From cvs at cvs.gnupg.org Thu Jun 1 14:10:13 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 01 Jun 2017 14:10:13 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.21-30-gbe8ca88 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via be8ca8852629786266db4d3d69b2c2fb03bd6365 (commit) via 3b70f62423041e614332b90d782576ee6868a030 (commit) via 8a012280e0f0a462c094d106355aa436fceb1b76 (commit) from 02af509dfc2b893720aa0c7b380fd7736b2bafd0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit be8ca8852629786266db4d3d69b2c2fb03bd6365 Author: Justus Winter Date: Tue May 30 14:30:24 2017 +0200 gpg: Report compliance with CO_DE_VS. * common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain parameters. (gnupg_cipher_is_compliant): New function. (gnupg_digest_is_compliant): Likewise. * common/compliance.h (gnupg_cipher_is_compliant): New prototype. (gnupg_digest_is_compliant): Likewise. * common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status. (STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise. * doc/DETAILS: Document the new status lines. * g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS and report that using the new status line. (check_sig_and_print): Likewise. * sm/decrypt.c (gpgsm_decrypt): Likewise. * sm/verify.c (gpgsm_verify): Likewise. -- When decrypting data and verifying signatures, report whether the operations are in compliance with the criteria for data classified as VS-NfD. This information will be picked up by the frontend and presented to the user. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter diff --git a/common/compliance.c b/common/compliance.c index c0b6984..80134d6 100644 --- a/common/compliance.c +++ b/common/compliance.c @@ -45,8 +45,8 @@ int gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, gcry_mpi_t key[], unsigned int keylength, const char *curvename) { - enum { is_rsa, is_pgp5, is_elg_sign, is_ecc } algotype; - int result; + enum { is_rsa, is_dsa, is_pgp5, is_elg_sign, is_ecc } algotype; + int result = 0; switch (algo) { @@ -56,8 +56,11 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, algotype = is_rsa; break; - case PUBKEY_ALGO_ELGAMAL_E: case PUBKEY_ALGO_DSA: + algotype = is_dsa; + break; + + case PUBKEY_ALGO_ELGAMAL_E: algotype = is_pgp5; break; @@ -91,6 +94,16 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, || keylength == 4096); break; + case is_dsa: + if (key) + { + size_t L = gcry_mpi_get_nbits (key[0] /* p */); + size_t N = gcry_mpi_get_nbits (key[1] /* q */); + result = (L == 256 + && (N == 2048 || N == 3072)); + } + break; + case is_ecc: if (!curvename && key) { @@ -126,6 +139,59 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, } +/* Return true if CIPHER is compliant to the give COMPLIANCE mode. */ +int +gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance, cipher_algo_t cipher) +{ + switch (compliance) + { + case CO_DE_VS: + switch (cipher) + { + case CIPHER_ALGO_AES: + case CIPHER_ALGO_AES192: + case CIPHER_ALGO_AES256: + case CIPHER_ALGO_3DES: + return 1; + default: + return 0; + } + log_assert (!"reached"); + + default: + return 0; + } + + log_assert (!"reached"); +} + + +/* Return true if DIGEST is compliant to the give COMPLIANCE mode. */ +int +gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance, digest_algo_t digest) +{ + switch (compliance) + { + case CO_DE_VS: + switch (digest) + { + case DIGEST_ALGO_SHA256: + case DIGEST_ALGO_SHA384: + case DIGEST_ALGO_SHA512: + return 1; + default: + return 0; + } + log_assert (!"reached"); + + default: + return 0; + } + + log_assert (!"reached"); +} + + const char * gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance) { diff --git a/common/compliance.h b/common/compliance.h index 123bd1b..4f78ad4 100644 --- a/common/compliance.h +++ b/common/compliance.h @@ -42,6 +42,10 @@ enum gnupg_compliance_mode int gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, gcry_mpi_t key[], unsigned int keylength, const char *curvename); +int gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance, + cipher_algo_t cipher); +int gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance, + digest_algo_t digest); const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance); #endif /*GNUPG_COMMON_COMPLIANCE_H*/ diff --git a/common/status.h b/common/status.h index 8831a0f..0250a65 100644 --- a/common/status.h +++ b/common/status.h @@ -141,6 +141,9 @@ enum STATUS_TOFU_STATS_SHORT, STATUS_TOFU_STATS_LONG, + STATUS_DECRYPTION_COMPLIANCE_MODE, + STATUS_VERIFICATION_COMPLIANCE_MODE, + STATUS_TRUNCATED, STATUS_MOUNTPOINT, STATUS_BLOCKDEV, diff --git a/doc/DETAILS b/doc/DETAILS index 1624315..01b5cf9 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -638,6 +638,17 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: This indicates that a signature subpacket was seen. The format is the same as the "spk" record above. +*** DECRYPTION_COMPLIANCE_MODE + Indicates that the current decryption operation is in compliance + with the given set of modes. "flags" is a space separated list of + numerical flags, see "Field 18 - Compliance flags" above. + +*** VERIFICATION_COMPLIANCE_MODE + Indicates that the current signature verification operation is in + compliance with the given set of modes. "flags" is a space + separated list of numerical flags, see "Field 18 - Compliance + flags" above. + ** Key related *** INV_RECP, INV_SGNR The two similar status codes: diff --git a/g10/mainproc.c b/g10/mainproc.c index 9500081..21ea6ca 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -39,6 +39,7 @@ #include "photoid.h" #include "../common/mbox-util.h" #include "call-dirmngr.h" +#include "../common/compliance.h" /* Put an upper limit on nested packets. The 