17:23 schrieb Stef Bon: Hi Stef, > Aha thanks! That helps a lot! > > How does the struct struct rsa_sigver_data look like? I see the values struct rsa_sigver_data { struct buffer n; /* input */ struct buffer e; /* input */ struct buffer msg; /* input */ struct buffer sig; /* input */ enum cipher cipher; /* input */ }; > e and n which from the publickey, > but I only have the publickey as one string as part of the > SSH_MSG_KEXDH_REPLY message. You have to identify how e and n are encapsulated. I am not too much familiar with the SSH wire protocol, so I cannot help here. The idea is that you need to convert the e and n into an mpi or any other format understood by gcry_sexp_build (see libgcrypt manual for the format types). > I'v read rfc4253 6.6 and find sit hard to understand. > Can I use the rsa hostkey just as string or do I have to get the e and > the n from it? Again, I am not too familiar with that wire format. > > Stef Bon > > BTW I want to try the libkcapi as backend library when everything > works. I've read you've written it. > Are there any indications this library performs better? In a lot of circumstances, it will be slower as it is a wrapper to use the Linux kernel crypto API. It needs at least two syscalls with a round trip to the kernel. However, you have much more hardware-specific support in the kernel than in user space. That could make your life easier. You can use the speed test and compare it with your user space lib of your choice. For bulk symmetric encryption it is usually slower (albeit not by much using zero-copy) unless you use HW that is inaccessible from user space. In addition, libkcapi provides one benefit that user space currently does not provide: it protects you keys and your state. I.e. once you initialized your cipher handle, you can cleanly erase the key from your app memory. I.e. when the app is compromised, you have absolutely no key material in your address space. Ciao Stephan From smueller at chronox.de Fri May 27 13:19:18 2016 From: smueller at chronox.de (Stephan Mueller) Date: Fri, 27 May 2016 13:19:18 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: <6116062.RN98z5HhJp@tauon.atsec.com> References: <6116062.RN98z5HhJp@tauon.atsec.com> Message-ID: <2500772.CX0Wqno4X6@tauon.atsec.com> Am Freitag, 27. Mai 2016, 13:18:11 schrieb Stephan Mueller: Hi Stephan, > Am Freitag, 27. Mai 2016, 12:17:23 schrieb Stef Bon: > > Hi Stef, > > > Aha thanks! That helps a lot! > > > > How does the struct struct rsa_sigver_data look like? I see the values > > struct rsa_sigver_data { > struct buffer n; /* input */ > struct buffer e; /* input */ > struct buffer msg; /* input */ > struct buffer sig; /* input */ > enum cipher cipher; /* input */ > }; One hint: struct buffer { unsigned char *buf; uint32_t len; }; Ciao Stephan From wk at gnupg.org Fri May 27 14:35:06 2016 From: wk at gnupg.org (Werner Koch) Date: Fri, 27 May 2016 14:35:06 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: (Stef Bon's message of "Fri, 27 May 2016 11:59:14 +0200") References: <20160527094712.29332.53086@thinkbox.jade-hamburg.de> Message-ID: <877fefadc5.fsf@wheatstone.g10code.de> On Fri, 27 May 2016 11:59, stefbon at gmail.com said: > Knowing this reaction I guess it's better to create my own ssh/sftp library. Better think again about this. You will need to maintain it and that costs a lot of time. This is the reason why I more or less gave up on GSTI [1], my own SSH implementation, I started 15 years ago. It may however help you to see how to use libgcrypt with SSH. Salam-Shalom, Werner [1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gsti.git -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From stefbon at gmail.com Fri May 27 17:46:19 2016 From: stefbon at gmail.com (Stef Bon) Date: Fri, 27 May 2016 17:46:19 +0200 Subject: Howto use libgrcypt for signature? In-Reply-To: <877fefadc5.fsf@wheatstone.g10code.de> References: <20160527094712.29332.53086@thinkbox.jade-hamburg.de> <877fefadc5.fsf@wheatstone.g10code.de> Message-ID: 2016-05-27 14:35 GMT+02:00 Werner Koch : > On Fri, 27 May 2016 11:59, stefbon at gmail.com said: > > Better think again about this. You will need to maintain it and that > costs a lot of time. This is the reason why I more or less gave up on > GSTI [1], my own SSH implementation, I started 15 years ago. It may however > help you to see how to use libgcrypt with SSH. > Thanks a lot for your advice and the link. I know I have to implement new crypt methods, but I hope my code is written in a way this will be straight forward. A lot of other implementations I've seen are like a haystack. (a lot of defines in the code where you can handle things different by just using specific functions/callbacks which handle library (libgcrypt or openssl) specific things). I will look into your code. Thanks again. Stef From jussi.kivilinna at iki.fi Sat May 28 12:19:41 2016 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Sat, 28 May 2016 13:19:41 +0300 Subject: [libgcrypt-1.7.0] SSE4.1 in crc-intel-pclmul.c In-Reply-To: <8737p4slzf.fsf@ritchie.wxcvbn.org> References: <87posvb16u.fsf@ritchie.wxcvbn.org> <87y46yrtvn.fsf@ritchie.wxcvbn.org> <57471673.2050901@iki.fi> <8737p4slzf.fsf@ritchie.wxcvbn.org> Message-ID: <574970BD.10607@iki.fi> On 26.05.2016 21:38, J?r?mie Courr?ges-Anglas wrote: > Jussi Kivilinna writes: > >> Hello, > > Hi, > >> I checked patch and it is ok. Can you send signed DCO to >> mailing list (see libgcrypt/doc/HACKING)? > > Done, here's a patch with an additional Signed-off-by: > Thanks. I pushed the patch to repository. -Jussi > > > > > > _______________________________________________ > Gcrypt-devel mailing list > Gcrypt-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gcrypt-devel > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: