智写AI

The GNU MP Bignum Library

NEWS 2023-06-16: The GMP server is under attack by several hundred IP addresses
owned by Microsoft cooperation. We do not know if this is made with malice, if
it is some sort of mistake, or if some of their cloud customer is running the
attack. The attack targets the GMP repo, with thousands of identical requests,
most of which makes our server compress the data.

We’re firewalling off all of Microsoft’s IP addresses as an emergency response.
This is a blunt response, but it is the only response which solves the problem
quickly, allowing legitimate site usage to work again.

UPDATE 2023-06-18: We got a reply from somebody with an impressive title at
Github. This person explains that Microsoft and Github have investigated this,
and they blame a Github user and the poor GMP infrastructure. It is very
interesting that they have done nothing to stop the traffic; we need to keep
defending our server by firewalling off more Microsoft IP ranges as I write this 30
hours after Github’s response. It is also curious that they blame the
victim. (Our infrastructure is pretty resilient with powerful server-class
hardware and great connectivity to the Internet.)

Thanks to a very generous donation from Christian Calderon, the GMP project now
has a brand new, AMD Epyc server which will replace the old server. This is
great for GMP, not only because of the old server’s hardware security issues,
but also since the new server is 3x more powerful than the old one.

Here are the specs of the system Christian has given us:

  • Supermicro barebone 1114S-WTRT
  • AMD Epyc 7402P 24-core CPU
  • 256 GiB of ECC RAM
  • 1.6 TB PCIe SSD disk (Samsung PM1735)

What is GMP?

GMP is a free library for arbitrary precision arithmetic, operating on
signed integers, rational numbers, and floating-point numbers. There is no
practical limit to the precision except the ones implied by the available
memory in the machine GMP runs on. GMP has a rich set of functions, and the
functions have a regular interface.

The main target applications for GMP are cryptography applications and
research, Internet security applications, algebra systems, computational
algebra research, etc.

GMP is carefully designed to be as fast as possible, both for small operands
and for huge operands. The speed is achieved by using fullwords as the basic
arithmetic type, by using fast algorithms, with highly optimised assembly code
for the most common inner loops for a lot of CPUs, and by a general emphasis on
speed.

The first GMP release was made in 1991. It is continually developed and
maintained, with a new release about once a year.

Since version 6, GMP is distributed under the dual licenses,
GNU LGPL v3
and GNU GPL v2.
These licenses make the library free to use, share, and improve, and allow you
to pass on the result. The GNU licenses give freedoms, but also set firm
restrictions on the use with non-free programs.

GMP is part of the GNU project. For more information about the GNU project,
please see the official GNU web site.

GMP’s main target platforms are Unix-type systems, such as GNU/Linux,
Solaris, HP-UX, Mac OS X/Darwin, BSD, AIX, etc. It also is known to work on
Windows in both 32-bit and 64-bit mode.

GMP is brought to you by a team listed in
the manual.

GMP is carefully developed and maintained, both technically and legally. We
of course inspect and test contributed code carefully, but equally importantly
we make sure we have the legal right to distribute the contributions, meaning
users can safely use GMP. To achieve this, we will ask contributors to sign
paperwork where they allow us to distribute their work.

GMP function categories

There are several categories of functions in GMP:

  1. High-level signed integer arithmetic functions (mpz). There are about 150
    arithmetic and logic functions in this category.
  2. High-level rational arithmetic functions (mpq). This category consists of
    about 35 functions, but all mpz functions can be used
    too, by applying them to the numerator and denominator separately.
  3. High-level floating-point arithmetic functions (mpf). This is the GMP
    function category to use if the C type `double’ doesn’t give enough
    precision for an application. There are about 70 functions in this
    category. New projects should strongly consider using the much more
    complete GMP extension library mpfr
    instead of mpf.
  4. C++ class based interface to all of the above. (The C functions and types
    can of course be used directly from C++ too.)
  5. Low-level positive-integer, hard-to-use, very low overhead functions are
    found in the mpn category. No memory management is performed; the caller
    must ensure enough space is available for the results. The set of
    functions is not always regular, nor is the calling interface. These
    functions accept input arguments in the form of pairs consisting of a
    pointer to the least significant word, and an integral size telling how
    many limbs (= words) there are in that argument. The functions in the
    other categories call mpn for almost all their calculations. Of these
    functions about 60 are public.