32 is an arbitrary value, a much lower should actually be sufficient. */ @@ -599,6 +600,44 @@ proc_encrypted (CTX c, PACKET *pkt) else if (!c->dek) result = GPG_ERR_NO_SECKEY; + /* Compute compliance with CO_DE_VS. */ + if (!result && is_status_enabled () + /* Symmetric encryption voids compliance. */ + && c->symkeys == 0 + /* Overriding session key voids compliance. */ + && opt.override_session_key == NULL + /* Check symmetric cipher. */ + && gnupg_cipher_is_compliant (CO_DE_VS, c->dek->algo)) + { + struct kidlist_item *i; + int compliant = 1; + PKT_public_key *pk = xmalloc (sizeof *pk); + + log_assert (c->pkenc_list || !"where else did the session key come from!?"); + + /* Now check that every key used to encrypt the session key is + * compliant. */ + for (i = c->pkenc_list; i && compliant; i = i->next) + { + memset (pk, 0, sizeof *pk); + pk->pubkey_algo = i->pubkey_algo; + if (get_pubkey (c->ctrl, pk, i->kid) != 0 + || ! gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey, + nbits_from_pk (pk), NULL)) + compliant = 0; + release_public_key_parts (pk); + } + + xfree (pk); + + if (compliant) + write_status_strings (STATUS_DECRYPTION_COMPLIANCE_MODE, + gnupg_status_compliance_flag (CO_DE_VS), + NULL); + + } + + if (!result) result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek ); @@ -2196,6 +2235,15 @@ check_sig_and_print (CTX c, kbnode_t node) } } + /* Compute compliance with CO_DE_VS. */ + if (pk && is_status_enabled () + && gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey, + nbits_from_pk (pk), NULL) + && gnupg_digest_is_compliant (CO_DE_VS, sig->digest_algo)) + write_status_strings (STATUS_VERIFICATION_COMPLIANCE_MODE, + gnupg_status_compliance_flag (CO_DE_VS), + NULL); + free_public_key (pk); pk = NULL; release_kbnode( keyblock ); diff --git a/sm/decrypt.c b/sm/decrypt.c index f8b0199..aa621dd 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -32,6 +32,7 @@ #include "keydb.h" #include "../common/i18n.h" +#include "../common/compliance.h" struct decrypt_filter_parm_s { @@ -325,6 +326,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) int algo, mode; const char *algoid; int any_key = 0; + int is_de_vs; /* Computed compliance with CO_DE_VS. */ audit_log (ctrl->audit, AUDIT_GOT_DATA); @@ -356,6 +358,10 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) goto leave; } + /* For CMS, CO_DE_VS demands CBC mode. */ + is_de_vs = (mode == GCRY_CIPHER_MODE_CBC + && gnupg_cipher_is_compliant (CO_DE_VS, algo)); + audit_log_i (ctrl->audit, AUDIT_DATA_CIPHER_ALGO, algo); dfparm.algo = algo; dfparm.mode = mode; @@ -460,7 +466,21 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) hexkeygrip = gpgsm_get_keygrip_hexstring (cert); desc = gpgsm_format_keydesc (cert); + /* Check that all certs are compliant with CO_DE_VS. */ + if (is_de_vs) + { + unsigned int nbits; + int pk_algo = gpgsm_get_key_algo_info (cert, &nbits); + + is_de_vs = gnupg_pk_is_compliant (CO_DE_VS, pk_algo, NULL, + nbits, NULL); + } + oops: + if (rc) + /* We cannot check compliance of certs that we + * don't have. */ + is_de_vs = 0; xfree (issuer); xfree (serial); ksba_cert_release (cert); @@ -489,6 +509,11 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) ksba_writer_set_filter (writer, decrypt_filter, &dfparm); + + if (is_de_vs) + gpgsm_status (ctrl, STATUS_DECRYPTION_COMPLIANCE_MODE, + gnupg_status_compliance_flag (CO_DE_VS)); + } audit_log_ok (ctrl->audit, AUDIT_RECP_RESULT, rc); } diff --git a/sm/verify.c b/sm/verify.c index 7bdc68b..e19c04e 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -33,6 +33,7 @@ #include "keydb.h" #include "../common/i18n.h" +#include "../common/compliance.h" static char * strtimestamp_r (ksba_isotime_t atime) @@ -631,6 +632,16 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) (verifyflags & VALIDATE_FLAG_CHAIN_MODEL)? "0 chain": "0 shell"); + /* Check compliance with CO_DE_VS. */ + { + unsigned int nbits; + int pk_algo = gpgsm_get_key_algo_info (cert, &nbits); + + if (gnupg_pk_is_compliant (CO_DE_VS, pk_algo, NULL, nbits, NULL) + && gnupg_digest_is_compliant (CO_DE_VS, sigval_hash_algo)) + gpgsm_status (ctrl, STATUS_VERIFICATION_COMPLIANCE_MODE, + gnupg_status_compliance_flag (CO_DE_VS)); + } next_signer: rc = 0; commit 3b70f62423041e614332b90d782576ee6868a030 Author: Justus Winter Date: Thu Jun 1 11:56:42 2017 +0200 common: Improve checking for compliance with CO_DE_VS. * common/compliance.c (gnupg_pk_is_compliant): Only certain RSA key sizes are compliant. Signed-off-by: Justus Winter diff --git a/common/compliance.c b/common/compliance.c index 73c7ad7..c0b6984 100644 --- a/common/compliance.c +++ b/common/compliance.c @@ -86,7 +86,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, break; case is_rsa: - result = (keylength >= 2048); + result = (keylength == 2048 + || keylength == 3072 + || keylength == 4096); break; case is_ecc: commit 8a012280e0f0a462c094d106355aa436fceb1b76 Author: Justus Winter Date: Wed May 31 14:33:45 2017 +0200 gpg,common: Move the compliance framework. * common/Makefile.am (common_sources): Add new files. * common/compliance.c: New file. Move 'gnupg_pk_is_compliant' here, and tweak it to not rely on types private to gpg. * common/compliance.h: New file. Move the compliance enum here. * g10/keylist.c (print_compliance_flags): Adapt callsite. * g10/main.h (gnupg_pk_is_compliant): Remove prototype. * g10/misc.c (gnupg_pk_is_compliant): Remove function. * g10/options.h (opt): Use the new compliance enum. * sm/keylist.c (print_compliance_flags): Use the common functions. Signed-off-by: Justus Winter diff --git a/common/Makefile.am b/common/Makefile.am index 83d82ac..fcbe7ea 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -93,7 +93,8 @@ common_sources = \ server-help.c server-help.h \ name-value.c name-value.h \ recsel.c recsel.h \ - ksba-io-support.c ksba-io-support.h + ksba-io-support.c ksba-io-support.h \ + compliance.c compliance.h if HAVE_W32_SYSTEM diff --git a/common/compliance.c b/common/compliance.c new file mode 100644 index 0000000..73c7ad7 --- /dev/null +++ b/common/compliance.c @@ -0,0 +1,144 @@ +/* compliance.c - Functions for compliance modi + * Copyright (C) 2017 g10 Code GmbH + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include + +#include "openpgpdefs.h" +#include "logging.h" +#include "util.h" +#include "compliance.h" + +/* Return true if ALGO with a key of KEYLENGTH is compliant to the + * give COMPLIANCE mode. If KEY is not NULL, various bits of + * information will be extracted from it. If CURVENAME is not NULL, it + * is assumed to be the already computed. ALGO may be either an + * OpenPGP-style pubkey_algo_t, or a gcrypt-style enum gcry_pk_algos, + * both are compatible from the point of view of this function. */ +int +gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, + gcry_mpi_t key[], unsigned int keylength, const char *curvename) +{ + enum { is_rsa, is_pgp5, is_elg_sign, is_ecc } algotype; + int result; + + switch (algo) + { + case PUBKEY_ALGO_RSA: + case PUBKEY_ALGO_RSA_E: + case PUBKEY_ALGO_RSA_S: + algotype = is_rsa; + break; + + case PUBKEY_ALGO_ELGAMAL_E: + case PUBKEY_ALGO_DSA: + algotype = is_pgp5; + break; + + case PUBKEY_ALGO_ECDH: + case PUBKEY_ALGO_ECDSA: + case PUBKEY_ALGO_EDDSA: + algotype = is_ecc; + break; + + case PUBKEY_ALGO_ELGAMAL: + algotype = is_elg_sign; + break; + + default: /* Unknown. */ + return 0; + } + + if (compliance == CO_DE_VS) + { + char *curve = NULL; + + switch (algotype) + { + case is_pgp5: + result = 0; + break; + + case is_rsa: + result = (keylength >= 2048); + break; + + case is_ecc: + if (!curvename && key) + { + curve = openpgp_oid_to_str (key[0]); + curvename = openpgp_oid_to_curve (curve, 0); + if (!curvename) + curvename = curve; + } + + result = (curvename + && algo != PUBKEY_ALGO_EDDSA + && (!strcmp (curvename, "brainpoolP256r1") + || !strcmp (curvename, "brainpoolP384r1") + || !strcmp (curvename, "brainpoolP512r1"))); + break; + + default: + result = 0; + } + xfree (curve); + } + else if (algotype == is_elg_sign) + { + /* An Elgamal signing key is only RFC-2440 compliant. */ + result = (compliance == CO_RFC2440); + } + else + { + result = 1; /* Assume compliance. */ + } + + return result; +} + + +const char * +gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance) +{ + switch (compliance) + { + case CO_GNUPG: + return "8"; + case CO_RFC4880: + case CO_RFC2440: + case CO_PGP6: + case CO_PGP7: + case CO_PGP8: + log_assert (!"no status code assigned for this compliance mode"); + case CO_DE_VS: + return "23"; + } + log_assert (!"invalid compliance mode"); +} diff --git a/common/compliance.h b/common/compliance.h new file mode 100644 index 0000000..123bd1b --- /dev/null +++ b/common/compliance.h @@ -0,0 +1,47 @@ +/* compliance.h - Definitions for compliance modi + * Copyright (C) 2017 g10 Code GmbH + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef GNUPG_COMMON_COMPLIANCE_H +#define GNUPG_COMMON_COMPLIANCE_H + +#include +#include "openpgpdefs.h" + +enum gnupg_compliance_mode + { + CO_GNUPG, CO_RFC4880, CO_RFC2440, + CO_PGP6, CO_PGP7, CO_PGP8, CO_DE_VS + }; + +int gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, + gcry_mpi_t key[], unsigned int keylength, + const char *curvename); +const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance); + +#endif /*GNUPG_COMMON_COMPLIANCE_H*/ diff --git a/g10/keylist.c b/g10/keylist.c index e2b8fef..4848bab 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -44,6 +44,7 @@ #include "../common/mbox-util.h" #include "../common/zb32.h" #include "tofu.h" +#include "../common/compliance.h" static void list_all (ctrl_t, int, int); @@ -1180,14 +1181,19 @@ print_compliance_flags (PKT_public_key *pk, { int any = 0; + if (!keylength) + keylength = nbits_from_pk (pk); + if (pk->version == 5) { - es_fputs ("8", es_stdout); + es_fputs (gnupg_status_compliance_flag (CO_GNUPG), es_stdout); any++; } - if (gnupg_pk_is_compliant (CO_DE_VS, pk, keylength, curvename)) + if (gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey, + keylength, curvename)) { - es_fputs (any? " 23":"23", es_stdout); + es_fprintf (es_stdout, any ? " %s" : "%s", + gnupg_status_compliance_flag (CO_DE_VS)); any++; } } diff --git a/g10/main.h b/g10/main.h index 129d746..c406113 100644 --- a/g10/main.h +++ b/g10/main.h @@ -126,9 +126,6 @@ int openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use); int openpgp_pk_algo_usage ( int algo ); const char *openpgp_pk_algo_name (pubkey_algo_t algo); -int gnupg_pk_is_compliant (int compliance, PKT_public_key *pk, - unsigned int keylength, const char *curvename); - enum gcry_md_algos map_md_openpgp_to_gcry (digest_algo_t algo); int openpgp_md_test_algo (digest_algo_t algo); const char *openpgp_md_algo_name (int algo); diff --git a/g10/misc.c b/g10/misc.c index bdd27cf..d485c94 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -707,94 +707,6 @@ openpgp_pk_algo_name (pubkey_algo_t algo) } -/* Return true if PK is compliant to the give COMPLIANCE mode. If - * KEYLENGTH and CURVENAME are not 0/NULL the are assumed to be the - * already computed values from PK. */ -int -gnupg_pk_is_compliant (int compliance, PKT_public_key *pk, - unsigned int keylength, const char *curvename) -{ - enum { is_rsa, is_pgp5, is_elg_sign, is_ecc } algotype; - int result; - - switch (pk->pubkey_algo) - { - case PUBKEY_ALGO_RSA: - case PUBKEY_ALGO_RSA_E: - case PUBKEY_ALGO_RSA_S: - algotype = is_rsa; - break; - - case PUBKEY_ALGO_ELGAMAL_E: - case PUBKEY_ALGO_DSA: - algotype = is_pgp5; - break; - - case PUBKEY_ALGO_ECDH: - case PUBKEY_ALGO_ECDSA: - case PUBKEY_ALGO_EDDSA: - algotype = is_ecc; - break; - - case PUBKEY_ALGO_ELGAMAL: - algotype = is_elg_sign; - break; - - default: /* Unknown. */ - return 0; - } - - if (compliance == CO_DE_VS) - { - char *curve = NULL; - - switch (algotype) - { - case is_pgp5: - result = 0; - break; - - case is_rsa: - if (!keylength) - keylength = nbits_from_pk (pk); - result = (keylength >= 2048); - break; - - case is_ecc: - if (!curvename) - { - curve = openpgp_oid_to_str (pk->pkey[0]); - curvename = openpgp_oid_to_curve (curve, 0); - if (!curvename) - curvename = curve; - } - - result = (curvename - && pk->pubkey_algo != PUBKEY_ALGO_EDDSA - && (!strcmp (curvename, "brainpoolP256r1") - || !strcmp (curvename, "brainpoolP384r1") - || !strcmp (curvename, "brainpoolP512r1"))); - break; - - default: - result = 0; - } - xfree (curve); - } - else if (algotype == is_elg_sign) - { - /* An Elgamal signing key is only RFC-2440 compliant. */ - result = (compliance == CO_RFC2440); - } - else - { - result = 1; /* Assume compliance. */ - } - - return result; -} - - /* Explicit mapping of OpenPGP digest algos to Libgcrypt. */ /* FIXME: We do not yes use it everywhere. */ enum gcry_md_algos diff --git a/g10/options.h b/g10/options.h index c634f0f..8d1d93e 100644 --- a/g10/options.h +++ b/g10/options.h @@ -28,6 +28,7 @@ #include "packet.h" #include "tofu.h" #include "../common/session-env.h" +#include "../common/compliance.h" #ifndef EXTERN_UNLESS_MAIN_MODULE /* Norcraft can't cope with common symbols */ @@ -139,11 +140,7 @@ struct } trust_model; enum tofu_policy tofu_default_policy; int force_ownertrust; - enum - { - CO_GNUPG, CO_RFC4880, CO_RFC2440, - CO_PGP6, CO_PGP7, CO_PGP8, CO_DE_VS - } compliance; + enum gnupg_compliance_mode compliance; enum { KF_DEFAULT, KF_NONE, KF_SHORT, KF_LONG, KF_0xSHORT, KF_0xLONG diff --git a/sm/keylist.c b/sm/keylist.c index 13de45d..abec049 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -36,6 +36,7 @@ #include "../kbx/keybox.h" /* for KEYBOX_FLAG_* */ #include "../common/i18n.h" #include "../common/tlv.h" +#include "../common/compliance.h" struct list_external_parm_s { @@ -351,8 +352,8 @@ email_kludge (const char *name) static void print_compliance_flags (int algo, unsigned int nbits, estream_t fp) { - if (algo == GCRY_PK_RSA && nbits >= 2048) - es_fputs ("23", fp); + if (gnupg_pk_is_compliant (CO_DE_VS, algo, NULL, nbits, NULL)) + es_fputs (gnupg_status_compliance_flag (CO_DE_VS), fp); } ----------------------------------------------------------------------- Summary of changes: common/Makefile.am | 3 +- common/compliance.c | 212 ++++++++++++++++++++++++++++++++++++ common/{ccparray.h => compliance.h} | 40 +++---- common/status.h | 3 + doc/DETAILS | 11 ++ g10/keylist.c | 12 +- g10/main.h | 3 - g10/mainproc.c | 48 ++++++++ g10/misc.c | 88 --------------- g10/options.h | 7 +- sm/decrypt.c | 25 +++++ sm/keylist.c | 5 +- sm/verify.c | 11 ++ 13 files changed, 346 insertions(+), 122 deletions(-) create mode 100644 common/compliance.c copy common/{ccparray.h => compliance.h} (51%) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Jun 1 14:17:07 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 01 Jun 2017 14:17:07 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.9.0-42-g05fa2a9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 05fa2a9c7764b28fdac35eb72631439df948ca0e (commit) from 92574406fb5fd456bc5bf85c7d906f06c4680632 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 05fa2a9c7764b28fdac35eb72631439df948ca0e Author: Justus Winter Date: Tue May 30 14:35:57 2017 +0200 Add flag 'is_de_vs' to decryption results and signatures. * NEWS: Update. * lang/cpp/src/decryptionresult.cpp (DecryptionResult::isDeVs): New function. * lang/cpp/src/decryptionresult.h (DecryptionResult::isDeVs): New prototype. * lang/cpp/src/verificationresult.cpp (Signature::isDeVs): New function. * lang/cpp/src/verificationresult.h (Signature::isDeVs): New prototype. * lang/python/src/results.py (DecryptResult): Turn field 'is_de_vs' into a boolean. (Signature): Likewise. * src/decrypt.c (_gpgme_decrypt_status_handler): Handle the new compliance status line. * src/verify.c (_gpgme_verify_status_handler): Likewise. * src/gpgme.h.in (gpgme_status_code_t): Add new status codes for the new status lines. * src/keylist.c (parse_pub_field18): Move function to 'util.h'. (keylist_colon_handler): Adapt callsites. * src/status-table.c (status_table): Add new status lines. * src/util.h (PARSE_COMPLIANCE_FLAGS): New macro. This used to be 'parse_pub_field18', but turned into a macro to make it polymorphic. -- When decrypting data and verifying signatures, report whether the operations are in compliance with the criteria for data classified as VS-NfD. This information can the be presented to the user. