From systems at mdc-berlin.de  Wed Apr  1 13:34:19 2020
From: systems at mdc-berlin.de (systems)
Date: Wed, 1 Apr 2020 13:34:19 +0200
Subject: Pure static build of the lib
Message-ID: <d3252325-02b2-8718-7785-95d2b639f7fc@mdc-berlin.de>

Hello list,
I try to build an pure static build of the lib.
The build itself looks good and all the test will pass.
But when I try to link the lib against an application it will fails with:
/builddir/build/BUILD/gcrypt/lib/libgcrypt.a(libgcrypt_la-visibility.o):
undefined reference to symbol 'gpg_strerror'

My libgpg-error are also an static one.
Try to link both static libs to the application will also fails with the
same result.

As far as I understand, an static lib will not have any external
dependency's.



From jussi.kivilinna at iki.fi  Thu Apr  2 08:04:57 2020
From: jussi.kivilinna at iki.fi (Jussi Kivilinna)
Date: Thu, 2 Apr 2020 09:04:57 +0300
Subject: [PATCH 0/2] gost28147: add support for special MAC mode
In-Reply-To: <20200321193351.39935-1-dbaryshkov@gmail.com>
References: <20200321193351.39935-1-dbaryshkov@gmail.com>
Message-ID: <2f67f8e3-aef8-dddb-d489-0da1049e95a9@iki.fi>

On 21.3.2020 21.33, Dmitry Eremin-Solenikov via Gcrypt-devel wrote:
> GOST 28147-89 defines a special mode of using base transformation for
> generating MAC. See RFC 5830 Section 8 for an English description of
> this mode. Originally this mode was called "Imitovstavka", so it is
> typical now to name this mode "imit".
> 
> This mode is used e.g. inside CMS files generated using GOST algorithms.
> These changes were asked for by AltLinux team implementing support for
> RFC 4490 in gpgsm.
> 

These patches look ok to me.

-Jussi


From guidovranken at gmail.com  Sat Apr 11 22:08:23 2020
From: guidovranken at gmail.com (Guido Vranken)
Date: Sat, 11 Apr 2020 22:08:23 +0200
Subject: gcry_mpi_invm succeeds if the inverse does not exist
Message-ID: <CAO5O-ELb_27vpXnAXeeJZxnovftEqe_aFe0JsbUs7KMhtEuD=Q@mail.gmail.com>

This is not in accordance with the documentation:

Function: int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m)
Set x to the multiplicative inverse of a \bmod m. Return true if the
inverse exists.

#include <gcrypt.h>

#define CF_CHECK_EQ(expr, res) if ( (expr) != (res) ) { goto end; }

int main(void)
{
    gcry_mpi_t A;
    gcry_mpi_t B;
    gcry_mpi_t C;
    gcry_error_t err;

    CF_CHECK_EQ(err = gcry_mpi_scan(&A, GCRYMPI_FMT_HEX, "3", 0, NULL), 0);
    CF_CHECK_EQ(err = gcry_mpi_scan(&B, GCRYMPI_FMT_HEX, "66", 0, NULL), 0);
    CF_CHECK_EQ(err = gcry_mpi_scan(&C, GCRYMPI_FMT_HEX, "1", 0, NULL), 0);
    CF_CHECK_EQ(gcry_mpi_invm(C, A, B), 1);
    printf("Inverse exists\n");
end:

    return 0;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20200411/3857be24/attachment.html>

From gniibe at fsij.org  Tue Apr 14 08:32:06 2020
From: gniibe at fsij.org (NIIBE Yutaka)
Date: Tue, 14 Apr 2020 15:32:06 +0900
Subject: gcry_mpi_invm succeeds if the inverse does not exist
In-Reply-To: <CAO5O-ELb_27vpXnAXeeJZxnovftEqe_aFe0JsbUs7KMhtEuD=Q@mail.gmail.com>
References: <CAO5O-ELb_27vpXnAXeeJZxnovftEqe_aFe0JsbUs7KMhtEuD=Q@mail.gmail.com>
Message-ID: <87zhbeh921.fsf@iwagami.gniibe.org>

Hello,

Thank you for your report with a test case.  It helps a lot.

Guido Vranken wrote:
> This is not in accordance with the documentation:
>
> Function: int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m)
> Set x to the multiplicative inverse of a \bmod m. Return true if the
> inverse exists.

Indeed.  It seems that API was changed to return the result
(success/failure) in libgcrypt 1.3.2 in 2007.  Before that, the API was
void (no return value).  Since the initial change, it never returns
correct value.

