[gnutls-devel] GnuTLS | crypto-api: add block cipher API with automatic padding (!1611)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Thu Jul 21 11:55:04 CEST 2022
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1611 was reviewed by Alexander Sosedkin
--
<!-- Get preloaded note discussion-->
Alexander Sosedkin started a new discussion on lib/crypto-api.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1611#note_1033704954
> + * that case, @ctext must hold enough space to store padded cipher
> + * text and @ctext_len is updated to be a multiple of the block
> + * size. The initial size can be obtained by calling this function
IMO it's not fully clear from the current wording
1. what the 'initial size' refers to here
2. that one isn't supposed to call it with `ctext=NULL` when flags aren't 0
Maybe it makes sense to support `ctext=NULL` for all combinations of other parameters to reduce the surprise factor.
--
<!-- Get preloaded note discussion-->
Alexander Sosedkin started a new discussion on lib/crypto-api.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1611#note_1033704957
> + } else {
> + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
> + }
gnutls_cipher_decrypt2 can be reused in full
--
<!-- Get preloaded note discussion-->
Alexander Sosedkin started a new discussion on tests/cipher-padding.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1611#note_1033704966
> + fail("plaintext does not match\n");
> + }
> +
no coverage for decrypting / encrypting without padding
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1611
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220721/bcb77b77/attachment.html>
More information about the Gnutls-devel
mailing list