From jim.horvath at gmail.com Thu Aug 4 03:08:35 2005 From: jim.horvath at gmail.com (Jim Horvath) Date: Thu Aug 4 03:58:45 2005 Subject: libgcrypt, libgpg-error shared/dynamic libs under MinGW Message-ID: Using MinGW and MSYS 1.0.10... I'm trying to build libgpg-error, libgcrypt, and ultimately, libgnutls as shared/dynamic libs under MinGW. It seems that if you want to build a shared lib under MinGW, then it cannot have any undefined symbols. So, I think if I could build libgpg-error as both static and shared under MinGW, I'd be able to apply the solution to libgcrypt and gnutls, too. I've tried to compile libgpg-error-1.1 under MinGW and it says that it can't create a shared lib with undefined symbols, and looking closer it seems that the undefined symbol in question is "DllMainCRTStartup". I've tried including various MinGW standard libs and none of them seem to satisfy the linker. Is there something I'm missing about building under MinGW? Does anyone have any advice on how to build a libgpg-error and libgcrypt without missing symbols under MinGW? Thanks for any info, you'll be my best friend and everything. jh From wk at gnupg.org Thu Aug 4 09:54:50 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Aug 4 10:26:32 2005 Subject: libgcrypt, libgpg-error shared/dynamic libs under MinGW In-Reply-To: (Jim Horvath's message of "Wed, 3 Aug 2005 21:08:35 -0400") References: Message-ID: <87ek9a87cl.fsf@wheatstone.g10code.de> On Wed, 3 Aug 2005 21:08:35 -0400, Jim Horvath said: > Is there something I'm missing about building under MinGW? Does > anyone have any advice on how to build a libgpg-error and libgcrypt > without missing symbols under MinGW? I have only build static libs for now. Will work on DLLs next week. Shalom-Salam, Werner From jim.horvath at gmail.com Fri Aug 5 00:43:07 2005 From: jim.horvath at gmail.com (Jim Horvath) Date: Fri Aug 5 00:38:59 2005 Subject: libgcrypt, libgpg-error shared/dynamic libs under MinGW In-Reply-To: <87ek9a87cl.fsf@wheatstone.g10code.de> References: <87ek9a87cl.fsf@wheatstone.g10code.de> Message-ID: Fantastic, thank you for your work! On a related topic, do you know if gnutls 1.2.x can be built under MinGW yet? jim On 8/4/05, Werner Koch wrote: > On Wed, 3 Aug 2005 21:08:35 -0400, Jim Horvath said: > > > Is there something I'm missing about building under MinGW? Does > > anyone have any advice on how to build a libgpg-error and libgcrypt > > without missing symbols under MinGW? > > I have only build static libs for now. Will work on DLLs next week. > > > Shalom-Salam, > > Werner > > From wk at gnupg.org Fri Aug 5 12:16:36 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Aug 5 12:16:21 2005 Subject: libgcrypt, libgpg-error shared/dynamic libs under MinGW In-Reply-To: (Jim Horvath's message of "Thu, 4 Aug 2005 18:43:07 -0400") References: <87ek9a87cl.fsf@wheatstone.g10code.de> Message-ID: <87oe8c4rjv.fsf@wheatstone.g10code.de> On Thu, 4 Aug 2005 18:43:07 -0400, Jim Horvath said: > Fantastic, thank you for your work! > On a related topic, do you know if gnutls 1.2.x can be built under MinGW yet? Sorry, I don't know. Salam-Shalom, Werner From giga at le-pec.org Wed Aug 10 22:46:07 2005 From: giga at le-pec.org (Jean-Philippe Garcia Ballester) Date: Wed Aug 10 23:33:31 2005 Subject: Problem with gcry_pk_verify Message-ID: <20050810204607.GA7088@le-pec.org> I'm using libgcrypt to make a SSH library. So I build a sexp : gcry_sexp_build(&gcryhash,NULL,"(data(flags pkcs1)(hash sha1 %m))",bn); where bn is the mpi where the hash is stocked. The problem is that when the most significant bit is set, the sexp is built like this : (data (flags pkcs1) (hash sha1 #00D5FAD16E753FEEC40B696EC82D1E602A4D5C1302#) ) 0s are printed because the number is positive, but when gcry_pk_verify gets the mpi, it says the number needs 21 bytes, and is therefore not a valid sha1, failing with GPG_ERR_CONFLICT. How can I solve the problem? Regards, -- Jean-Philippe Garcia Ballester -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20050810/4150b2da/attachment.pgp From moritz at duesseldorf.ccc.de Thu Aug 11 21:57:14 2005 From: moritz at duesseldorf.ccc.de (Moritz Schulte) Date: Thu Aug 