| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
--
|
|
|
|
|
|
|
|
|
|
| |
* random/rndlinux.c [__APPLE__] (HAVE_GETENTROPY): Valid only when the
macro __MAC_10_11 is available.
--
GnuPG-bug-id: 5268
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/basic.c (ALWAYS_INLINE): Make sure it is defined.
* tests/version.c (main): Print the config info to stdout.
--
We need to have the config output at stdout so that the testdrv is
able to show or suppress it.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
|
|
|
|
|
|
|
|
| |
* tests/Makefile.am (xtestsuite, xcheck): New targets.
--
This make target can be used to build tarball with all software
required for a regression tests on the target platform.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/testdrv.c: New.
--
This driver is intended to run easily run the regression tests on the
actual host platform where the software has been compiled for. In
particular for Windows cross-building is mandatory and manually
running tests is error prone.
Some of the code has been taken from gnupg/common/exechelp*.c and
re-licensed from (LGPL-3.0-or-later OR GPL-2.0-or-later) to
LGPL-2.1-or-later. The original code has been written by g10 Code
employees or contractors.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/sha256-avx2-bmi2-amd64.S
(_gcry_sha256_transform_amd64_avx2): Use 'last block' code path if
input length is only one block.
* tests/basic.c (check_one_md_final): Use dynamic allocated buffer
so that in future similar access errors get detected by
tests/basic + valgrind.
--
Reported-by: Guido Vranken <guidovranken@gmail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
| |
* cipher/ecc-ecdh.c (_gcry_ecc_mul_point): Free 'ec' at function exit.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/t-secmem.c (main): Skip test if environment variable
GCRYPT_IN_ASAN_TEST is defined.
* tests/t-sexp.c (main): Do not initialize secmem if environment
variable GCRYPT_IN_ASAN_TEST is defined.
--
ASAN and mlock are incompatible, so add GCRYPT_IN_ASAN_TEST
environment variant for skipping tests failing as result.
This allows easier automation of ASAN checks.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
| |
* src/global.c (_gcry_get_config): Append null-terminator to output
in the 'what == NULL' case.
--
Config string was not being explicitly null-terminated which resulted
garbage output from tests/version with ASAN enabled builds.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am (o_flag_munging): Add handling for '-Og'.
* random/Makefile.am (o_flag_munging): Add handling for '-Og'.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
| |
* random/jitterentropy-base.c (jent_stuck): Cast 'delta2' values to
'uint64_t' for calculation.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
| |
* mpi/mpicoder.c (_gcry_mpi_set_buffer) [BYTES_PER_MPI_LIMB == 4]: Cast
"*p--" values to mpi_limb_t before left shifting.
* tests/t-lock.c (main): Cast 'time(NULL)' to unsigned type.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
| |
* cipher/keccak.c (USE_64BIT_BMI2, USE_64BIT_SHLD)
(USE_32BIT_BMI2): Depend also on HAVE_CPU_ARCH_X86.
* random/rndjent.c [__i386__ || __x86_64__] (USE_JENT): Depend
also on HAVE_CPU_ARCH_X86.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/md4.c (md4_final): Set bctx.count zero after
finalizing.
* cipher/md5.c (md5_final): Ditto.
* cipher/rmd160.c (rmd160_final): Ditto.
* cipher/sha1.c (sha1_final): Ditto.
* cipher/sha256.c (sha256_final): Ditto.
* cipher/sha512.c (sha512_final): Ditto.
* cipher/sm3.c (sm3_final): Ditto.
* cipher/stribog.c (stribog_final): Ditto.
* cipher/tiger.c (tiger_final): Ditto.
--
Final functions used to use _gcry_md_block_write for passing
final blocks to transform function and thus set bctx.count
to zero in _gcry_md_block_write. Final functions were then
changed to use transform functions directly, but bctx.count
was not set zero after this change. Then later optimization
to final functions to pass two blocks to transform functions
in one call also changed values set to bctx.count, causing
bctx.count getting value larger than block-size of digest
algorithm.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_verify): Validate public key.
* cipher/ecc-gost.c (_gcry_ecc_gost_verify): Likewise.
