bug in gcrypt's bit manipulation routines

Werner Koch wk at gnupg.org
Fri Aug 4 11:40:36 CEST 2006

On Mon, 31 Jul 2006 18:33, bpgcrypt at itaparica.org said:

> 1. The function gcry_mpi_set_bit ommits the (re-)allocation of enough 
>    memory to store an MPI of the needed size. The following code snippet 
>    demonstrates this:

Thanks.  I fixed it in the development version.  Will be ported to
stable later.

> 2. The routine gcry_mpi_rshift always interpretes the "shift value" N 
>    as (N % 32). This behaviour is commented (a little bit) in
>    libgcrypt-1.2.2/mpi/generic/mpih-rshift.c
> * Argument constraints:
> * 1. 0 < CNT < BITS_PER_MP_LIMB

Changed.  You may now use any value of N.

> 3. HMAC-SHA256 calculation via
> gcry_md_open(&mh, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
>    aborts with some "no secure memory allocated" message. This can be
>    fixed by explicitely doing a 
> gcry_control(GCRYCTL_INIT_SECMEM, 1);

or if you don't need secure memory:

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);

The we require this is that a MAC uses a key and that key should be
called in the so-called secure memory.  I'll add a note to the docs.



More information about the Gcrypt-devel mailing list