From simit.ghane at lge.com Mon May 6 13:37:11 2024 From: simit.ghane at lge.com (simit.ghane) Date: Mon, 6 May 2024 17:07:11 +0530 Subject: [PATCH] libgcrypt: fix building error with '-O2' in sysroot path Message-ID: <20240506113711.521867-1-simit.ghane@lge.com> Characters like '-O2' or '-Ofast' will be replaced by '-O1' when compiling cipher and random in the filesystem paths as well if they happen to contain '-O2' or '-Ofast If we are cross compiling libgcrypt and sysroot contains such characters, we would get compile errors because the sysroot path has been modified. Fix this by adding blank spaces before and after the original matching pattern in the sed command. Signed-off-by: simit.ghane --- cipher/Makefile.am | 2 +- random/Makefile.am | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cipher/Makefile.am b/cipher/Makefile.am index 2c39586ea3..ff91bed52c 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -168,7 +168,7 @@ gost-s-box$(EXEEXT_FOR_BUILD): gost-s-box.c if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/-O\([2-9sgz][2-9sgz]*\)/-O1/' -e 's/-Ofast/-O1/g' +o_flag_munging = sed -e 's/ -O\([2-9sgz][2-9sgz]*\) / -O1 /' -e 's/ -Ofast / -O1 /g' else o_flag_munging = cat endif diff --git a/random/Makefile.am b/random/Makefile.am index 0c935a0595..12a9427125 100644 --- a/random/Makefile.am +++ b/random/Makefile.am @@ -56,7 +56,7 @@ jitterentropy-base.c jitterentropy.h jitterentropy-base-user.h # The rndjent module needs to be compiled without optimization. */ if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/-O\([1-9sgz][1-9sgz]*\)/-O0/g' -e 's/-Ofast/-O0/g' +o_flag_munging = sed -e 's/ -O\([2-9sgz][2-9sgz]*\) / -O1 /' -e 's/ -Ofast / -O1 /g' else o_flag_munging = cat endif -- 2.34.1 From wk at gnupg.org Mon May 6 14:11:30 2024 From: wk at gnupg.org (Werner Koch) Date: Mon, 06 May 2024 14:11:30 +0200 Subject: [PATCH] libgcrypt: fix building error with '-O2' in sysroot path In-Reply-To: <20240506113711.521867-1-simit.ghane@lge.com> (simit ghane's message of "Mon, 6 May 2024 17:07:11 +0530") References: <20240506113711.521867-1-simit.ghane@lge.com> Message-ID: <87msp32l8t.fsf@jacob.g10code.de> On Mon, 6 May 2024 17:07, simit.ghane said: > Characters like '-O2' or '-Ofast' will be replaced by '-O1' when > compiling cipher and random in the filesystem paths as well if > they happen to contain '-O2' or '-Ofast Indeed that will be a problem. > Fix this by adding blank spaces before and after the original matching > pattern in the A tab should be allowed as well as a space. To limit the risk of regression: Wouldn't it be sufficient to require a space just before the "-O" or does anyone really start a filename with a dash? Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From simit.ghane at lge.com Mon May 6 14:24:45 2024 From: simit.ghane at lge.com (Simit Ghane) Date: Mon, 6 May 2024 20:24:45 +0800 Subject: DCO signed References: Message-ID: An HTML attachment was scrubbed... URL: From simit.ghane at lge.com Mon May 6 14:29:39 2024 From: simit.ghane at lge.com (Simit Ghane) Date: Mon, 6 May 2024 20:29:39 +0800 Subject: DCO signed In-Reply-To: References: Message-ID: An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: DCO.asc Type: application/octet-stream Size: 1557 bytes Desc: not available URL: From gniibe at fsij.org Tue May 7 04:11:34 2024 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 07 