mpi_swap_cond: different sizes error on eddsa key generation

[Kostis Andrikopoulos]

Hello,

We are using gcrypt in our library and, at some point, we would like to
create some eddsa keys on the curve Ed25519.

This is how we do it:

    //...
    //...

    gcry_sexp_t key, params;
    static const char *parmstr = "(genkey (ecc (curve Ed25519 (flags
eddsa))))";

    /* Create the sexp using the parameter string */
    err = gcry_sexp_new(&params, parmstr, strlen(parmstr), 0);
    if(err) { goto error; }

    /* Generate the keypair */
    err = gcry_pk_genkey(&key, params);
    gcry_sexp_release(params);
    if(err) { goto error; }

    // ...
    // ...

We were developing on lubuntu, which provides the 1.6.5 version of
libgcrypt and everything is working as expected. Then when we tried to
compile in archlinux and manjaro which provide version 1.7.3. Under this
version of gcrypt we got a runtime error message stating:

Ohhhh jeeee: mpi_swap_cond: different sizes

We tried to isolate the seemingly wrong code from the rest of the
library and compiled it. The error message did not appear this time.

We tried looking at the ChangeLogs but as far as we can tell this is the
"correct" way of generating an eddsa keypair over curve Ed25519 both in
1.6.5 and in 1.7.3.

Also by going over the gcrypt source code we believe that this error
message is internal and shouldn't be generated by the user's actions.

On the other hand we are first-time users of the grcypt library so it is
very possible that we are doing something wrong. Does this error message
in this context seem at all familiar? Could you point us to a set of
possible causes of this error?


Thanks!