11 22:57:50 2005 Subject: Problem with gcry_pk_verify In-Reply-To: <20050810204607.GA7088@le-pec.org> References: <20050810204607.GA7088@le-pec.org> Message-ID: <42FBAD9A.5000608@duesseldorf.ccc.de> Jean-Philippe Garcia Ballester wrote: > I'm using libgcrypt to make a SSH library. So I build a sexp : > gcry_sexp_build(&gcryhash,NULL,"(data(flags pkcs1)(hash sha1 %m))",bn); > where bn is the mpi where the hash is stocked. The problem is that when > the most significant bit is set, the sexp is built like this : > (data > (flags pkcs1) > (hash sha1 #00D5FAD16E753FEEC40B696EC82D1E602A4D5C1302#) > ) Use the %b format character instead of %m; %b lets you insert memory buffers directly, regardles of MPI formating. %b expects two arguments: one of size_t and a pointer to the memory buffer. Moritz From giga at le-pec.org Sat Aug 13 16:05:06 2005 From: giga at le-pec.org (Jean-Philippe Garcia Ballester) Date: Sat Aug 13 15:52:55 2005 Subject: Problem with gcry_pk_verify In-Reply-To: <42FBAD9A.5000608@duesseldorf.ccc.de> References: <20050810204607.GA7088@le-pec.org> <42FBAD9A.5000608@duesseldorf.ccc.de> Message-ID: <20050813140506.GA20967@le-pec.org> On Thu, Aug 11, 2005 at 09:57:14PM +0200, Moritz Schulte wrote : > Jean-Philippe Garcia Ballester wrote: > > > I'm using libgcrypt to make a SSH library. So I build a sexp : > > gcry_sexp_build(&gcryhash,NULL,"(data(flags pkcs1)(hash sha1 %m))",bn); > > where bn is the mpi where the hash is stocked. The problem is that when > > the most significant bit is set, the sexp is built like this : > > (data > > (flags pkcs1) > > (hash sha1 #00D5FAD16E753FEEC40B696EC82D1E602A4D5C1302#) > > ) > > Use the %b format character instead of %m; %b lets you insert memory > buffers directly, regardles of MPI formating. %b expects two arguments: > one of size_t and a pointer to the memory buffer. Thanks. This works for RSA host key verification. But I still got a problem with DSA host key verification. The sexp is build like this : (data (flags raw) (value #9092EA3A02CD3738DD71DAE3FEAD27F3FC22A30F#) ) The problem is that it fails with Invalid Object (the mpi scanning fails because it's negative). If I put 0s, it fails with Invalid DSA signature. When the first bit of the hash is not set, it works perfectly. How should I do? Regards, -- Jean-Philippe Garcia Ballester -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20050813/33719365/attachment.pgp From wk at gnupg.org Thu Aug 18 11:46:52 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Aug 18 11:51:27 2005 Subject: Problem with gcry_pk_verify In-Reply-To: <20050813140506.GA20967@le-pec.org> (Jean-Philippe Garcia Ballester's message of "Sat, 13 Aug 2005 16:05:06 +0200") References: <20050810204607.GA7088@le-pec.org> <42FBAD9A.5000608@duesseldorf.ccc.de> <20050813140506.GA20967@le-pec.org> Message-ID: <87ek8rd1bn.fsf@wheatstone.g10code.de> On Sat, 13 Aug 2005 16:05:06 +0200, Jean-Philippe Garcia Ballester said: > The problem is that it fails with Invalid Object (the mpi scanning fails > because it's negative). If I put 0s, it fails with Invalid DSA > signature. Check out our Secure Shell library at ftp://ftp.gnupg.org/gcrypt/alpha/gsti/gsti-0.3.0.tar.bz2 may this is helpful. Salam-Shalom, Werner From mo at g10code.com Sat Aug 20 23:42:37 2005 From: mo at g10code.com (Moritz Schulte) Date: Sun Aug 21 00:38:28 2005 Subject: Problem with gcry_pk_verify In-Reply-To: <20050813140506.GA20967@le-pec.org> References: <20050810204607.GA7088@le-pec.org> <42FBAD9A.5000608@duesseldorf.ccc.de> <20050813140506.GA20967@le-pec.org> Message-ID: <4307A3CD.4060808@g10code.com> Jean-Philippe Garcia Ballester wrote: > But I still got a problem with DSA host key verification. The sexp is > build like this : > (data > (flags raw) > (value #9092EA3A02CD3738DD71DAE3FEAD27F3FC22A30F#) > ) > The problem is that it fails with Invalid Object (the mpi scanning fails > because it's negative). If I put 0s, it fails with Invalid DSA > signature. I guess you have triggered the "Invalid signature" error. In this case: are you SURE that the value you have provided is indeed a correct DSA signature? Please send example code to me. Thanks, Moritz -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20050820/cbbff5a8/signature.pgp From giga at le-pec.org Sun Aug 21 18:06:52 2005 From: giga at le-pec.org (Jean-Philippe Garcia Ballester) Date: Sun Aug 21 17:59:46 2005 Subject: Problem with gcry_pk_verify In-Reply-To: <4307A3CD.4060808@g10code.com> References: <20050810204607.GA7088@le-pec.org> <42FBAD9A.5000608@duesseldorf.ccc.de> <20050813140506.GA20967@le-pec.org> <4307A3CD.4060808@g10code.com> Message-ID: <20050821160652.GA25604@le-pec.org> On Sat, Aug 20, 2005 at 11:42:37PM +0200, Moritz Schulte wrote : > Jean-Philippe Garcia Ballester wrote: > > > But I still got a problem with DSA host key verification. The sexp is > > build like this : > > (data > > (flags raw) > > (value #9092EA3A02CD3738DD71DAE3FEAD27F3FC22A30F#) > > ) > > The problem is that it fails with Invalid Object (the mpi scanning fails > > because it's negative). If I put 0s, it fails with Invalid DSA > > signature. > > I guess you have triggered the "Invalid signature" error. In this case: > are you SURE that the value you have provided is indeed a correct DSA > signature? Please send example code to me. Oops. When putting 0s, I forgot to increment the data size parameter. Thanks a lot for your help. -- Jean-Philippe Garcia Ballester -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20050821/4e99a7ef/attachment.pgp From misc at dstoecker.de Thu Aug 25 14:35:37 2005 From: misc at dstoecker.de (Dirk Stoecker) Date: Thu Aug 25 15:26:43 2005 Subject: libgcrypt and patches Message-ID: Hello, some months ago I sent patches (multiple times) to the current libgcrypt CVS code to fix a series of memory holes. Since this time I neither had any response nor did the CVS code of libgcrypt change a bit since then. Is there still libgcrypt development? Is there any sense in resending the patches? Who is currently responsible for the software? Ciao -- ____ _ _ ____ _ _ _ _ ____ | | | | | | \ / | | | the cool Gremlin from Bischofswerda | __ | ____| | \/ | | | WWW: http://www.dstoecker.de/ | | | | | | | | PGP key available on www page. |____| _|_ |____| _|_ _|_ |____| I hope AMIGA never stops making fun! From wk at gnupg.org Thu Aug 25 17:11:54 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Aug 25 17:16:40 2005 Subject: libgcrypt and patches In-Reply-To: (Dirk Stoecker's message of "Thu, 25 Aug 2005 14:35:37 +0200 (CEST)") References: Message-ID: <87vf1u2gqt.fsf@wheatstone.g10code.de> On Thu, 25 Aug 2005 14:35:37 +0200 (CEST), Dirk Stoecker said: > some months ago I sent patches (multiple times) to the current libgcrypt > CVS code to fix a series of memory holes. Since this time I neither had > any response nor did the CVS code of libgcrypt change a bit since then. Libgcrypt is under subversion, maybe you used the the old CVS rep. The latest changes are a few days old. > Is there any sense in resending the patches? I recall a mail which tried to solve some one time allocations - we want apply such a fix. Salam-Shalom, Werner From jas at extundo.com Thu Aug 25 23:39:54 2005 From: jas at extundo.com (Simon Josefsson) Date: Fri Aug 26 00:18:38 2005 Subject: libgcrypt and patches In-Reply-To: <87vf1u2gqt.fsf@wheatstone.g10code.de> (Werner Koch's message of "Thu, 25 Aug 2005 17:11:54 +0200") References: <87vf1u2gqt.fsf@wheatstone.g10code.de> Message-ID: Werner Koch writes: > On Thu, 25 Aug 2005 14:35:37 +0200 (CEST), Dirk Stoecker said: > >> some months ago I sent patches (multiple times) to the current libgcrypt >> CVS code to fix a series of memory holes. Since this time I neither had >> any response nor did the CVS code of libgcrypt change a bit since then. > > Libgcrypt is under subversion, maybe you used the the old CVS rep. > The latest changes are a few days old. Is there some information on how to access libgcrypt in subversion anywhere? I read the announcement that gnupg changed to subversion, but not for other packages. www.gnupg.org still point at CVS, although viewcvs on cvs.gnupg.org seem to have stopped working. One guessed location failed here: jas@latte:~/src$ svn co svn://cvs.gnupg.org/libgcrypt/trunk libgcrypt svn: /var/lib/svn/libgcrypt/conf/svnserve.conf:12: Section header