Android gpg-agent crashes in libgcrypt when signing, decrypting, importing secret keys

Hans-Christoph Steiner hans at guardianproject.info
Thu Jan 30 20:56:18 CET 2014 

On 01/30/2014 02:49 PM, Hans-Christoph Steiner wrote:
> 
> 
> On 01/30/2014 10:43 AM, Jussi Kivilinna wrote:
>> On 30.01.2014 00:59, Hans-Christoph Steiner wrote:
>>>
>>>
>>> On 01/28/2014 05:48 PM, Werner Koch wrote:
>>>> On Tue, 28 Jan 2014 20:41, hans at guardianproject.info said:
>>>>
>>>>> I don't know if you saw this, but the current builds have these ./configure
>>>>> flags in them:
>>>>> --disable-padlock-support --disable-drng-support --disable-neon-support.  The
>>>>
>>>> FWIW: --disable-neon-support was not working until I fixed that in
>>>> master this afternoon.
>>>
>>> That was very helpful!  Now all the tests so far pass on the emulator.
>>
>> Good news.
>>
>>> The
>>> problem is that is has gotten stuck on libgcrypt/tests/random for over an
>>> hour.  Its stuck here:
>>>
>>> random: now running with options '--early-rng-check --prefer-system-rng'
>>> random: checking whether RNG type switching works in the early stage
>>> random: checking whether RNG type switching works
>>> random: now running with options '--prefer-standard-rng'
>>> random: checking whether RNG type switching works
>>> random: now running with options '--prefer-fips-rng'
>>> random: checking whether RNG type switching works
>>>
>>> The full test log is attached, the build log is here:
>>> https://dev.guardianproject.info/attachments/download/1138/gpga-build_with-working---disable-neon-support.txt.bz2
>>>
>>> It would be great to also continue to debug the NEON support, since it'll make
>>> a huge difference on Android devices.  I think this change above confirms that
>>> the process is working properly, sounds like the next step is getting Jussi
>>> setup with an Android SDK/NDK and emulator.  I'm happy to help with that
>>> process, it shouldn't take longer than an hour.  In my experience, it
>>> generally much easier to do on Debian/Ubuntu.
>>
>> I setup SDK&NDK yesterday and managed to build 'make -C external/' and ndk-build stages.
>>
>> ant clean debug fails with:
>> <snip>
>>  debug:
>>
>>  -code-gen:
>>  [mergemanifest] Merging AndroidManifest files into one.
>>  [mergemanifest] Manifest merger disabled. Using project manifest only.
>>       [echo] Handling aidl files...
>>       [aidl] No AIDL files to compile.
>>       [echo] ----------
>>       [echo] Handling RenderScript files...
>>       [echo] ----------
>>       [echo] Handling Resources...
>>       [aapt] Generating resource IDs...
>>       [aapt] /home/jussi/kernel/gnupg-for-android/res/layout/first_run_setup_activity.xml:21: error: No resource identifier found for attribute 'textAlignment' in package 'android'
>>       [aapt] /home/jussi/kernel/gnupg-for-android/res/layout/first_run_welcome_activity.xml:22: error: No resource identifier found for attribute 'textAlignment' in package 'android'
>>       [aapt] /home/jussi/kernel/gnupg-for-android/res/layout/first_run_welcome_activity.xml:37: error: No resource identifier found for attribute 'textAlignment' in package 'android'
>>       [aapt] aapt: warning: string 'dialog_share_file_using' has no default translation in /home/jussi/kernel/gnupg-for-android/libs/appcompat/res; found: cs de es pl
>>
>>  BUILD FAILED
>>  /home/jussi/android-sdk-linux/tools/ant/build.xml:653: The following error occurred while executing this line:
>>  /home/jussi/android-sdk-linux/tools/ant/build.xml:698: null returned: 1
>>
>>  Total time: 3 seconds
>>
>> I'll look more closely at this on weekend.
> 
> Odd that this didn't fail on our build server, but I pushed a fix for this
> anyhow.  Here is the whole procedure for including the tests in the APK:
> 
> make -C external/ distclean clean-assets
> make -C external/
> make -C external/ assets-tests
> ndk-build clean
> ndk-build
> ./setup-ant.sh
> ant clean debug
> 
> Then to run the tests, first install the APK and run it so that it sets up all
> of its included assets. Once the Android app has completed its initial setup, run:
> 
> ./assets/tests/launch_run-tests_on-android.sh
> 
> Since the whole thing is quite a big package, I find it easier to copy only
> the tests that changed into place using `adb push`.  That only works if you
> have root access to your device, which you do for an emulator.
> 
> You can also use `adb shell` to get a shell and run things there.  Keep in
> mind that the only way an executable can find shared libraries is by setting
> LD_LIBRARY_PATH, so you'll probably need to set that in `adb shell` in order
> for the tests to find the shared libraries.  That would look something like this:
> 
> export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/data/data/info.guardianproject/gpg/lib:\
> /data/data/info.guardianproject/gpg/app_opt/lib
> 
> .hc

I forgot to add, I attached two patches which I use for the testing setup.

.hc

-- 
PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-REMOVE-ME-debug-flags-for-native-builds.patch
Type: text/x-patch
Size: 1972 bytes
Desc: not available
URL: </pipermail/attachments/20140130/7b56b497/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-REMOVE-ME-enable-debug-logs.patch
Type: text/x-patch
Size: 2335 bytes
Desc: not available
URL: </pipermail/attachments/20140130/7b56b497/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 969 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140130/7b56b497/attachment.sig>

More information about the Gnupg-devel mailing list