[gnutls-help] gnutls_cipher_init Error on armv7 architecture but not on amd64
Nicolas Mora
nicolas at babelouest.org
Wed Sep 22 21:30:35 CEST 2021
Hello,
Le 2021-09-22 à 08 h 44, Daiki Ueno a écrit :
>
>> On an ARMV7 CPU (Odroid C2 or Raspberry Pi), gnutls_cipher_init
>> returns an error:
>> $ gcc -o gnutls-cipher-init gnutls-cipher-init.c -lgnutls &&
>> ./gnutls-cipher-init
>> gnutls_cipher_init Error: The request is invalid.
>
> Given the error is GNUTLS_E_INVALID_REQUEST, I guess it is failing
> because some parameters are incorrect. At first glance IV length for
> AES-128-GCM seems to be correct (= 12), while the key length is a bit
> longer (= 24).
>
> I tried to reproduce it with qemu-user-static and a docker image from:
> https://hub.docker.com/layers/multiarch/fedora/34-aarch64/images/sha256-0f4ec96493357cfb3465368d93094d54ecacdd39c1d7ce53d7e2ae843a55273b?context=explore
> but couldn't. Would it be possible to identify the point where the
> error is returned?
>
The problem is the value returned by gnutls_cipher_init which is
different between architectures.
- On an amd64 architecture, gnutls_cipher_init with an incorrect key
length returns GNUTLE_E_SUCCESS
- On an ArmV7 architecture, gnutls_cipher_init with an incorrect key
length returns GNUTLS_E_INVALID_REQUEST
The documentation on gnutls_cipher_init doesn't mention what must be
returned on incorrect parameters.
/Nicolas
More information about the Gnutls-help
mailing list