<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<table border="0" cellpadding="0" cellspacing="0" style="width: 100%; border-collapse: separate; border-spacing: 0; margin: 0 auto;">

<tbody>

<tr>

<td style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; overflow: hidden;" align="left" bgcolor="#ffffff">

<table border="0" cellpadding="0" cellspacing="0" style="width: 100%; border-collapse: separate; border-spacing: 0;">

<tbody>

<tr>

<td style="color: #333333; border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid; font-size: 15px; font-weight: bold; line-height: 1.4; padding: 20px 0;">

Merge request <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404">!1404</a> was reviewed by <a href="https://gitlab.com/dueno">Daiki Ueno</a>

</td>

</tr>

<tr>

<td style="overflow: hidden; font-size: 14px; line-height: 1.4; display: grid;">

<p style="color: #777777;">

<a href="https://gitlab.com/dueno">Daiki Ueno</a>

started a new

discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_531104041">lib/accelerated/afalg.c</a>:

</p>

<table>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="321" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

321

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC321" class="line" lang="c">    <span class="cm" style="color: #998; font-style: italic;">/* Set PT buffer to be filled by kernel */</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="322" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

322

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC322" class="line" lang="c">    <span class="n" style="color: #333;">iov</span><span class="p">[</span><span class="mi" style="color: #099;">1</span><span class="p">].</span><span class="n" style="color: #333;">iov_base</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">plain</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="323" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

323

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC323" class="line" lang="c">    <span class="n" style="color: #333;">iov</span><span class="p">[</span><span class="mi" style="color: #099;">1</span><span class="p">].</span><span class="n" style="color: #333;">iov_len</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">plain_size</span><span class="p">;</span></span>

</pre>

</td>

</tr>

</table>

<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">

<pre class="code highlight js-syntax-highlight suggestion" lang="suggestion" data-lang-params="-0+0" v-pre="true" style="background-color: #fff; font-family: monospace; font-size: 90%; -premailer-cellpadding: 0; -premailer-cellspacing: 0; -premailer-width: 100%; margin: 0;"><code><span id="LC1" class="line" lang="suggestion">       iov[1].iov_len = kcapi_aead_outbuflen_dec(ctx->handle,</span>

<span id="LC2" class="line" lang="suggestion">                                                encr_size - tag_size,</span>

<span id="LC3" class="line" lang="suggestion">                                                auth_size,</span>

<span id="LC4" class="line" lang="suggestion">                                                tag_size) - auth_size;</span></code></pre>

</div>

<p style="color: #777777;">

<a href="https://gitlab.com/dueno">Daiki Ueno</a>

started a new

discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_531104044">lib/accelerated/afalg.c</a>:

</p>

<table>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="427" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

427

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC427" class="line" lang="c">    <span class="cm" style="color: #998; font-style: italic;">/* Set CT buffer to be filled by kernel */</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="428" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

428

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC428" class="line" lang="c">    <span class="n" style="color: #333;">iov</span><span class="p">[</span><span class="mi" style="color: #099;">1</span><span class="p">].</span><span class="n" style="color: #333;">iov_base</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">encr</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="429" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

429

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC429" class="line" lang="c">    <span class="n" style="color: #333;">iov</span><span class="p">[</span><span class="mi" style="color: #099;">1</span><span class="p">].</span><span class="n" style="color: #333;">iov_len</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">plain_size</span> <span class="o" style="font-weight: 600;">+</span> <span class="n" style="color: #333;">tag_size</span><span class="p">;</span></span>

</pre>

</td>

</tr>

</table>

<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">

<pre class="code highlight js-syntax-highlight suggestion" lang="suggestion" data-lang-params="-0+0" v-pre="true" style="background-color: #fff; font-family: monospace; font-size: 90%; -premailer-cellpadding: 0; -premailer-cellspacing: 0; -premailer-width: 100%; margin: 0;"><code><span id="LC1" class="line" lang="suggestion">       iov[1].iov_len = kcapi_aead_outbuflen_enc(ctx->handle,</span>

<span id="LC2" class="line" lang="suggestion">                                                plain_size,</span>

<span id="LC3" class="line" lang="suggestion">                                                auth_size,</span>

<span id="LC4" class="line" lang="suggestion">                                                tag_size) - auth_size;</span></code></pre>