expected Thanks, Simon From jas at extundo.com Sat Aug 27 15:52:23 2005 From: jas at extundo.com (Simon Josefsson) Date: Sat Aug 27 15:52:42 2005 Subject: ANNOUNCE: libgpg-error and libgcrypt ported to uClinux Message-ID: Hi all. I have written a patch to enable libgpg-error and libgcrypt (and, incidentally, also gnutls and gsasl) to be built in the uClinux framework. See: http://mailman.uclinux.org/pipermail/uclinux-dev/2005-August/034484.html Hopefully the patch will be incorporated in the official uClinux distribution. I had to use --disable-asm to get it to build on m68k-elf (Motorola Coldfire), but there shouldn't be any other caveats. Enjoy, Simon From michele-lists at pupazzo.org Mon Aug 29 22:30:02 2005 From: michele-lists at pupazzo.org (Michele Baldessari) Date: Mon Aug 29 23:30:37 2005 Subject: libgcrypt and patches In-Reply-To: References: <87vf1u2gqt.fsf@wheatstone.g10code.de> Message-ID: <20050829203001.GA4520@michele.pupazzo.org> * Simon Josefsson (jas@extundo.com) wrote: > Werner Koch writes: > > On Thu, 25 Aug 2005 14:35:37 +0200 (CEST), Dirk Stoecker said: > > Libgcrypt is under subversion, maybe you used the the old CVS rep. > > The latest changes are a few days old. > > Is there some information on how to access libgcrypt in subversion > anywhere? I read the announcement that gnupg changed to subversion, > but not for other packages. www.gnupg.org still point at CVS, > although viewcvs on cvs.gnupg.org seem to have stopped working. > > One guessed location failed here: > > jas@latte:~/src$ svn co svn://cvs.gnupg.org/libgcrypt/trunk libgcrypt > svn: /var/lib/svn/libgcrypt/conf/svnserve.conf:12: Section header expected Same here ;) It'd be cool to have a link to the svn repo somewhere. -- Michele -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20050829/05c78943/attachment.pgp From wk at gnupg.org Tue Aug 30 22:02:49 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Aug 30 22:06:20 2005 Subject: ANNOUNCE: libgpg-error and libgcrypt ported to uClinux In-Reply-To: (Simon Josefsson's message of "Sat, 27 Aug 2005 15:52:23 +0200") References: Message-ID: <87u0h7tcpi.fsf@wheatstone.g10code.de> On Sat, 27 Aug 2005 15:52:23 +0200, Simon Josefsson said: > I had to use --disable-asm to get it to build on m68k-elf (Motorola > Coldfire), but there shouldn't be any other caveats. I had to do the same when I porting gnupg (with standard gnupg "./autogen.sh --build-coldfire && make" should do). Salam-Shalom, Werner p.s. I'll look after libgcrypt SVN tomorrow. From wk at gnupg.org Wed Aug 31 15:00:50 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Aug 31 15:06:17 2005 Subject: Subversion works now (was: libgcrypt and patches) In-Reply-To: (Simon Josefsson's message of "Thu, 25 Aug 2005 23:39:54 +0200") References: <87vf1u2gqt.fsf@wheatstone.g10code.de> Message-ID: <87r7caqn0d.fsf_-_@wheatstone.g10code.de> On Thu, 25 Aug 2005 23:39:54 +0200, Simon Josefsson said: > jas@latte:~/src$ svn co svn://cvs.gnupg.org/libgcrypt/trunk libgcrypt > svn: /var/lib/svn/libgcrypt/conf/svnserve.conf:12: Section header expected I just fixed it. There was an obvious error in the configuration file. The anon repository is actually a mirror of the real one which is the reason why we with write access didn't noticed it. Shalom-Salam, Werner From jas at extundo.com Wed Aug 31 16:43:22 2005 From: jas at extundo.com (Simon Josefsson) Date: Wed Aug 31 16:43:59 2005 Subject: Subversion works now In-Reply-To: <87r7caqn0d.fsf_-_@wheatstone.g10code.de> (Werner Koch's message of "Wed, 31 Aug 2005 15:00:50 +0200") References: <87vf1u2gqt.fsf@wheatstone.g10code.de> <87r7caqn0d.fsf_-_@wheatstone.g10code.de> Message-ID: Werner Koch writes: > On Thu, 25 Aug 2005 23:39:54 +0200, Simon Josefsson said: > >> jas@latte:~/src$ svn co svn://cvs.gnupg.org/libgcrypt/trunk libgcrypt >> svn: /var/lib/svn/libgcrypt/conf/svnserve.conf:12: Section header expected > > I just fixed it. There was an obvious error in the configuration > file. The anon repository is actually a mirror of the real one which > is the reason why we with write access didn't noticed it. Appears to work just fine, thanks! libgpg-error is still in CVS, though?