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 0520768..b4a0d88 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,15 @@ Noteworthy changes in version 1.9.1 (unreleased) ------------------------------------------------ + * Interface changes relative to the 1.9.0 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + gpgme_decrypt_result_t EXTENDED: New field 'is_de_vs'. + gpgme_signature_t EXTENDED: New field 'is_de_vs'. + cpp: DecryptionResult::isDeVs NEW. + cpp: Signature::isDeVs NEW. + py: DecryptResult EXTENDED: New boolean field 'is_de_vs'. + py: Signature EXTENDED: New boolean field 'is_de_vs'. Noteworthy changes in version 1.9.0 (2017-03-28) ------------------------------------------------ diff --git a/lang/cpp/src/decryptionresult.cpp b/lang/cpp/src/decryptionresult.cpp index 05f7e75..d1c991b 100644 --- a/lang/cpp/src/decryptionresult.cpp +++ b/lang/cpp/src/decryptionresult.cpp @@ -110,6 +110,11 @@ bool GpgME::DecryptionResult::isWrongKeyUsage() const return d && d->res.wrong_key_usage; } +bool GpgME::DecryptionResult::isDeVs() const +{ + return d && d->res.is_de_vs; +} + const char *GpgME::DecryptionResult::fileName() const { return d ? d->res.file_name : 0 ; diff --git a/lang/cpp/src/decryptionresult.h b/lang/cpp/src/decryptionresult.h index cd3ab7c..57705b4 100644 --- a/lang/cpp/src/decryptionresult.h +++ b/lang/cpp/src/decryptionresult.h @@ -73,6 +73,7 @@ public: return isWrongKeyUsage(); } bool isWrongKeyUsage() const; + bool isDeVs() const; const char *fileName() const; diff --git a/lang/cpp/src/verificationresult.cpp b/lang/cpp/src/verificationresult.cpp index 8d90a7d..6dacd9f 100644 --- a/lang/cpp/src/verificationresult.cpp +++ b/lang/cpp/src/verificationresult.cpp @@ -278,6 +278,11 @@ bool GpgME::Signature::isVerifiedUsingChainModel() const return !isNull() && d->sigs[idx]->chain_model; } +bool GpgME::Signature::isDeVs() const +{ + return !isNull() && d->sigs[idx]->is_de_vs; +} + GpgME::Signature::PKAStatus GpgME::Signature::pkaStatus() const { if (!isNull()) { diff --git a/lang/cpp/src/verificationresult.h b/lang/cpp/src/verificationresult.h index 765fb79..3f6299c 100644 --- a/lang/cpp/src/verificationresult.h +++ b/lang/cpp/src/verificationresult.h @@ -136,6 +136,7 @@ public: } bool isWrongKeyUsage() const; bool isVerifiedUsingChainModel() const; + bool isDeVs() const; enum PKAStatus { UnknownPKAStatus, PKAVerificationFailed, PKAVerificationSucceeded diff --git a/lang/python/src/results.py b/lang/python/src/results.py index 46ebeec..bfd0f68 100644 --- a/lang/python/src/results.py +++ b/lang/python/src/results.py @@ -80,7 +80,7 @@ class Recipient(Result): pass class DecryptResult(Result): - _type = dict(wrong_key_usage=bool) + _type = dict(wrong_key_usage=bool, is_de_vs=bool) _map = dict(recipients=Recipient) class NewSignature(Result): @@ -93,7 +93,7 @@ class Notation(Result): pass class Signature(Result): - _type = dict(wrong_key_usage=bool, chain_model=bool) + _type = dict(wrong_key_usage=bool, chain_model=bool, is_de_vs=bool) _map = dict(notations=Notation) class VerifyResult(Result): diff --git a/src/decrypt.c b/src/decrypt.c index f30f80f..3b18909 100644 --- a/src/decrypt.c +++ b/src/decrypt.c @@ -321,6 +321,10 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, } break; + case GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE: + PARSE_COMPLIANCE_FLAGS (args, &opd->result); + break; + default: break; } diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 24b21e7..867219a 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1312,8 +1312,12 @@ struct _gpgme_op_decrypt_result /* Key should not have been used for encryption. */ unsigned int wrong_key_usage : 1; + /* True if the message was encrypted in compliance to the de-vs + * mode. */ + unsigned int is_de_vs : 1; + /* Internal to GPGME, do not use. */ - int _unused : 31; + int _unused : 30; gpgme_recipient_t recipients; @@ -1490,8 +1494,11 @@ struct _gpgme_signature /* Validity has been verified using the chain model. */ unsigned int chain_model : 1; + /* True if the signature is in compliance to the de-vs mode. */ + unsigned int is_de_vs : 1; + /* Internal to GPGME, do not use. */ - int _unused : 28; + int _unused : 27; gpgme_validity_t validity; gpgme_error_t validity_reason; @@ -2468,7 +2475,9 @@ typedef enum GPGME_STATUS_TOFU_USER = 95, GPGME_STATUS_TOFU_STATS = 96, GPGME_STATUS_TOFU_STATS_LONG = 97, - GPGME_STATUS_NOTATION_FLAGS = 98 + GPGME_STATUS_NOTATION_FLAGS = 98, + GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE = 99, + GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE = 100 } gpgme_status_code_t; diff --git a/src/keylist.c b/src/keylist.c index e16ba4d..5e1c61e 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -416,23 +416,6 @@ parse_sec_field15 (gpgme_key_t key, gpgme_subkey_t subkey, char *field) } -/* Parse the compliance field. */ -static void -parse_pub_field18 (gpgme_subkey_t subkey, char *field) -{ - char *p, *endp; - unsigned long ul; - - for (p = field; p && (ul = strtoul (p, &endp, 10)) && p != endp; p = endp) - { - switch (ul) - { - case 23: subkey->is_de_vs = 1; break; - } - } -} - - /* Parse a tfs record. */ static gpg_error_t parse_tfs_record (gpgme_user_id_t uid, char **field, int nfield) @@ -731,7 +714,7 @@ keylist_colon_handler (void *priv, char *line) /* Field 18 has the compliance flags. */ if (fields >= 17 && *field[17]) - parse_pub_field18 (subkey, field[17]); + PARSE_COMPLIANCE_FLAGS (field[17], subkey); if (fields >= 20) { @@ -814,7 +797,7 @@ keylist_colon_handler (void *priv, char *line) /* Field 18 has the compliance flags. */ if (fields >= 17 && *field[17]) - parse_pub_field18 (subkey, field[17]); + PARSE_COMPLIANCE_FLAGS (field[17], subkey); break; diff --git a/src/status-table.c b/src/status-table.c index 6451134..afc7eab 100644 --- a/src/status-table.c +++ b/src/status-table.c @@ -56,6 +56,7 @@ static struct status_table_s status_table[] = { "DECRYPTION_INFO", GPGME_STATUS_DECRYPTION_INFO }, { "DECRYPTION_OKAY", GPGME_STATUS_DECRYPTION_OKAY }, { "DELETE_PROBLEM", GPGME_STATUS_DELETE_PROBLEM }, + { "DECRYPTION_COMPLIANCE_MODE", GPGME_STATUS_DECRYPTION_COMPLIANCE_MODE }, { "ENC_TO", GPGME_STATUS_ENC_TO }, { "END_DECRYPTION", GPGME_STATUS_END_DECRYPTION }, { "END_ENCRYPTION", GPGME_STATUS_END_ENCRYPTION }, @@ -137,6 +138,7 @@ static struct status_table_s status_table[] = { "UNEXPECTED", GPGME_STATUS_UNEXPECTED }, { "USERID_HINT", GPGME_STATUS_USERID_HINT }, { "VALIDSIG", GPGME_STATUS_VALIDSIG }, + { "VERIFICATION_COMPLIANCE_MODE", GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE }, {NULL, 0} }; diff --git a/src/util.h b/src/util.h index 7b7924c..fd22d75 100644 --- a/src/util.h +++ b/src/util.h @@ -224,4 +224,26 @@ extern struct assuan_malloc_hooks _gpgme_assuan_malloc_hooks; int _gpgme_assuan_log_cb (assuan_context_t ctx, void *hook, unsigned int cat, const char *msg); + + +/* Parse the compliance field. */ +#define PARSE_COMPLIANCE_FLAGS(flags, result) \ + do { \ + char *comp_p, *comp_endp; \ + unsigned long comp_ul; \ + \ + for (comp_p = (flags); \ + comp_p \ + && (comp_ul = strtoul (comp_p, &comp_endp, 10)) \ + && comp_p != comp_endp; \ + comp_p = comp_endp) \ + { \ + switch (comp_ul) \ + { \ + case 23: (result)->is_de_vs = 1; break; \ + } \ + } \ + } while (0) + + #endif /* UTIL_H */ diff --git a/src/verify.c b/src/verify.c index 900f925..ee730a3 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1078,6 +1078,10 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) if (err) return err; + case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE: + PARSE_COMPLIANCE_FLAGS (args, opd->current_sig); + break; + default: break; } ----------------------------------------------------------------------- Summary of changes: NEWS | 9 +++++++++ lang/cpp/src/decryptionresult.cpp | 5 +++++ lang/cpp/src/decryptionresult.h | 1 + lang/cpp/src/verificationresult.cpp | 5 +++++ lang/cpp/src/verificationresult.h | 1 + lang/python/src/results.py | 4 ++-- src/decrypt.c | 4 ++++ src/gpgme.h.in | 15 ++++++++++++--- src/keylist.c | 21 ++------------------- src/status-table.c | 2 ++ src/util.h | 22 ++++++++++++++++++++++ src/verify.c | 4 ++++ 12 files changed, 69 insertions(+), 24 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Jun 1 15:56:56 2017 From: cvs at cvs.gnupg.org (by Jo Van Bulck) Date: Thu, 01 Jun 2017 15:56:56 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-90-g5a22de9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 5a22de904a0a366ae79f03ff1e13a1232a89e26b (commit) from 45c39340c9926c2c5801dbab7609687c41e9ff1f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5a22de904a0a366ae79f03ff1e13a1232a89e26b Author: Jo Van Bulck Date: Thu Jan 19 17:00:15 2017 +0100 ecc: Store EdDSA session key in secure memory. * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate session key. -- An attacker who learns the EdDSA session key from side-channel observation during the signing process, can easily revover the long- term secret key. Storing the session key in secure memory ensures that constant time point operations are used in the MPI library. Signed-off-by: Jo Van Bulck diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index f91f848..813e030 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, a = mpi_snew (0); x = mpi_new (0); y = mpi_new (0); - r = mpi_new (0); + r = mpi_snew (0); ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, skey->E.p, skey->E.a, skey->E.b); b = (ctx->nbits+7)/8; ----------------------------------------------------------------------- Summary of changes: cipher/ecc-eddsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Jun 1 16:21:08 2017 From: cvs at cvs.gnupg.org (by Jo Van Bulck) Date: Thu, 01 Jun 2017 16:21:08 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.6-5-gf9494b3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-7-BRANCH has been updated via f9494b3f258e01b6af8bd3941ce436bcc00afc56 (commit) from af0d7eeac09e1a240615d4c8ea2a245f211df650 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f9494b3f258e01b6af8bd3941ce436bcc00afc56 Author: Jo Van Bulck Date: Thu Jan 19 17:00:15 2017 +0100 ecc: Store EdDSA session key in secure memory. * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate session key. -- An attacker who learns the EdDSA session key from side-channel observation during the signing process, can easily revover the long- term secret key. Storing the session key in secure memory ensures that constant time point operations are used in the MPI library. Signed-off-by: Jo Van Bulck diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index f91f848..813e030 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, a = mpi_snew (0); x = mpi_new (0); y = mpi_new (0); - r = mpi_new (0); + r = mpi_snew (0); ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, skey->E.p, skey->E.a, skey->E.b); b = (ctx->nbits+7)/8; ----------------------------------------------------------------------- Summary of changes: cipher/ecc-eddsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 03:38:20 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 02 Jun 2017 03:38:20 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-91-ge0958de Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e0958debe1a7db1bec1283115cdc6a14bf3b43e5 (commit) from 5a22de904a0a366ae79f03ff1e13a1232a89e26b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e0958debe1a7db1bec1283115cdc6a14bf3b43e5 Author: NIIBE Yutaka Date: Fri Jun 2 10:34:42 2017 +0900 secmem: Fix SEGV and stat calculation. * src/secmem (init_pool): Care about the header size. (_gcry_secmem_malloc_internal): Likewise. (_gcry_secmem_malloc_internal): Use mb->size for stats. -- GnuPG-bug-id: 3027 Signed-off-by: NIIBE Yutaka diff --git a/src/secmem.c b/src/secmem.c index 8eb6630..86de72d 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -454,7 +454,7 @@ init_pool (pooldesc_t *pool, size_t n) /* Initialize first memory block. */ mb = (memblock_t *) pool->mem; - mb->size = pool->size; + mb->size = pool->size - BLOCK_HEAD_SIZE; mb->flags = 0; } @@ -610,7 +610,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } @@ -624,7 +624,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } } @@ -641,7 +641,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) return NULL; /* Not enough memory available for a new pool. */ /* Initialize first memory block. */ mb = (memblock_t *) pool->mem; - mb->size = pool->size; + mb->size = pool->size - BLOCK_HEAD_SIZE; mb->flags = 0; pool->okay = 1; @@ -660,7 +660,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } } ----------------------------------------------------------------------- Summary of changes: src/secmem.