* cipher/ecc-sm2.c (_gcry_ecc_sm2_verify): Likewise.
--
GnuPG-bug-id: 5282
Reported-by: Guido Vranken <guidovranken@gmail.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
| |
--
|
|
|
|
| |
* configure.ac: Bump LT version to C23/A3/R1.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/basic.c (check_one_md): Test writing to digest after read.
* cipher/hash-common.c (_gcry_md_block_write): Reset 'hd->count' if
greater than blocksize.
--
'_gcry_md_block_write' did not expect 'hd->count' being greater than
digest blocksize. However digest final function may set 'hd->count'
to larger value. Now, if write is called after final function and
'hd->count' gets too large value, 'copylen' parameter to buf_cpy
may have value larger than size of 'hd->buf' and cause heap overflow.
Reported-by: Tavis Ormandy <taviso@gmail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
| |
* src/global.c (print_config): New config line.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
|
|
|
|
|
|
|
| |
* cipher/asm-common-aarch64.h [__APPLE__] (GET_DATA_POINTER): Add MacOS
variant of macro.
--
GnuPG-bug-id: 5157
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
| |
* random/rndlinux.c [__APPLE__ && __MACH__] (getentropy): Declare.
(_gcry_rndlinux_gather_random): Check the symbol and use getentropy.
--
GnuPG-bug-id: 5268
Suggested-by: David Carlier
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
| |
* mpi/mpih-const-time.c (_gcry_mpih_mod): Handle the overflow.
--
GnuPG-bug-id: 5269
Reported-by: Guido Vranken <guidovranken@gmail.com>
Fixes-commit: 95bdfd9ce9e114f447f3639e551e8f4f63d024fe
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add check for spawn.h.
* tests/random.c: Only use posix_spawn if available.
--
Since older version doesn't have SIP or it is not enabled, no problem
using system(3).
GnuPG-bug-id: 5159
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/global.c (_gcry_vcontrol): Move "pragma GCC diagnostics" outside
function.
--
Building with GCC-4.2 (Ubuntu 8.04) failed with error:
global.c: In function '_gcry_vcontrol':
global.c:714: error: #pragma GCC diagnostic not allowed inside functions
global.c:715: error: #pragma GCC diagnostic not allowed inside functions
global.c:742: error: #pragma GCC diagnostic not allowed inside functions
GnuPG-bug-id: 5264
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher-proto (cipher_bulk_ops_t): Remove typedef, leave
forward declaration of 'struct cipher_bulk_ops'.
(gcry_cipher_setkey_t): Change 'bulk_ops' to
'struct cipher_bulk_ops *'.
* cipher/arcfour.c: Include 'cipher-internal.h'.
* cipher/gost28147.c: Ditto.
* cipher/idea.c: Ditto.
* cipher/rfc2268.c: Ditto.
* cipher/salsa20.c: Ditto.
* cipher/seed.c: Ditto.
* cipher/mac-internal.h (CTX_MAGIC_NORMAL): Rename to...
(CTX_MAC_MAGIC_NORMAL): ... this.
(CTX_MAGIC_SECURE): Rename to...
(CTX_MAC_MAGIC_SECURE): ... this.
* cipher/mac-cmac.c (cmac_open): Use CTX_MAC_MAGIC_SECURE.
* cipher/mac-gmac.c (gmac_open): Ditto.
* cipher/mac-hmac.c (hmac_open): Ditto.
* cipher/mac-poly1305.c (poly1305mac_open): Ditto.
* cipher/mac.c (mac_open): Use CTX_MAC_MAGIC_SECURE and
CTX_MAC_MAGIC_NORMAL.
--
CTX_MAC_MAGIC_* change is needed since gost28147.c now includes
both 'cipher-internal.h' and 'mac-internal.h' which both defined
CTX_MAC_MAGIC_* with different values.
GnuPG-bug-id: 5264
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/sha512.c (do_transform_generic)
[USE_ARM_ASM]: Switch to the non-NEON assembly implementation.
--
When building for ARM CPUs that don't support NEON, linking fails
with an "undefined reference to _gcry_sha512_transform_armv7_neon"
error. Switching to the non-NEON assembly function corrects this.
