[gnutls-help] GnuTLS cryptographic API questions

Ted Zlatanov tzz at lifelogs.com
Sat Apr 15 13:45:43 CEST 2017

I put the Emacs GnuTLS crypto integration code up for review:


The original work was against libnettle, so the branch is still called
`scratch/tzz/nettle` and lives in the emacs.git master repo.

I also pushed to a PR branch on gitlab.com since that site also hosts
GnuTLS, to make it easier for the GnuTLS developers to review and


There is one update to my original list from emacs-devel:

* "the AEAD ciphers "CHACHA20-POLY1305" "AES-128-CCM-8" "AES-256-CCM-8"
  are not working yet."--they are now

I'll keep updating the GitLab PR and the emacs.git branch as I get
reviews and comments.

Questions for the GnuTLS developers:

* are my names for functions and cipher/mac properties reasonable? Is my
  classification of macs and ciphers all right?

* For non-AEAD output I'm allocating exactly equal blocks to the inputs. For
  AEAD output I'm allocating input blocks + tag size. Is that good?

* any code smells or bad practices?


More information about the Gnutls-help mailing list