[gnutls-devel] GnuTLS | aead_decrypt broken on armeb (#941)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Feb 17 23:16:28 CET 2020
Andrew Aladjev commented:
`lib/nettle/cipher.c`:
```
if (gnutls_memcmp(((uint8_t*)encr)+encr_size, tag, tag_size) != 0) {
fprintf(stderr, "algo: %d\n", ctx->cipher->algo);
return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
}
```
This is the place where `GNUTLS_E_DECRYPTION_FAILED` was born. `algo` equals `11 GNUTLS_CIPHER_AES_256_GCM`.
```
static void
_gcm_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
const uint8_t * src)
{
gcm_decrypt(GCM_CTX_GET_CTX(ctx->ctx_ptr), GCM_CTX_GET_KEY(ctx->ctx_ptr),
GCM_CTX_GET_CIPHER(ctx->ctx_ptr), ctx->cipher->encrypt_block,
length, dst, src);
}
```
This is the function called as `ctx->cipher->decrypt(ctx, encr_size, plain, encr);` before `gnutls_memcmp` in `lib/nettle/cipher.c`. This function comes from `nettle` library and it is broken.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/941#note_289743162
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200217/c878357e/attachment.html>
More information about the Gnutls-devel
mailing list