[gnutls-devel] GnuTLS | Add Linux kernel AF_ALG backend (!1404)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Apr 14 09:58:07 CEST 2021




Stephan Mueller started a new discussion on lib/accelerated/afalg.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_551250880

>  		goto end;
>  	}
>  
> -	/* The kernel may set the AAD, avoid modification of auth */
> -	iov[0].iov_base = authtmp;
> -
>  	/* Set CT buffer to be filled by kernel */
> -	iov[1].iov_base = encr;
> -	iov[1].iov_len = plain_size + tag_size;
> +	iov[0].iov_base = encr;
> +	iov[0].iov_len = (encr_size > outbuflen) ? outbuflen : encr_size;
>  
> -	if (kcapi_aead_stream_op(ctx->handle, iov, 2) < 0) {
> +	if (kcapi_aead_stream_op(ctx->handle, iov, 1) < 0) {

See the discussion above: for encryption, the kernel returns AAD || CT || TAG. Thus I am not fully sure I understand the change here why the AAD is not considered?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_551250880
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210414/a1d76f39/attachment-0001.html>


More information about the Gnutls-devel mailing list