Android gpg-agent crashes in libgcrypt when signing, decrypting, importing secret keys

Jussi Kivilinna jussi.kivilinna at iki.fi
Thu Feb 20 18:12:36 CET 2014


On 20.02.2014 02:38, Hans-Christoph Steiner wrote:
> 
> On 02/02/2014 02:31 PM, Jussi Kivilinna wrote:
>> On 01.02.2014 05:16, Hans-Christoph Steiner wrote:
>>>
>>> On 01/31/2014 02:43 AM, Werner Koch wrote:
>>>> On Fri, 31 Jan 2014 03:20, hans at guardianproject.info said:
>>>>
>>>>> libgcrypt from master to the 1.6.x branch, which does not include "Parse
>>>>> /proc/cpuinfo for ARM HW features". So its likely building with NEON
>>>>
>>>> I'll have a look at it.
>>>
>>> The adventure continues... now that the "Parse /proc/cpuinfo" patch is in
>>> LIBGCRYPT-1-6-BRANCH and I removed --disable-neon-support to rely on
>>> auto-detection, it builds for NEON and it now passes all of the libgcrypt
>>> tests on the emulator.  But now gpgme tests fail:
>>>
>>> Running gpgme/run-import --verbose pubkey-1.asc
>>> run-import: file run-support.h line 133: <GPGME> Invalid crypto engine
>>> Running gpgme/run-import --verbose pubdemo.asc
>>> run-import: file run-support.h line 133: <GPGME> Invalid crypto engine
>>> Running gpgme/run-import --verbose pubkey-1.asc
>>> run-import: file run-support.h line 133: <GPGME> Invalid crypto engine
>>> Running gpgme/run-keylist --verbose
>>> run-keylist: file run-support.h line 133: <GPGME> Invalid crypto engine
>>>
>>> The complete build and test log is here:
>>> https://dev.guardianproject.info/attachments/download/1141/gpga-build-and-test-log-neon-build-with-proc-cpuinfo.txt.bz2
>>>
>>> So without the /proc/cpuinfo patch, all the tests pass (expect fdpassing and
>>> fips random) and it also passes my manual tests on a device.
>>
>> Does the attached patch help?
>>
>> For me, the tests succeed with 'release' CFLAGS + -mno-unaligned-access and removed --disable-neon-support when using this patch to fix 'ARMv6 or newer' detection for libgcrypt configure.
> 
> Hey Jussi,
> 
> Your patch fixed the issue for me, but I don't see any new commits in
> libgcrypt 1.6 branch related to this.  Are there any open questions I can help
> with?

I was waiting for your feedback on the patch and then completely forgot about it :)
Patch has now been pushed to libgcrypt 1.6 branch.

-Jussi

> 
> .hc
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 730 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140220/8966ae73/attachment.sig>


More information about the Gnupg-devel mailing list