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 08:42:47 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 02 Jun 2017 08:42:47 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.6-6-g9145675 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-7-BRANCH has been updated via 91456759b887e153c4d4ce19538d478df260cab2 (commit) from f9494b3f258e01b6af8bd3941ce436bcc00afc56 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 91456759b887e153c4d4ce19538d478df260cab2 Author: NIIBE Yutaka Date: Fri Jun 2 10:34:42 2017 +0900 secmem: Fix SEGV and stat calculation. * src/secmem (init_pool): Care about the header size. (_gcry_secmem_malloc_internal): Likewise. (_gcry_secmem_malloc_internal): Use mb->size for stats. -- GnuPG-bug-id: 3027 Signed-off-by: NIIBE Yutaka diff --git a/src/secmem.c b/src/secmem.c index 46bbf82..b2a9667 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -454,7 +454,7 @@ init_pool (pooldesc_t *pool, size_t n) /* Initialize first memory block. */ mb = (memblock_t *) pool->mem; - mb->size = pool->size; + mb->size = pool->size - BLOCK_HEAD_SIZE; mb->flags = 0; } @@ -610,7 +610,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } @@ -624,7 +624,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } } @@ -641,7 +641,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) return NULL; /* Not enough memory available for a new pool. */ /* Initialize first memory block. */ mb = (memblock_t *) pool->mem; - mb->size = pool->size; + mb->size = pool->size - BLOCK_HEAD_SIZE; mb->flags = 0; pool->okay = 1; @@ -660,7 +660,7 @@ _gcry_secmem_malloc_internal (size_t size, int xhint) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) { - stats_update (pool, size, 0); + stats_update (pool, mb->size, 0); return &mb->aligned.c; } } ----------------------------------------------------------------------- Summary of changes: src/secmem.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 09:21:23 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Jun 2017 09:21:23 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.6-8-gd0e7784 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-7-BRANCH has been updated via d0e778432b2b9a993b39aae4901e95e07bcce555 (commit) via d9cebf535ca323a07b30ed06e86a1c04c5920058 (commit) from 91456759b887e153c4d4ce19538d478df260cab2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d0e778432b2b9a993b39aae4901e95e07bcce555 Author: Werner Koch Date: Fri Jun 2 09:17:39 2017 +0200 Post release updates -- diff --git a/NEWS b/NEWS index cd8b8de..3875f53 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.7.8 (unreleased) [C21/A1/R8] +------------------------------------------------ + + Noteworthy changes in version 1.7.7 (2017-06-02) [C21/A1/R7] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index b86c032..1fe6baf 100644 --- a/configure.ac +++ b/configure.ac @@ -30,7 +30,7 @@ min_automake_version="1.14" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [7]) -m4_define(mym4_version_micro, [7]) +m4_define(mym4_version_micro, [8]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit d9cebf535ca323a07b30ed06e86a1c04c5920058 Author: Werner Koch Date: Fri Jun 2 08:48:28 2017 +0200 Release 1.7.7. * configure.ac: Set LT version to C21/A6/R7. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 305fb99..cd8b8de 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,13 @@ -Noteworthy changes in version 1.7.7 (unreleased) [C21/A1/R_] +Noteworthy changes in version 1.7.7 (2017-06-02) [C21/A1/R7] ------------------------------------------------ + * Bug fixes: + + - Fix possible timing attack on EdDSA session key. + + - Fix long standing bug in secure memory implementation which could + lead to a segv on free. [bug#3027] + Noteworthy changes in version 1.7.6 (2017-01-18) [C21/A1/R6] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index b285455..b86c032 100644 --- a/configure.ac +++ b/configure.ac @@ -56,7 +56,7 @@ AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # (No interfaces changed: REVISION++) LIBGCRYPT_LT_CURRENT=21 LIBGCRYPT_LT_AGE=1 -LIBGCRYPT_LT_REVISION=6 +LIBGCRYPT_LT_REVISION=7 # If the API is changed in an incompatible way: increment the next counter. ----------------------------------------------------------------------- Summary of changes: NEWS | 13 ++++++++++++- configure.ac | 4 ++-- 2 files changed, 14 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 09:22:55 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Jun 2017 09:22:55 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-92-g9964d3a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 9964d3a3fe0c79da79f9132998fe35923e31d92a (commit) from e0958debe1a7db1bec1283115cdc6a14bf3b43e5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9964d3a3fe0c79da79f9132998fe35923e31d92a Author: Werner Koch Date: Fri Jun 2 09:19:05 2017 +0200 Add release info from 1.7.7 to NEWS -- diff --git a/NEWS b/NEWS index 48ddeb3..d7e9bd9 100644 --- a/NEWS +++ b/NEWS @@ -58,6 +58,11 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] - Fix error code handling of mlock calls. [also in 1.7.4] + - Fix possible timing attack on EdDSA session key. [also in 1.7.7] + + - Fix long standing bug in secure memory implementation which could + lead to a segv on free. [bug#3027] [also in 1.7.7] + * Interface changes relative to the 1.7.