</div>

<p style="color: #777777;">

<a href="https://gitlab.com/dueno">Daiki Ueno</a>

started a new

discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_531104045">lib/accelerated/afalg.c</a>:

</p>

<table>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="223" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

223

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC223" class="line" lang="c">    <span class="p">}</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="224" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

224

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC224" class="line" lang="c"></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="225" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

225

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC225" class="line" lang="c">    <span class="n" style="color: #333;">ctx</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">ccm</span> <span class="o" style="font-weight: 600;">=</span> <span class="o" style="font-weight: 600;">!</span><span class="n" style="color: #333;">strncmp</span><span class="p">(</span><span class="n" style="color: #333;">gnutls_aead_map</span><span class="p">[</span><span class="n" style="color: #333;">algorithm</span><span class="p">],</span> <span class="s" style="color: #d14;">"ccm"</span><span class="p">,</span> <span class="mi" style="color: #099;">3</span><span class="p">);</span></span>

</pre>

</td>

</tr>

</table>

<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">

<p dir="auto">As we only support a couple of CCM ciphers, I'd suggest just use a <code>switch</code> rather than string comparison, something like:</p>

<pre class="code highlight js-syntax-highlight c" lang="c" v-pre="true" style="background-color: #fff; font-family: monospace; font-size: 90%; -premailer-cellpadding: 0; -premailer-cellspacing: 0; -premailer-width: 100%; color: #998; font-style: italic; margin: 0;"><code><span id="LC1" class="line" lang="c"><span class="k" style="font-weight: 600;">switch</span> <span class="p">(</span><span class="n" style="color: #333;">algorithm</span><span class="p">)</span> <span class="p">{</span></span>

<span id="LC2" class="line" lang="c"><span class="k" style="font-weight: 600;">case</span> <span class="n" style="color: #333;">GNUTLS_CIPHER_AES_128_CCM</span><span class="p">:</span></span>

<span id="LC3" class="line" lang="c"><span class="k" style="font-weight: 600;">case</span> <span class="n" style="color: #333;">GNUTLS_CIPHER_AES_256_CCM</span><span class="p">:</span></span>

<span id="LC4" class="line" lang="c"><span class="p">...</span></span>

<span id="LC5" class="line" lang="c"><span class="p">}</span></span></code></pre>

</div>

<p style="color: #777777;">

<a href="https://gitlab.com/dueno">Daiki Ueno</a>

started a new

discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404#note_531104046">lib/accelerated/afalg.c</a>:

</p>

<table>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="102" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

102

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC102" class="line" lang="c">    <span class="k" style="font-weight: 600;">struct</span> <span class="n" style="color: #333;">kcapi_ctx</span> <span class="o" style="font-weight: 600;">*</span><span class="n" style="color: #333;">ctx</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">_ctx</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="103" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

103

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC103" class="line" lang="c"></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="104" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

104

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC104" class="line" lang="c">    <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">kcapi_cipher_encrypt</span><span class="p">(</span><span class="n" style="color: #333;">ctx</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">handle</span><span class="p">,</span> <span class="n" style="color: #333;">src</span><span class="p">,</span> <span class="n" style="color: #333;">src_size</span><span class="p">,</span> <span class="n" style="color: #333;">ctx</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">iv</span><span class="p">,</span></span>

</pre>

</td>

</tr>

</table>

<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">

<p dir="auto">From my experiment, <code>src_size</code> needs to be exactly the block size for CBC (or perhaps there might be an alignment issue). I haven't tried but maybe you could rewrite this (and <code>afalg_cipher_decrypt</code>) either in the following ways:</p>

<ul dir="auto">

<li>loop over <code>src_size</code>, by the block size retrieved with <code>kcapi_cipher_blocksize</code>,</li>

<li>use the stream API in a similar way to AEAD: <a href="https://www.chronox.de/libkcapi/html/ch03s06.html" rel="nofollow noreferrer noopener" target="_blank">https://www.chronox.de/libkcapi/html/ch03s06.html</a>

</li>

</ul>

<p dir="auto"><a href="https://gitlab.com/smuellerDD" data-user="1650358" data-reference-type="user" data-container="body" data-placement="top" class="gfm gfm-project_member js-user-link" title="Stephan Mueller">@smuellerDD</a> thoughts?</p>

</div>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1404">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/-/sent_notifications/5511b26e43764c9726674e791bd38c8b/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/-/merge_requests/1404"}}</script>

</p>

</div>

</body>

</html>