[gnutls-help] gnutls_cipher_init Error on armv7 architecture but not on amd64
Daiki Ueno
ueno at gnu.org
Thu Sep 23 06:44:27 CEST 2021
Nicolas Mora <nicolas at babelouest.org> writes:
> The problem is the value returned by gnutls_cipher_init which is
> different between architectures.
>
> - On an amd64 architecture, gnutls_cipher_init with an incorrect key
> length returns GNUTLE_E_SUCCESS
> - On an ArmV7 architecture, gnutls_cipher_init with an incorrect key
> length returns GNUTLS_E_INVALID_REQUEST
Key length mismatch is just my random guess, so I would like to first
confirm that it works if you truncate the key to 16 bytes?
If so, it's likely that we miss some checks when calling out our
accelerated code (lib/accelerated/x86/aes-gcm-*.c) or nettle functions
(I'm more worried about what happens -- under valgrind or ASan -- if you
use a shorter key).
> The documentation on gnutls_cipher_init doesn't mention what must be
> returned on incorrect parameters.
Absolutely.
Regards,
--
Daiki Ueno
More information about the Gnutls-help
mailing list