May 2024 11:11:34 +0900 Subject: Classic McEliece on arch which doesn't like unaligned access Message-ID: <87jzk69xrd.fsf@akagi.fsij.org> Hello, The Classic McEliece implementation assumes that unaligned access for 64-bit and 32-bit are OK. It is not the case for some architectures. Here is a patch to point out the issue. Better patch is welcome. -- diff --git a/cipher/mceliece6688128f.c b/cipher/mceliece6688128f.c index 63d20a68..fc8f921c 100644 --- a/cipher/mceliece6688128f.c +++ b/cipher/mceliece6688128f.c @@ -841,7 +841,7 @@ static int decrypt(unsigned char *, const unsigned char *, const unsigned char * #ifndef ENCRYPT_H #define ENCRYPT_H -static void pke_encrypt(unsigned char *, const unsigned char *, unsigned char *); +static void pke_encrypt(unsigned char *, const unsigned char *, uint64_t *); #endif @@ -2248,12 +2248,12 @@ static void gen_e(unsigned char *e) /* input: public key pk, error vector e */ /* output: syndrome s */ -static void syndrome(unsigned char *s, const unsigned char *pk, unsigned char *e) +static void syndrome(unsigned char *s, const unsigned char *pk, const uint64_t *e_aligned) { + const unsigned char *e = (const unsigned char *)e_aligned; uint64_t b; - const uint64_t *pk_ptr; - const uint64_t *e_ptr = ((uint64_t *) (e + SYND_BYTES)); + const uint64_t *e_ptr = (e_aligned + SYND_BYTES/8); int i, j; @@ -2264,13 +2264,19 @@ static void syndrome(unsigned char *s, const unsigned char *pk, unsigned char *e for (i = 0; i < PK_NROWS; i++) { - pk_ptr = ((uint64_t *) (pk + PK_ROW_BYTES * i)); + const unsigned char *pk_ptr = pk + PK_ROW_BYTES * i; + uint64_t v64; + uint32_t v32; b = 0; for (j = 0; j < PK_NCOLS/64; j++) - b ^= pk_ptr[j] & e_ptr[j]; + { + v64 = buf_get_he64 (pk_ptr + j * 8); + b ^= v64 & e_ptr[j]; + } - b ^= ((uint32_t *) &pk_ptr[j])[0] & ((uint32_t *) &e_ptr[j])[0]; + v32 = buf_get_he32 (pk_ptr + j * 8); + b ^= v32 & ((uint32_t *) &e_ptr[j])[0]; b ^= b >> 32; b ^= b >> 16; @@ -2286,8 +2292,10 @@ static void syndrome(unsigned char *s, const unsigned char *pk, unsigned char *e /* input: public key pk */ /* output: error vector e, syndrome s */ -static void pke_encrypt(unsigned char *s, const unsigned char *pk, unsigned char *e) +static void pke_encrypt(unsigned char *s, const unsigned char *pk, uint64_t *e_aligned) { + unsigned char *e = (unsigned char *)e_aligned; + gen_e(e); #ifdef KAT @@ -2301,7 +2309,7 @@ static void pke_encrypt(unsigned char *s, const unsigned char *pk, unsigned char } #endif - syndrome(s, pk, e); + syndrome(s, pk, e_aligned); } @@ -3059,12 +3067,13 @@ static void operation_enc( const unsigned char *pk ) { - unsigned char e[ SYS_N/8 ]; + uint64_t e_aligned[ (SYS_N+63)/64 ]; + unsigned char *e = (unsigned char *)e_aligned; unsigned char one_ec[ 1 + SYS_N/8 + SYND_BYTES ] = {1}; /**/ - pke_encrypt(c, pk, e); + pke_encrypt(c, pk, e_aligned); memcpy(one_ec + 1, e, SYS_N/8); memcpy(one_ec + 1 + SYS_N/8, c, SYND_BYTES); diff --git a/cipher/mceliece6688128f.h b/cipher/mceliece6688128f.h index eb9f23a0..05ecac32 100644 --- a/cipher/mceliece6688128f.h +++ b/cipher/mceliece6688128f.h @@ -29,6 +29,7 @@ /**** Start of the glue code to libgcrypt ****/ #include "g10lib.h" /* for GCC_ATTR_UNUSED */ #include "gcrypt-int.h" +#include "bufhelp.h" #define mceliece6688128f_keypair _gcry_mceliece6688128f_keypair #define mceliece6688128f_enc _gcry_mceliece6688128f_enc @@ -41,6 +42,8 @@ #define