[git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-68-g61dbb7c

by Werner Koch cvs at cvs.gnupg.org
Sun Apr 29 18:09:24 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  61dbb7c08ab11c10060e193b52e3e1d2ec6dd062 (commit)
       via  f3362f10f6f671246c38115ed12b0047966c200e (commit)
      from  e7ae0ae243c8978a67c802169183187d88557be8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 61dbb7c08ab11c10060e193b52e3e1d2ec6dd062
Author: Werner Koch <wk at gnupg.org>
Date:   Sun Apr 29 18:01:24 2018 +0200

    build: Convince gcc not to delete NULL ptr checks.
    
    * configure.ac: Try to use -fno-delete-null-pointer-checks.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/configure.ac b/configure.ac
index 330485f..3cb0b35 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1885,8 +1885,19 @@ AC_ARG_ENABLE(optimization,
                          CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'`
                        fi])
 
+AC_MSG_NOTICE([checking for cc features])
 # CFLAGS mangling when using gcc.
 if test "$GCC" = yes; then
+    AC_MSG_CHECKING([if gcc supports -fno-delete-null-pointer-checks])
+    _gcc_cflags_save=$CFLAGS
+    CFLAGS="-fno-delete-null-pointer-checks"
+    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no)
+    AC_MSG_RESULT($_gcc_wopt)
+    CFLAGS=$_gcc_cflags_save;
+    if test x"$_gcc_wopt" = xyes ; then
+       CFLAGS="$CFLAGS -fno-delete-null-pointer-checks"
+    fi
+
     CFLAGS="$CFLAGS -Wall"
     if test "$USE_MAINTAINER_MODE" = "yes"; then
         CFLAGS="$CFLAGS -Wcast-align -Wshadow -Wstrict-prototypes"
@@ -1918,7 +1929,6 @@ if test "$GCC" = yes; then
           CFLAGS="$CFLAGS -Wpointer-arith"
         fi
     fi
-
 fi
 
 # Check whether as(1) supports a noeexecstack feature.  This test

commit f3362f10f6f671246c38115ed12b0047966c200e
Author: Werner Koch <wk at gnupg.org>
Date:   Sat Apr 28 18:30:53 2018 +0200

    prime: Avoid rare assertion failure in gcry_prime_check.
    
    * cipher/primegen.c (is_prime): Don't fail on the assert X > 1.
    --
    
    When using gcry_prime_check the function is_prime can be called with
    quite small candidates so there is a real chance that the random X
    values is indeed 0 or 1.  This would trigger the assert.  To avoid
    this we now retry in this case.
    
    Reported-by: Heiko Stamer
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/primegen.c b/cipher/primegen.c
index c7977d1..ce5ad3c 100644
--- a/cipher/primegen.c
+++ b/cipher/primegen.c
@@ -935,20 +935,25 @@ is_prime (gcry_mpi_t n, int steps, unsigned int *count)
         }
       else
         {
-          _gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM );
-
-          /* Make sure that the number is smaller than the prime and
-             keep the randomness of the high bit. */
-          if ( mpi_test_bit ( x, nbits-2) )
+          /* We need to loop to avoid an X with value 0 or 1.  */
+          do
             {
-              mpi_set_highbit ( x, nbits-2); /* Clear all higher bits. */
-            }
-          else
-            {
-              mpi_set_highbit( x, nbits-2 );
-              mpi_clear_bit( x, nbits-2 );
+              _gcry_mpi_randomize (x, nbits, GCRY_WEAK_RANDOM);
+
+              /* Make sure that the number is smaller than the prime
+               * and keep the randomness of the high bit. */
+              if (mpi_test_bit (x, nbits-2))
+                {
+                  mpi_set_highbit (x, nbits-2); /* Clear all higher bits. */
+                }
+              else
+                {
+                  mpi_set_highbit (x, nbits-2);
+                  mpi_clear_bit (x, nbits-2);
+                }
             }
-          gcry_assert (mpi_cmp (x, nminus1) < 0 && mpi_cmp_ui (x, 1) > 0);
+          while (mpi_cmp_ui (x, 1) <= 0);
+          gcry_assert (mpi_cmp (x, nminus1) < 0);
 	}
       mpi_powm ( y, x, q, n);
       if ( mpi_cmp_ui(y, 1) && mpi_cmp( y, nminus1 ) )

-----------------------------------------------------------------------

Summary of changes:
 cipher/primegen.c | 29 +++++++++++++++++------------
 configure.ac      | 12 +++++++++++-
 2 files changed, 28 insertions(+), 13 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org


_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits

More information about the Gcrypt-devel mailing list