[PATCH 1/2] [v3] Add API to support AEAD cipher modes
jussi.kivilinna at iki.fi
Tue Oct 22 18:21:15 CEST 2013
On 22.10.2013 17:31, Werner Koch wrote:
> On Tue, 22 Oct 2013 15:49, jussi.kivilinna at iki.fi said:
>> Do these look ok to push?
> Yes; but see below.
>>> +_gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
>>> + size_t abuflen)
>>> + log_fatal ("gcry_cipher_authenticate: invalid mode %d\n", hd->mode);
>>> + (void)abuf;
>>> + (void)abuflen;
>>> + return gpg_error (GPG_ERR_INV_CIPHER_MODE);
> Sure that you want log_fatal here? This calls abort and thus
> terminates the process. I think it is better to use log_error.
Ok, I'll change to that.
> Or do
> you fear that callers do not check the return code? Maybe we can add an
> error state to gcry_cipher_hd_t to let all further operation fail.
I based patch on Dmitry's earlier patch, so I don't know if the use of
log_fatal was intended. Maybe logging isn't needed here at all. Earlier use
of log_fatal is in gcry_cipher_encrypt/decrypt, where its use probably
makes sense. And log_error isn't used elsewhere in cipher.c.
More information about the Gcrypt-devel