[jk: add bug-id]
GnuPG-bug-id: 5263
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
| |
* cipher/blake2b-amd64-avx2.S: Use rRIP instead of (RIP).
* cipher/blake2s-amd64-avx.S: Use rRIP instead of (RIP).
--
Reported-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (gcry_cv_gcc_platform_as_ok_for_intel_syntax): Remove
assembler macro check from Intel syntax assembly support check.
* cipher/sha256-avx-amd64.S: Replace assembler macros with C
preprocessor counterparts.
* cipher/sha256-avx2-bmi2-amd64.S: Ditto.
* cipher/sha256-ssse3-amd64.S: Ditto.
* cipher/sha512-avx-amd64.S: Ditto.
* cipher/sha512-avx2-bmi2-amd64.S: Ditto.
* cipher/sha512-ssse3-amd64.S: Ditto.
--
Removing GNU assembler macros allows building these implementations with
clang.
GnuPG-bug-id: 5255
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (gcry_cv_gcc_arm_platform_as_ok)
(gcry_cv_gcc_aarch64_platform_as_ok)
(gcry_cv_gcc_inline_asm_ssse3, gcry_cv_gcc_inline_asm_pclmul)
(gcry_cv_gcc_inline_asm_shaext, gcry_cv_gcc_inline_asm_sse41)
(gcry_cv_gcc_inline_asm_avx, gcry_cv_gcc_inline_asm_avx2)
(gcry_cv_gcc_inline_asm_bmi2, gcry_cv_gcc_as_const_division_ok)
(gcry_cv_gcc_as_const_division_with_wadivide_ok)
(gcry_cv_gcc_amd64_platform_as_ok, gcry_cv_gcc_win64_platform_as_ok)
(gcry_cv_gcc_platform_as_ok_for_intel_syntax)
(gcry_cv_gcc_inline_asm_neon, gcry_cv_gcc_inline_asm_aarch32_crypto)
(gcry_cv_gcc_inline_asm_aarch64_neon)
(gcry_cv_gcc_inline_asm_aarch64_crypto)
(gcry_cv_gcc_inline_asm_ppc_altivec)
(gcry_cv_gcc_inline_asm_ppc_arch_3_00)
(gcry_cv_gcc_inline_asm_s390x, gcry_cv_gcc_inline_asm_s390x): Use
AC_LINK_IFELSE check instead of AC_COMPILE_IFELSE.
--
LTO may defer assembly checking to linker stage, thus we need to use
AC_LINK_IFELSE instead of AC_COMPILE_IFELSE for these checks.
GnuPG-bug-id: 5255
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rijndael-internal.h (RIJNDAEL_context_s): Remove unused
'use_padlock', 'use_aesni', 'use_ssse3', 'use_arm_ce', 'use_ppc_crypto'
and 'use_ppc9le_crypto'.
* cipher/rijndael.c (do_setkey): Do not setup 'use_padlock',
'use_aesni', 'use_ssse3', 'use_arm_ce', 'use_ppc_crypto' and
'use_ppc9le_crypto'.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* random/rand-internal.h (_gcry_rndhw_poll_slow): Add requested length
parameter.
* random/rndhw.c (_gcry_rndhw_poll_slow): Limit accounted bytes to 50%
(or 25% for RDRAND) - this code is moved from caller side.
* random/rndlinux.c (_gcry_rndlinux_gather_random): Move
HWF_INTEL_RDRAND check to _gcry_rndhw_poll_slow.
* src/g10lib.h (HWF_PADLOCK_*, HWF_INTEL_*): Define only if
HAVE_CPU_ARCH_X86.
(HWF_ARM_*): Define only if HAVE_CPU_ARCH_ARM.
(HWF_PPC_*): Define only if HAVE_CPU_ARCH_PPC.
(HWF_S390X_*): Define only if HAVE_CPU_ARCH_S390X.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (force_soft_hwfeatures)
(ENABLE_FORCE_SOFT_HWFEATURES): New.
* src/hwf-x86.c (detect_x86_gnuc): Enable HWF_INTEL_FAST_SHLD
and HWF_INTEL_FAST_VPGATHER if ENABLE_FORCE_SOFT_HWFEATURES enabled.
