[gnutls-devel] gnutls_prf not compliant to RFC 5705 (or confusingly so)

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Jul 20 21:38:00 CEST 2015


On Mon, 2015-07-20 at 20:38 +0200, Rick van Rein wrote:
> Hi Nikos,
> 
> One thing though; with your patch, gnutls_prf_rfc5705() responds to
> context==NULL and context_size=-1 with an error due to the unsigned
> check on > 65535.  This does not seem helpful but it can be confusing --
> or lead to unnoticed weak keys (I got AAAAAAAAAAAAAAAAAAAAAA== but who
> prints session keys??)

Should we need to handle that case? I mean the size_t is an unsigned
type anyway, -1 is not an accepted value.

> Section 4 literally says "The context MAY be zero length."  Since it
> refers the context, I am assuming they mean the case "If context is
> provided, it computes:".

Yes, I stumbled on that section too. Anyway I've made it handle that
case and documented it. As it is a new API it will cause no issues to
existing software.

Thanks for bringing that up.
Nikos





More information about the Gnutls-devel mailing list