Download the latest release of GMP

To try to verify that the file you have downloaded has not been tampered
with, you can check that the GnuPG signature matches the contents of the file.
Use your
GnuPG software or a
key server directly to get the key that was
used for creating the signature. Starting from the repackaging of gmp-5.1.0 as
gmp-5.1.0a.tar.* the following key is used to sign GMP releases:


Key ID: 0x28C67298
Key type: 2560 bit RSA
Fingerprint: 343C 2FF0 FBEE 5EC2 EDBE F399 F359 9FF8 28C6 7298

Instead of using a release, you may also get the latest code from the
GMP repositories. This will require some
more work compared to using a release.

Reporting bugs in GMP

Please first see the
manual on how to report bugs. The
proper address for bug reports is gmp-bugs at gmplib.org.

Most problems with GMP these days are due to problems not in GMP, but with
the compiler used for compiling the GMP sources. This is a major concern to
the GMP project, since an incorrect computation is an incorrect computation,
whether caused by a GMP bug or a compiler bug. We fight this by making the GMP
testsuite have great coverage, so that it should catch every possible
miscompilation.

GMP mailing lists

Note that we perform spam and virus filtering of these lists. The lists
have been 100% spam-free during the last years.

We’re blocking all mail from PR China, since 99% of
the spam arriving to the GMP moderators emanates from PR China. If you are
affected but have a legitimate reason to send mail to the GMP project, e.g., if
you work at a university or corporation with an interest in GMP, please let us
know; we will open access for you.

Status of the current release

The current stable release is 6.2.1, released 2020-11-14.

Issues with GMP 6.2.1:
  • While we added support for Apple’s new Arm based computers, our support
    has a problem. The problem is that Apple reserves CPU register x18, but
    GMP’s mpn/arm64 assembly code uses that register. While GMP runs fine in our
    tests, we expect things to go awry in some execution situation. (Apple has
    not been kind enough to specify how they use x18. Therefore, we don’t know
    what the consequences of using x18 might be.)
Issues with GMP 6.2.0:
  • MacOS Xcode 11 prior to 11.3 miscompiles GMP, leading to crashes and
    miscomputation.
Issues with GMP 6.1.2:
  • MacOS Xcode 11 prior to 11.3 miscompiles GMP, leading to crashes and
    miscomputation.
Issues with GMP 6.1.1:
  • There are several issues with mini-gmp. Please see the special
    mini-gmp-status page.
Issues with GMP 6.1.0:
  • An assembly file which is used for Intel Broadwell and Intel Skylake
    (except crippled Pentiums and Celerons without BMI2) will not work
    correctly for Windoze.
    Patch.
  • See also issues for subsequent releases above.
Issues with GMP 6.0.0:
  • [No issues found yet.]
  • See also issues for subsequent releases above.
Issues with GMP 5.1.3:
  • The documentation of mpn_set_str is incorrect and
    incomplete wrt allocation requirements.
    Patch.
  • See also issues for subsequent releases above.
Issues with GMP 5.1.2:
  • The functions mpn_sbpi1_div_qr_sec and
    mpn_sbpi1_div_r_sec compute incorrect results for some
    operands. With uniformly distributed random operands, the error is very
    hard to trigger, and for the intended use of these functions, operands can
    be expected to appear as such random operands from these functions’
    perspective. Patch.
  • The internal function mpn_divrem_2 on Itanium clobbers two callee-saves
    registers. This can lead to miscomputations or crashes in the callers.
    Patch.
  • See also issues for subsequent releases above.
Issues with GMP 5.1.1:
  • Windows only: A 64-bit build for AMD Bulldozer and Piledriver chips, or
    a fat 64-bit build running on these chips, will not work correctly.
    Patch.
  • The function mpz_powm_ui computes garbage if the base
    argument is over 15000 decimal or the mod argument is at least 7500 decimal
    digits. No other GMP powm function is affected.
    Patch.
  • See also issues for subsequent releases above.
Issues with GMP 5.1.0:
  • The mini-gmp.c file, which implements a subset of mpn and mpz, was not
    properly tested and contained a number of bugs. Please do not use the
    5.1.0 version of mini-gmp.c. Note that these bugs do not affect GMP
    itself.
  • The included top-level Makefile.in has an automake-generated
    distcheck target which creates a world-writable directory.
    This target is not used in the GMP release process, but it is a potential
    security problem affecting users who invoke this make target. This
    problem (and no other) is corrected in the gmp-5.1.0a.tar.* set of
    files.
  • See also issues for subsequent releases above.

For patches to older GMP versions, please see the
Info on older GMP releases.

Future releases

Please see the GMPng page for information on
what we’re working on.


Source link