GCC_ATTR_UNUSED #endif +/* Please implement Host-endian get macros: buf_get_he32 and buf_get_he64 */ + #define MCELIECE6688128F_SECRETKEY_SIZE 13932 #define MCELIECE6688128F_PUBLICKEY_SIZE 1044992 #define MCELIECE6688128F_CIPHERTEXT_SIZE 208 From simit.ghane at lge.com Tue May 7 10:39:03 2024 From: simit.ghane at lge.com (simit.ghane) Date: Tue, 7 May 2024 14:09:03 +0530 Subject: [PATCHV2] libgcrypt: fix building error with '-O2' in sysroot path Message-ID: <20240507083903.3615959-1-simit.ghane@lge.com> Characters like '-O2' or '-Ofast' will be replaced by '-O1' and '-O0' respectively when compiling cipher and random in the filesystem paths as well if they happen to contain '-O2' or '-Ofast If we are cross compiling libgcrypt and sysroot contains such characters, we would get compile errors because the sysroot path has been modified. Fix this by adding blank spaces and tabs before the original matching pattern in the sed command. Signed-off-by: simit.ghane --- cipher/Makefile.am | 2 +- random/Makefile.am | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cipher/Makefile.am b/cipher/Makefile.am index 2c39586ea3..a914ed2ba4 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -168,7 +168,7 @@ gost-s-box$(EXEEXT_FOR_BUILD): gost-s-box.c if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/-O\([2-9sgz][2-9sgz]*\)/-O1/' -e 's/-Ofast/-O1/g' +o_flag_munging = sed -e 's/[[:blank:]]-O\([2-9sgz][2-9sgz]*\)/ -O1 /' -e 's/[[:blank:]]-Ofast/ -O1 /g' else o_flag_munging = cat endif diff --git a/random/Makefile.am b/random/Makefile.am index 0c935a0595..340df38a79 100644 --- a/random/Makefile.am +++ b/random/Makefile.am @@ -56,7 +56,7 @@ jitterentropy-base.c jitterentropy.h jitterentropy-base-user.h # The rndjent module needs to be compiled without optimization. */ if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/-O\([1-9sgz][1-9sgz]*\)/-O0/g' -e 's/-Ofast/-O0/g' +o_flag_munging = sed -e 's/[[:blank:]]-O\([2-9sgz][2-9sgz]*\)/ -O0 /' -e 's/[[:blank:]]-Ofast/ -O0 /g' else o_flag_munging = cat endif -- 2.34.1 From wk at gnupg.org Tue May 7 12:25:19 2024 From: wk at gnupg.org (Werner Koch) Date: Tue, 07 May 2024 12:25:19 +0200 Subject: [PATCHV2] libgcrypt: fix building error with '-O2' in sysroot path In-Reply-To: <20240507083903.3615959-1-simit.ghane@lge.com> (simit ghane's message of "Tue, 7 May 2024 14:09:03 +0530") References: <20240507083903.3615959-1-simit.ghane@lge.com> Message-ID: <87y18lzzow.fsf@jacob.g10code.de> Hi! I applied your patch to master and 1.10. Note that there is also a --disable-O-flag-munging configure option which could have been used. But your patch makes it easier and the configure option can then be used on legacy systems to solve problems with the POSIX sed r.e. Thanks, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From simon at josefsson.org Tue May 7 23:02:37 2024 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 07 May 2024 23:02:37 +0200 Subject: Classic McEliece on arch which doesn't like unaligned access In-Reply-To: <87jzk69xrd.fsf@akagi.fsij.org> (NIIBE Yutaka's message of "Tue, 07 May 2024 11:11:34 +0900") References: <87jzk69xrd.fsf@akagi.fsij.org> Message-ID: <87wmo5pc7m.fsf@kaka.sjd.se> NIIBE Yutaka writes: > Hello, > > The Classic McEliece implementation assumes that unaligned access for > 64-bit and 32-bit are OK. It is not the case for some architectures. > > Here is a patch