[sr #107822] Testing 3.0.2 on AIX

Bjørn Christensen bhc at insight.dk
Thu Sep 29 18:26:05 CEST 2011 

I have the debugger stopped at the SIGABRT.


This are the variables in _gnutls_epoch_set_keys, when calling _gnutls_init_record_state at line 440 of gnutls_constate.c

To me it look ok? But then again I am not an expert.

/bhc

session	0x202154d8 -> { ... }	
ver	0	
ret	0	
params	0x2021b1b8 -> { ... }	
	params	0x2021b1b8	
	*(params)	{ 1, 0, 4 /* GNUTLS_CIPHER_AES_128_CBC */, 6 /* GNUTLS_MAC_SHA256 */, 1 /* GNUTLS_COMP_NULL */, { ... }, { ... }, 0 }	
		epoch	1	
		initialized	0	
		cipher_algorithm	4 /* GNUTLS_CIPHER_AES_128_CBC */	
		mac_algorithm	6 /* GNUTLS_MAC_SHA256 */	
		compression_algorithm	1 /* GNUTLS_COMP_NULL */	
		read	{ { ... }, { ... }, { ... }, { ... }, 0x2021a3a8 -> { ... }, { ... } }	
		write	{ { ... }, { ... }, { ... }, { ... }, 0x00000000 -> { ... }, { ... } }	
		usage_cnt	0	
comp_algo	1 /* GNUTLS_COMP_NULL */	
mac_algo	6 /* GNUTLS_MAC_SHA256 */	
cipher_algo	4 /* GNUTLS_CIPHER_AES_128_CBC */	
export_flag	0	
key_size	16	
IV_size	16	
hash_size	32	
epoch	1	

-----Original Message-----
From: Nikos Mavrogiannopoulos [mailto:INVALID.NOREPLY at gnu.org] 
Sent: 29. september 2011 18:22
To: Nikos Mavrogiannopoulos; Bjørn Christensen; gnutls-devel at gnu.org
Subject: [sr #107822] Testing 3.0.2 on AIX

Follow-up Comment #10, sr #107822 (project gnutls):

Nettle complains because the size of the AES keys provided is invalid. That's
not expected. What are the values put to _gnutls_set_keys(), key_size,
hash_size and IV_size?

The assertion that you mention at:
gnutls_hash_int.c:55 is indeed worrying because _gnutls_mac_is_ok() is called
in _gnutls_epoch_set_keys() at gnutls_constate.c which would have ensured that
it is not called with random data.

I'd suggest that would single-step _gnutls_epoch_set_keys() and find out where
the values of the cipher algorithms and lengths go out of range.

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?107822>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

More information about the Gnutls-devel mailing list