I'll fix for 1.9.
-- 


From dbaryshkov at gmail.com  Sun Apr 19 11:51:09 2020
From: dbaryshkov at gmail.com (Dmitry Baryshkov)
Date: Sun, 19 Apr 2020 12:51:09 +0300
Subject: [PATCH 0/2] gost28147: add support for special MAC mode
In-Reply-To: <2f67f8e3-aef8-dddb-d489-0da1049e95a9@iki.fi>
References: <20200321193351.39935-1-dbaryshkov@gmail.com>
 <2f67f8e3-aef8-dddb-d489-0da1049e95a9@iki.fi>
Message-ID: <CALT56yOMJ4rcWU7ZDcvmW1MgW8VMaAuV4HbT5KcNWG0qop13yg@mail.gmail.com>

Hello,

??, 2 ???. 2020 ?. ? 09:04, Jussi Kivilinna <jussi.kivilinna at iki.fi>:
>
> On 21.3.2020 21.33, Dmitry Eremin-Solenikov via Gcrypt-devel wrote:
> > GOST 28147-89 defines a special mode of using base transformation for
> > generating MAC. See RFC 5830 Section 8 for an English description of
> > this mode. Originally this mode was called "Imitovstavka", so it is
> > typical now to name this mode "imit".
> >
> > This mode is used e.g. inside CMS files generated using GOST algorithms.
> > These changes were asked for by AltLinux team implementing support for
> > RFC 4490 in gpgsm.
> >
>
> These patches look ok to me.

Any updates?

-- 
With best wishes
Dmitry


From jussi.kivilinna at iki.fi  Sun Apr 19 21:10:13 2020
From: jussi.kivilinna at iki.fi (Jussi Kivilinna)
Date: Sun, 19 Apr 2020 22:10:13 +0300
Subject: [PATCH 0/2] gost28147: add support for special MAC mode
In-Reply-To: <CALT56yOMJ4rcWU7ZDcvmW1MgW8VMaAuV4HbT5KcNWG0qop13yg@mail.gmail.com>
References: <20200321193351.39935-1-dbaryshkov@gmail.com>
 <2f67f8e3-aef8-dddb-d489-0da1049e95a9@iki.fi>
 <CALT56yOMJ4rcWU7ZDcvmW1MgW8VMaAuV4HbT5KcNWG0qop13yg@mail.gmail.com>
Message-ID: <1eb44984-812d-a99d-0144-546586c8799a@iki.fi>

Hello,

On 19.4.2020 12.51, Dmitry Baryshkov via Gcrypt-devel wrote:
> Hello,
> 
> ??, 2 ???. 2020 ?. ? 09:04, Jussi Kivilinna <jussi.kivilinna at iki.fi>:
>>
>> On 21.3.2020 21.33, Dmitry Eremin-Solenikov via Gcrypt-devel wrote:
>>> GOST 28147-89 defines a special mode of using base transformation for
>>> generating MAC. See RFC 5830 Section 8 for an English description of
>>> this mode. Originally this mode was called "Imitovstavka", so it is
>>> typical now to name this mode "imit".
>>>
>>> This mode is used e.g. inside CMS files generated using GOST algorithms.
>>> These changes were asked for by AltLinux team implementing support for
>>> RFC 4490 in gpgsm.
>>>
>>
>> These patches look ok to me.
> 
> Any updates?
> 

Patches pushed to master, thanks.

-Jussi


From tianjia.zhang at linux.alibaba.com  Tue Apr 21 06:04:14 2020
From: tianjia.zhang at linux.alibaba.com (Tianjia Zhang)
Date: Tue, 21 Apr 2020 12:04:14 +0800
Subject: [PATCH] ecc: fix typo error in ecc-gost
Message-ID: <20200421040414.4985-1-tianjia.zhang@linux.alibaba.com>

* cipher/ecc-gost.c (_gcry_ecc_gost_verify): fix typo in comment

Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
---
 cipher/ecc-gost.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cipher/ecc-gost.c b/cipher/ecc-gost.c
index 44654a47..c5ab774d 100644
--- a/cipher/ecc-gost.c
+++ b/cipher/ecc-gost.c
@@ -154,7 +154,7 @@ _gcry_ecc_gost_verify (gcry_mpi_t input, mpi_ec_t ec,
     mpi_set_ui (e, 1);
   mpi_invm (v, e, ec->n); /* v = e^(-1) (mod n) */
   mpi_mulm (z1, s, v, ec->n); /* z1 = s*v (mod n) */
-  mpi_mulm (rv, r, v, ec->n); /* rv = s*v (mod n) */
+  mpi_mulm (rv, r, v, ec->n); /* rv = r*v (mod n) */
   mpi_subm (z2, zero, rv, ec->n); /* z2 = -r*v (mod n) */
 
   _gcry_mpi_ec_mul_point (&Q1, z1, ec->G, ec);
-- 
2.17.1



From gniibe at fsij.org  Mon Apr 27 07:33:16 2020
From: gniibe at fsij.org (NIIBE Yutaka)
Date: Mon, 27 Apr 2020 14:33:16 +0900
Subject: [PATCH] ecc: fix typo error in ecc-gost
In-Reply-To: <20200421040414.4985-1-tianjia.zhang@linux.alibaba.com>
References: <20200421040414.4985-1-tianjia.zhang@linux.alibaba.com>
Message-ID: <877dy14hnn.fsf@iwagami.gniibe.org>

Tianjia Zhang <tianjia.zhang at linux.alibaba.com> wrote:
> * cipher/ecc-gost.c (_gcry_ecc_gost_verify): fix typo in comment
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>

Thank you.  Applied and pushed to master.
--