to point out the issue. Better patch is welcome. I forwarded this to DJB and a new release of libmceliece will hopefully be out soon and we can back-port all changes to libgcrypt. /Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 255 bytes Desc: not available URL: From jussi.kivilinna at iki.fi Thu May 9 11:20:03 2024 From: jussi.kivilinna at iki.fi (Jussi Kivilinna) Date: Thu, 9 May 2024 12:20:03 +0300 Subject: [PATCH] random: fix o_flag_munging for -O1 Message-ID: <20240509092003.3520894-1-jussi.kivilinna@iki.fi> * random/Makefile.am (o_flag_munging): Also convert -O1 to -O0. -- Signed-off-by: Jussi Kivilinna --- random/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/random/Makefile.am b/random/Makefile.am index 340df38a..c7100ef8 100644 --- a/random/Makefile.am +++ b/random/Makefile.am @@ -56,7 +56,7 @@ jitterentropy-base.c jitterentropy.h jitterentropy-base-user.h # The rndjent module needs to be compiled without optimization. */ if ENABLE_O_FLAG_MUNGING -o_flag_munging = sed -e 's/[[:blank:]]-O\([2-9sgz][2-9sgz]*\)/ -O0 /' -e 's/[[:blank:]]-Ofast/ -O0 /g' +o_flag_munging = sed -e 's/[[:blank:]]-O\([1-9sgz][1-9sgz]*\)/ -O0 /' -e 's/[[:blank:]]-Ofast/ -O0 /g' else o_flag_munging = cat endif -- 2.43.0 From wk at gnupg.org Wed May 22 16:30:20 2024 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 May 2024 16:30:20 +0200 Subject: First Libgcrypt 1.11 Beta available Message-ID: <87sey9udfn.fsf@jacob.g10code.de> Hi! I just uploaded a first beta of Libgcrypt 1.11 https://gnupg.org/ftp/gcrypt/snapshots/libgcrypt/libgcrypt-1.11.0-beta450.tar.bz2 https://gnupg.org/ftp/gcrypt/snapshots/libgcrypt/libgcrypt-1.11.0-beta450.tar.bz2.sig THIS IS A BETA VERSION and reflects current Git master. Before the final 1.11.0 release we may change some things just do not expect that there are no API changes for the new stuff. In particular we hope to get the final Kyber version in; right now we implement FIPS203.ipd dated 2023-08-24. This version of Libgcrypt is required to build GnuPG master or a forthcoming beta of gnupg 2.6. Salam-Shalom, Werner Noteworthy changes in version 1.11.0 (unreleased) [C25/A5/R0] ------------------------------------------------- * New and extended interfaces: - Add an API for Key Encapsulation Mechanism (KEM). [T6755] - Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5] - Add Kyber algorithm. [rC18e5c0d268] - Add Classic McEliece algorithm. [rC003367b912] - Add One-Step KDF with hash and MAC. [T5964] - Add KDF algorithm HKDF of RFC-5869. [T5964] - Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3] - Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4] - Add ARIA block cipher algorithm. [rC316c6d7715] - Add explicit FIPS indicators for MD and MAC algorithms. [T6376] - Add support for SHAKE as MGF in RSA. [T6557] - Add gcry_md_read support for SHAKE algorithms. [T6539] - Add gcry_md_hash_buffers_ext function. [T7035] - Add cSHAKE hash algorithm. [rC065b3f4e02] - Support internal generation of IV for AEAD cipher mode. [T4873] * Performance: - Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3] - Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1] - Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16] - Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006] - Add PowerPC vector implementation of