--
Patch allows enabling HW features, that are fast only select CPU models,
on all CPUs. For example, SHLD instruction is fast on only select Intel
processors and should not be used on others. This configuration option
allows enabling these 'soft' HW features for testing purposes on all
CPUs.
Current 'soft' HW features are:
- "intel-fast-shld": supported by all x86 (but very slow on most)
- "intel-fast-vpgather": supported by all x86 with AVX2 (but slow on
most)
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc-curves.c (mpi_ec_setup_elliptic_curve): Fill-up or remove
preceding ZEROs correctly, fixing the third argument of mpi_set_opaque.
--
Reported-by: Vladimir Lomov <lomov.vl@yandex.ru>
GnuPG-bug-id: 5267
Fixes-commit: 361a0588489cf4a539da8debd1771024a1faa218
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc.c (ecc_sign, ecc_verify): Call
_gcry_pk_util_init_encoding_ctx at first.
--
Reported-by: Vladimir Lomov <lomov.vl@yandex.ru>
GnuPG-bug-id: 5267
Fixes-commit: d51a9c259d49c63121fab48bce48d826e9b57733
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
|\
| |
| |
| |
| |
| |
| | |
--
Master is missing latest NEWS and some other last minute changes from
the 1.9.0 release.
|
| |
| |
| |
| | |
--
|
| |
| |
| |
| | |
--
|
| | |
|
| |\
| | |
| | |
| | | |
--
|
| | |
| | |
| | |
| | | |
--
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* cipher/ecc-ecdh.c (_gcry_ecc_mul_point): Return
GPG_ERR_UNKNOWN_CURVE.
--
Unknown_curve is more specific than unknown_algorithm.
This patch also adds documentation and renames rthe parameter from
'algo' to 'curveid'.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| | |
| | |
| | |
| | | |
--
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* tests/Makefile.am: Add forgotten @LDADD_FOR_TESTS_KLUDGE@.
--
Possible linking option by @LDADD_FOR_TESTS_KLUDGE@ matters.
When system has old libgcrypt and developer tests not-yet-installed
libgcrypt by make check, without this, because LD_LIBRARY_PATH has
precedence than DT_RUNPATH, those test programs will use old libgcrypt
under LD_LIBRARY_PATH.
Fixes-commit: 9b8ac13761f0407bd701e43b0a65fbada204958f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* cipher/rijndael-aesni.c (aesni_ocb_checksum, aesni_ocb_enc)
(aesni_ocb_dec, _gcry_aes_aesni_ocb_auth): Split assembly blocks
with more than 4 memory operands to smaller blocks.
* cipher/sha512-ssse3-i386.c (W2): Split big assembly block to
three smaller blocks.
--
On i386, with -O0, assembly blocks with many memory operands cause
compiler error such as:
rijndael-aesni.c:2815:7: error: 'asm' operand has impossible constraints
Fix is to split assembly blocks so that number of operands per block is
reduced.
GnuPG-bug-id: 5257
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* tests/basic.c (CLUTTER_VECTOR_REGISTER_NEON)
(CLUTTER_VECTOR_REGISTER_AARCH64): Remove check for __ARM_FEATURE_SIMD32.
--
Cluttering of NEON vector registers was enabled even if NEON was
not active for current compiler target. Issue was caused by
enabling NEON cluttering by wrong feature macro __ARM_FEATURE_SIMD32.
GnuPG-bug-id: 5251
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* cipher/kdf.c (selftest_pbkdf2): Make 'tv[]' constant.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* cipher/kdf.c (selftest_pbkdf2): Add null-terminator to TV array.
--
This was causing kdf self-test to fail on s390x builds.
GnuPG-bug-id: 5254
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* cipher/bithelp.h (_gcry_ctz64): Use __builtin_ctzl if available.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* configure.ac (gcry_cv_have_builtin_ctzl, gcry_cv_have_builtin_clz)
(gcry_cv_have_builtin_clzl): New checks.
* mpi/longlong.h (count_leading_zeros, count_trailing_zeros): Use
__buildin_clz[l]/__builtin_ctz[l] if available and bit counting
macros not yet provided by inline assembly.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|