[gnutls-help] gnutls_cipher_init Error on armv7 architecture but not on amd64

Nicolas Mora nicolas at babelouest.org
Wed Sep 22 21:30:35 CEST 2021


Hello,

Le 2021-09-22 à 08 h 44, Daiki Ueno a écrit :
> 
>> On an ARMV7 CPU (Odroid C2 or Raspberry Pi), gnutls_cipher_init
>> returns an error:
>> $ gcc -o gnutls-cipher-init gnutls-cipher-init.c -lgnutls &&
>> ./gnutls-cipher-init
>> gnutls_cipher_init Error: The request is invalid.
> 
> Given the error is GNUTLS_E_INVALID_REQUEST, I guess it is failing
> because some parameters are incorrect.  At first glance IV length for
> AES-128-GCM seems to be correct (= 12), while the key length is a bit
> longer (= 24).
> 
> I tried to reproduce it with qemu-user-static and a docker image from:
> https://hub.docker.com/layers/multiarch/fedora/34-aarch64/images/sha256-0f4ec96493357cfb3465368d93094d54ecacdd39c1d7ce53d7e2ae843a55273b?context=explore
> but couldn't.  Would it be possible to identify the point where the
> error is returned?
> 
The problem is the value returned by gnutls_cipher_init which is 
different between architectures.

- On an amd64 architecture, gnutls_cipher_init with an incorrect key 
length returns GNUTLE_E_SUCCESS
- On an ArmV7 architecture, gnutls_cipher_init with an incorrect key 
length returns GNUTLS_E_INVALID_REQUEST

The documentation on gnutls_cipher_init doesn't mention what must be 
returned on incorrect parameters.

/Nicolas



More information about the Gnutls-help mailing list