SM4. [rC0b2da804ee] - Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006] - Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5] - Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4 and Camellia. [rCcf956793af] - Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f] - Add AVX2 and AVX512 accelerated implementations for GHASH (GCM) and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193] - Add AVX512 implementation for SHA512. [rC089223aa3b] - Add AVX512 implementation for Serpent. [rCce95b6ec35] - Add AVX512 implementation for Poly1305 and ChaCha20 [rCcd3ed49770, rC9a63cfd617] - Add AVX512 accelerated implementation for SHA3 and Blake2 [rCbeaad75f46,rC909daa700e] - Add VAES/AVX2 accelerated i386 implementation for AES. [rC4a42a042bc] - Add bulk processing for XTS mode of Camellia and SM4. [rC32b18cdb87, rCaad3381e93] - Accelerate XTS and ECB modes for Twofish and Serpent. [rCd078a928f5,rC8a1fe5f78f] - Add AArch64 crypto/SHA512 extension implementation for SHA512. [rCe51d3b8330] - Add AArch64 crypto-extension implementation for Camellia. [rC898c857206] - Accelerate OCB authentication on AMD with AVX2. [rC6b47e85d65] * Bug fixes: - For PowerPC check for missing optimization level for vector register usage. [T5785] - Fix EdDSA secret key check. [T6511] - Fix decoding of PKCS#1-v1.5 and OAEP padding. [rC34c2042792] - Allow use of PKCS#1-v1.5 with SHA3 algorithms. [T6976] * Other: - Allow empty password for Argon2 KDF. [rCa20700c55f] - Various constant time operation imporvements. - Add "bp256", "bp384", "bp512" aliases for Brainpool curves. - Support for the random server has been removed. [T5811] - The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not supported any more. Please use valgrind or other tools. [T5822] - Logging is now done via the libgpg-error logging functions. [rCab0bdc72c7] Changes also found in 1.10.3: * Bug fixes: - Fix public key computation for other EdDSA curves. [rC469919751d6e] - Remove out of core handler diagnostic in FIPS mode. [T6515] - Check that the digest size is not zero in gcry_pk_sign_md and gcry_pk_verify_md. [T6539] - Make store an s-exp with \0 is considered to be binary. [T6747] - Various constant-time improvements. * Portability: - Use getrandom call only when supported by the platform. [T6442] - Change the default for --with-libtool-modification to never. [T6619] Changes also found in 1.10.2 * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Fix Jitter RNG for building native on Windows. [T5891] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] - Prevent usage of long salt for PSS in FIPS mode. [rCfdd2a8b332] - Prevent usage of X9.31 keygen in FIPS mode. [rC392e0ccd25] - Remove GCM mode from the allowed FIPS indicators. [rC1540698389] - Add explicit FIPS indicators for hash and MAC algorithms. [T6376] Changes also found in 1.10.1: * Bug fixes: - Fix minor memory leaks in FIPS mode. - Build fixes for MUSL libc. [rCffaef0be61] * Other: - More portable integrity check in FIPS mode. [rC9fa4c8946a,T5835] - Add X9.62 OIDs to sha256 and sha512 modules. [rC52fd2305ba] * Interface changes relative to the 1.10.