[gnutls-devel] GnuTLS | Minor cleanup of HPKE API (!2097)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Thu Apr 23 10:41:05 CEST 2026
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/2097 was reviewed by Alexander Sosedkin
--
Alexander Sosedkin started a new discussion on doc/cha-crypto.texi: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278403972
> + at funcref{gnutls_hpke_seal} and can be decrypted using
> + at funcref{gnutls_hpke_open}. Applications can also export the keying
> +material without actually encrypting or decryption, using
nit: s/decryption/decrypting/
--
Alexander Sosedkin started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278403993
> + contributed by David Dudas. Given this is a technology preview, the
> + implementation might suffer modification in the following
> + period. (#1506)
should we be more blunt and say "API might change in the future"?
--
Alexander Sosedkin started a new discussion on m4/hooks.m4: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278404011
> AM_CONDITIONAL([ENABLE_CRYPTO_AUDITING], [test "$enable_crypto_auditing" = "yes"])
>
> + AC_MSG_CHECKING([whether to disable HPKE support])
if we declare API unstable, should it be off by default for a few releases?
--
Alexander Sosedkin started a new discussion on lib/hpke/hpke-key-management.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278404034
> - ret = be_lt(sk.data, order, sk.size);
> - if (!ret) {
> + if (memcmp(sk.data, order, sk.size) > 0) {
I have very little idea what's happening, but _lt lumped `==` together with `>`, but here you're using `>`. Was it supposed to be `>=`?
--
Alexander Sosedkin started a new discussion on doc/cha-crypto.texi: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278404043
> +secret. This can be done using a given key encapsulation mechanism
> +(KEM), with the encapsulation and decapsulation operations.
> + at showfuncB{gnutls_hpke_encap,gnutls_hkpe_decap}
s/hkpe/hpke/
--
Alexander Sosedkin started a new discussion on doc/cha-crypto.texi: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097#note_3278404061
> +material without actually encrypting or decryption, using
> + at funcref{gnutls_hpke_export}.
> + at showfuncB{gnutls_hpke_seal,gnutls_hkpe_open,gnutls_hpke_export}
s/hkpe/hpke/
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2097
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/4-0c87b3lfkzqiw51baawud2nh5-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260423/31cc362c/attachment-0001.html>
More information about the Gnutls-devel
mailing list