[gnutls-devel] GnuTLS | accelerated: accept NULL as digest argument for gnutls_hash_output (!2048)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Dec 5 12:40:17 CET 2025
Daiki Ueno commented on a discussion on lib/accelerated/afalg.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/2048#note_2935473188
> {
> struct kcapi_handle *handle = ctx;
>
> + if (digest == NULL) {
`gnutls_hmac_output` does reset the state, but doesn't accept NULL as the `digest` argument. The motivation is noted in the commit message of eced4c0c2b3d3ee6a35dab99616a25910b623f79; we need a way to reset the context of SHAKE, so HMAC is out of context here.
* Should it actually do something on the kcapi level instead?
Probably no, kcapi doesn't support SHAKE.
* Do we need a similar round of fixes for `lib/accelerated/*/hmac*`?
I don't see the need for it.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2048#note_2935473188
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20251205/34de3d4d/attachment.html>
More information about the Gnutls-devel
mailing list