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -67,6 +72,7 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] * Release dates of 1.7.x versions: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + Version 1.7.7 (2017-06-02) [C21/A1/R7] Version 1.7.6 (2017-01-18) [C21/A1/R6] Version 1.7.5 (2016-12-15) [C21/A1/R5] Version 1.7.4 (2016-12-09) [C21/A1/R4] ----------------------------------------------------------------------- Summary of changes: NEWS | 6 ++++++ 1 file changed, 6 insertions(+) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 09:25:14 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Jun 2017 09:25:14 +0200 Subject: [git] gnupg-doc - branch, master, updated. 725ec2b67640ced3ea0a0deb71299aec8fbb23ee Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 725ec2b67640ced3ea0a0deb71299aec8fbb23ee (commit) from 035bc0d1ccdc03f912e49f55cf15f204b27648e6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 725ec2b67640ced3ea0a0deb71299aec8fbb23ee Author: Werner Koch Date: Fri Jun 2 09:21:33 2017 +0200 swdb: Release info for Libgcrypt 1.7.7 diff --git a/web/swdb.mac b/web/swdb.mac index 37327b0..73af208 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -81,11 +81,11 @@ # # LIBGCRYPT # -#+macro: libgcrypt_ver 1.7.6 -#+macro: libgcrypt_date 2017-01-18 -#+macro: libgcrypt_size 2829k -#+macro: libgcrypt_sha1 d2b9e0f413064cfc67188f80d3cbda887c755a62 -#+macro: libgcrypt_sha2 626aafee84af9d2ce253d2c143dc1c0902dda045780cc241f39970fc60be05bc +#+macro: libgcrypt_ver 1.7.7 +#+macro: libgcrypt_date 2017-06-02 +#+macro: libgcrypt_size 2794k +#+macro: libgcrypt_sha1 ea4ae1a4dba51f15095319419d7b42a0bf160384 +#+macro: libgcrypt_sha2 b9b85eba0793ea3e6e66b896eb031fa05e1a4517277cc9ab10816b359254cd9a # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 10:50:56 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Jun 2017 10:50:56 +0200 Subject: [git] gnupg-doc - branch, master, updated. d75e85d6af89b755a89f028af527c14240145c9f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via d75e85d6af89b755a89f028af527c14240145c9f (commit) from 725ec2b67640ced3ea0a0deb71299aec8fbb23ee (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d75e85d6af89b755a89f028af527c14240145c9f Author: Werner Koch Date: Fri Jun 2 10:47:16 2017 +0200 swdb: Release info for npth-1.6 diff --git a/web/swdb.mac b/web/swdb.mac index 73af208..aab2bb2 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -140,11 +140,11 @@ # # nPth # -#+macro: npth_ver 1.4 -#+macro: npth_date 2017-05-16 +#+macro: npth_ver 1.5 +#+macro: npth_date 2017-06-02 #+macro: npth_size 292k -#+macro: npth_sha1 46c3b8e0851673df1106b5469d0da70a0b352652 -#+macro: npth_sha2 8915141836a3169a502d65c1ebd785fcc6d406cae5ee84474272ebf2fa96f1f2 +#+macro: npth_sha1 93ddf1a3bdbca00fb4cf811498094ca61bbb8ee1 +#+macro: npth_sha2 294a690c1f537b92ed829d867bee537e46be93fbd60b16c04630fbbfcd9db3c2 # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 12:41:13 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Jun 2017 12:41:13 +0200 Subject: [git] gnupg-doc - branch, preview, updated. 24cececc4b19f22b5bb8878db9ed7237021b8510 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, preview has been updated via 24cececc4b19f22b5bb8878db9ed7237021b8510 (commit) from 6021eb85de1a4dbb043eb345be75f2bc47235f11 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 24cececc4b19f22b5bb8878db9ed7237021b8510 Author: Werner Koch Date: Fri Jun 2 12:37:22 2017 +0200 campaign: Return to donation start page after SEPA and BTC diff --git a/web/donate/checkout-bc.fr.org b/web/donate/checkout-bc.fr.org index 57163d2..7ad1ba8 100644 --- a/web/donate/checkout-bc.fr.org +++ b/web/donate/checkout-bc.fr.org @@ -62,7 +62,7 @@

- Suivant + Suivant

diff --git a/web/donate/checkout-bc.ja.org b/web/donate/checkout-bc.ja.org index d498ee7..f18ada4 100644 --- a/web/donate/checkout-bc.ja.org +++ b/web/donate/checkout-bc.ja.org @@ -62,7 +62,7 @@

- ???? + ????

diff --git a/web/donate/checkout-bc.org b/web/donate/checkout-bc.org index 7c61839..016bbc5 100644 --- a/web/donate/checkout-bc.org +++ b/web/donate/checkout-bc.org @@ -62,7 +62,7 @@

- Continue + Continue

diff --git a/web/donate/checkout-se.fr.org b/web/donate/checkout-se.fr.org index 9dcd72a..02f6308 100644 --- a/web/donate/checkout-se.fr.org +++ b/web/donate/checkout-se.fr.org @@ -167,7 +167,7 @@

- Continue + Continue

diff --git a/web/donate/checkout-se.org b/web/donate/checkout-se.org index 1be355d..fa78880 100644 --- a/web/donate/checkout-se.org +++ b/web/donate/checkout-se.org @@ -165,7 +165,7 @@

- Continue + Continue

----------------------------------------------------------------------- Summary of changes: web/donate/checkout-bc.fr.org | 2 +- web/donate/checkout-bc.ja.org | 2 +- web/donate/checkout-bc.org | 2 +- web/donate/checkout-se.fr.org | 2 +- web/donate/checkout-se.org | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Jun 2 13:40:54 2017 From: cvs at cvs.gnupg.org (by Kai Michaelis) Date: Fri, 02 Jun 2017 13:40:54 +0200 Subject: [git] gnupg-doc - branch, preview, updated. 3cf3cb75f2d601a8bef1a74aa6617cbc565fe953 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, preview has been updated via 3cf3cb75f2d601a8bef1a74aa6617cbc565fe953 (commit) from 24cececc4b19f22b5bb8878db9ed7237021b8510 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3cf3cb75f2d601a8bef1a74aa6617cbc565fe953 Author: Kai Michaelis Date: Fri Jun 2 13:42:49 2017 +0200 campaign: add remark for PP & recur diff --git a/web/donate/donate.org b/web/donate/donate.org index 8b647f4..1320966 100644 --- a/web/donate/donate.org +++ b/web/donate/donate.org @@ -22,6 +22,12 @@ +