Bug in fips_is_operational in libgcrypt master
jussi.kivilinna at iki.fi
Fri Oct 26 07:14:46 CEST 2018
On 26.10.2018 7.02, NIIBE Yutaka wrote:
> I encounterd failures when I build gnupg master with new libgcrypt master.
> All failures are same cause: gcry_md_open fails.
> Example is: the test program gnupg/common/t-ssh-utils.c fails,
> when the function get_fingerprint in gnupg/common/ssh-utils.c
> calls gcry_md_open.
> I located this commit has a problem:
> Add fast path for _gcry_fips_is_operational
> commit: b6e6ace324440f564df664e27f8276ef01f76795
> It seems for me that _gcry_global_is_operational should be
> used (for the case global_init is not called yet).
Oh, yes. I did not read old code carefully enough. It was:
int _gcry_fips_is_operational (void);
#define fips_is_operational() (_gcry_global_is_operational ())
I missed that macro uses _gcry_global_is_operational, not
Looks like fast-path is not possible with _gcry_global_is_operational,
so problematic commit should be reverted. I'll patch this on weekend.
More information about the Gcrypt-devel