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GCRY_CIPHER_ARIA128 NEW cipher algo. GCRY_CIPHER_ARIA192 NEW cipher algo. GCRY_CIPHER_ARIA256 NEW cipher algo. gcry_cipher_geniv_methods NEW type. gcry_cipher_setup_geniv NEW function. gcry_cipher_geniv NEW function. GCRY_PK_KEM NEW constant. GCRY_MD_CSHAKE128 NEW hash algo. GCRY_MD_CSHAKE256 NEW hash algo. GCRYCTL_MD_CUSTOMIZE NEW control code. gcry_cshake_customization NEW type. GCRY_MAC_CMAC_ARIA NEW mac algo. GCRY_MAC_GMAC_SM4 NEW mac algo. GCRY_MAC_GMAC_ARIA NEW mac algo. GCRY_MAC_POLY1305_SM4 NEW mac algo. GCRY_MAC_POLY1305_ARIA NEW mac algo. GCRY_KDF_ONESTEP_KDF NEW kdf algo. GCRY_KDF_ONESTEP_KDF_MAC NEW kdf algo. GCRY_KDF_X963_KDF NEW kdf algo. gcry_kem_algos NEW type. gcry_kem_keypair NEW function. gcry_kem_encap NEW function. gcry_kem_decap NEW function. GCRY_KEM_SNTRUP761 NEW kem algo. GCRY_KEM_CM6688128F NEW kem algo. GCRY_KEM_MLKEM512 NEW kem algo. GCRY_KEM_MLKEM768 NEW kem algo. GCRY_KEM_MLKEM1024 NEW kem algo. GCRY_KEM_RAW_X25519 NEW kem algo. GCRY_KEM_RAW_X448 NEW kem algo. GCRY_KEM_RAW_BP256 NEW kem algo. GCRY_KEM_RAW_BP384 NEW kem algo. GCRY_KEM_RAW_BP512 NEW kem algo. GCRY_KEM_RAW_P256R1 NEW kem algo. GCRY_KEM_RAW_P384R1 NEW kem algo. GCRY_KEM_RAW_P521R1 NEW kem algo. GCRY_KEM_DHKEM25519 NEW kem algo. GCRY_KEM_DHKEM448 NEW kem algo. GCRY_KEM_DHKEMP256R1 NEW kem algo. GCRY_KEM_DHKEMP384R1 NEW kem algo. GCRY_KEM_DHKEMP521R1 NEW kem algo. GCRY_KEM_*_SECKEY_LEN NEW constants. GCRY_KEM_*_PUBKEY_LEN NEW constants. GCRY_KEM_*_ENCAPS_LEN NEW constants. GCRY_KEM_*_CIPHER_LEN NEW constants. GCRY_KEM_*_SHARED_LEN NEW constants. gcry_md_hash_buffers_ext NEW function. gcry_pk_input_data_push NEW macro. GCRYCTL_ENABLE_M_GUARD DEPRECATED feature. gcry_handler_log_t DEPRECATED type. gcry_set_log_handler DEPRECATED function. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From ametzler at bebt.de Thu May 23 19:22:01 2024 From: ametzler at bebt.de (Andreas Metzler) Date: Thu, 23 May 2024 19:22:01 +0200 Subject: First Libgcrypt 1.11 Beta available In-Reply-To: <87sey9udfn.fsf@jacob.g10code.de> References: <87sey9udfn.fsf@jacob.g10code.de> Message-ID: On 2024-05-22 Werner Koch via Gcrypt-devel wrote: > Hi! > I just uploaded a first beta of Libgcrypt 1.11 > https://gnupg.org/ftp/gcrypt/snapshots/libgcrypt/libgcrypt-1.11.0-beta450.tar.bz2 > https://gnupg.org/ftp/gcrypt/snapshots/libgcrypt/libgcrypt-1.11.0-beta450.tar.bz2.sig > THIS IS A BETA VERSION and reflects current Git master. Before the > final 1.11.0 release we may change some things just do not expect that > there are no API changes for the new stuff. In particular we hope to get > the final Kyber version in; right now we implement FIPS203.ipd dated > 2023-08-24. [...] Congrats! I only had chance for a quick build (with make check), which succeeded after copying the missing mpi/asm-common-i386.h and cipher/asm-common-i386.h from GIT master. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' From wk at gnupg.org Fri May 24 12:17:58 2024 From: wk at gnupg.org (Werner Koch) Date: Fri, 24 May 2024 12:17:58 +0200 Subject: First Libgcrypt 1.11 Beta available In-Reply-To: (Andreas Metzler's message of "Thu, 23 May 2024 19:22:01 +0200") References: <87sey9udfn.fsf@jacob.g10code.de> Message-ID: <87wmnjsecp.fsf@jacob.g10code.de> On Thu, 23 May 2024 19:22, Andreas Metzler said: > Congrats! Gniibe and Jussi did most of the work. > I only had chance for a quick build (with make check), which succeeded > after copying the missing mpi/asm-common-i386.h and > cipher/asm-common-i386.h from GIT master. The "make distcheck" as done from the release target should have caught this. We will look into this. Thanks for reporting. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: