From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: SK Kim <tttuuu888@gmail.com>
Newsgroups: gmane.emacs.bugs
Subject: bug#65826: [PATCH] Add nonce support for gnutls-hash-mac
Date: Sat, 9 Sep 2023 00:58:52 +0900
Message-ID: <CAKYNWwQN08JFCpedr+tAT3-0VkfYhQuys25Ku3enh8A0jVkPeA@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="0000000000003dc7f10604db0e1f"
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="23455"; mail-complaints-to="usenet@ciao.gmane.io"
To: 65826@debbugs.gnu.org
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Sep 08 18:01:13 2023
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1qeduz-0005sn-Hi
	for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 08 Sep 2023 18:01:13 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1qedu4-0005XG-Ez; Fri, 08 Sep 2023 12:00:16 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qedto-0005Ue-PG
 for bug-gnu-emacs@gnu.org; Fri, 08 Sep 2023 12:00:02 -0400
Original-Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qedto-0000BI-G1
 for bug-gnu-emacs@gnu.org; Fri, 08 Sep 2023 12:00:00 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1qedtq-0006P9-H4
 for bug-gnu-emacs@gnu.org; Fri, 08 Sep 2023 12:00:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: SK Kim <tttuuu888@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Fri, 08 Sep 2023 16:00:02 +0000
Resent-Message-ID: <handler.65826.B.169418875824538@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 65826
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: patch
X-Debbugs-Original-To: bug-gnu-emacs@gnu.org
Original-Received: via spool by submit@debbugs.gnu.org id=B.169418875824538
 (code B ref -1); Fri, 08 Sep 2023 16:00:02 +0000
Original-Received: (at submit) by debbugs.gnu.org; 8 Sep 2023 15:59:18 +0000
Original-Received: from localhost ([127.0.0.1]:45282 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1qedt8-0006Ni-BK
 for submit@debbugs.gnu.org; Fri, 08 Sep 2023 11:59:18 -0400
Original-Received: from lists.gnu.org ([2001:470:142::17]:36782)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <tttuuu888@gmail.com>) id 1qedt6-0006NQ-Cu
 for submit@debbugs.gnu.org; Fri, 08 Sep 2023 11:59:17 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <tttuuu888@gmail.com>)
 id 1qedsx-0004xH-O1
 for bug-gnu-emacs@gnu.org; Fri, 08 Sep 2023 11:59:07 -0400
Original-Received: from mail-ua1-x933.google.com ([2607:f8b0:4864:20::933])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <tttuuu888@gmail.com>)
 id 1qedsv-0008RX-Cm
 for bug-gnu-emacs@gnu.org; Fri, 08 Sep 2023 11:59:07 -0400
Original-Received: by mail-ua1-x933.google.com with SMTP id
 a1e0cc1a2514c-78caeb69125so920973241.3
 for <bug-gnu-emacs@gnu.org>; Fri, 08 Sep 2023 08:59:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1694188743; x=1694793543; darn=gnu.org;
 h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
 :date:message-id:reply-to;
 bh=1oRq1atVcS5PIKXpvjDnsAaMKmKwkvcR3y9Ipe2wi5k=;
 b=rYpD+veXhp5ef2rLDfyB21or9KMF2vQubQeTH/u60W2YBkLO4fxnVjDqNyA2fOYbB5
 2LiWbcGVsTJ/rqbKNAT6MiaHebDfaAv0kxSu8UpSPR/dDL0iy2p//SMF03i3hxiNSuUF
 wotN2DRTAtn9xfPsT6FQf5wpqMhGnFu882CUtsG/94ZOZAAMOpU8WME/APsoRi3m+iPv
 qenJJ4n7YGaa1cLK6iiH2+j+PHnLXTuSVp8AUo6Pe7BmriC+fvmwxw9AowaJCuxPNJZ4
 to45DCBiDJTVHTqcQ6RbONgbidX3OJAKoFlAW4nCfjBjbaHLNvfwkqt4SnvLL8tcpcwV
 /U7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1694188743; x=1694793543;
 h=to:subject:message-id:date:from:mime-version:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=1oRq1atVcS5PIKXpvjDnsAaMKmKwkvcR3y9Ipe2wi5k=;
 b=KC6RRDiLcNZTJ9LDOgJuyi+QxdGLVkJiKNVP+9K+MSmsSHIbmnO0cHSKcPhfsqsud2
 4JX70kCHIQKwvdfIt1LZjitdhZO1q0uiA95IJXJIIGIsJsOqf7UOzOX8lxUzHIAf7FBD
 VtMangMhNwjypWFjSepNSggpyMa/AW9BRodYsx7bu7LQzzNOj2Qbz4q8OGIK2Me26Tj5
 GS9PthAELMZpdt3UEAqBgbAcTFFAM0qhLD51RwbAiyoUjnYdiSpIeYPIpGMEWyDdBNAk
 UC7J7M+7pvD0ASpJlKh5f3SHbvY//ElkQmR2OGI29qaKle7V2uEIdSga9n3dLBULXwkU
 IRXQ==
X-Gm-Message-State: AOJu0Ywxtwvgh9OyJP4JAOlcUM7SVQHtc/032xv8qN+kjVOEuoet7WnB
 6A2dZcLb9nOG5Uj+ExeuokENhx0bWyWyXy0vhL4qWFTgzjQ=
X-Google-Smtp-Source: AGHT+IE5UpjyNE2yMpfDrEw3B7ctjxbEJBJLN7CDvqxxJwaeB1TwNs/BduACPOfltVdheP/42+bBcfACZtJQj3T5wOM=
X-Received: by 2002:a67:f999:0:b0:44d:5178:23cb with SMTP id
 b25-20020a67f999000000b0044d517823cbmr3123846vsq.27.1694188743536; Fri, 08
 Sep 2023 08:59:03 -0700 (PDT)
Received-SPF: pass client-ip=2607:f8b0:4864:20::933;
 envelope-from=tttuuu888@gmail.com; helo=mail-ua1-x933.google.com
X-Spam_score_int: -17
X-Spam_score: -1.8
X-Spam_bar: -
X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:269787
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/269787>

--0000000000003dc7f10604db0e1f
Content-Type: multipart/alternative; boundary="0000000000003dc7ef0604db0e1d"

--0000000000003dc7ef0604db0e1d
Content-Type: text/plain; charset="UTF-8"

Hi,

As far as I understood, currently `gnutls-hash-mac' does not support nonce
input, so there is no way to properly hash with some MAC algorithms which
require nonce. (e.g AES-GMAC-128)
So I suggest adding an optional argument NONCE to `gnutls-hash-mac' to
support MAC algorithms with nonce.

What I have tested after applying the attached patch are as below.
1. AES-GMC-128/192/256 works correctly.
2. NONCE does not affect SHA256/SHA512 hash results, even if presented.

Since NONCE is added as an optional argument, I believe it will not even
affect existing code using the 'gnutls-hash-mac' function.

Thanks.

Seungki Kim

--0000000000003dc7ef0604db0e1d
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:monospac=
e,monospace">Hi,<br><br>As far as I understood, currently `gnutls-hash-mac&=
#39; does not support nonce input, so there is no way to properly hash with=
 some MAC algorithms which require nonce. (e.g AES-GMAC-128)<br>So I sugges=
t adding an optional argument NONCE to `gnutls-hash-mac&#39; to support MAC=
 algorithms with nonce.<br><br>What I have tested after applying the attach=
ed patch are as below.<br>1. AES-GMC-128/192/256 works correctly.<br>2. NON=
CE does not affect SHA256/SHA512 hash results, even if presented.<br><br>Si=
nce NONCE is added as an optional argument, I believe it will not even affe=
ct existing code using the &#39;gnutls-hash-mac&#39; function.<br><br>Thank=
s.<br><br>Seungki Kim<br></div></div>

--0000000000003dc7ef0604db0e1d--

--0000000000003dc7f10604db0e1f
Content-Type: text/x-patch; charset="US-ASCII"; 
	name="0001-add-nonce-support-for-gnutls-hash-mac.patch"
Content-Disposition: attachment; 
	filename="0001-add-nonce-support-for-gnutls-hash-mac.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_lmarzhft0>
X-Attachment-Id: f_lmarzhft0

ZGlmZiAtLWdpdCBhL3NyYy9nbnV0bHMuYyBiL3NyYy9nbnV0bHMuYwppbmRleCBlM2YxMDkzZDk3
Ny4uMjZkZDE3ZTY3M2MgMTAwNjQ0Ci0tLSBhL3NyYy9nbnV0bHMuYworKysgYi9zcmMvZ251dGxz
LmMKQEAgLTI3NDAsNyArMjc0MCw3IEBAIERFRlVOICgiZ251dGxzLWRpZ2VzdHMiLCBGZ251dGxz
X2RpZ2VzdHMsIFNnbnV0bHNfZGlnZXN0cywgMCwgMCwgMCwKICAgcmV0dXJuIGRpZ2VzdF9hbGdv
cml0aG1zOwogfQogCi1ERUZVTiAoImdudXRscy1oYXNoLW1hYyIsIEZnbnV0bHNfaGFzaF9tYWMs
IFNnbnV0bHNfaGFzaF9tYWMsIDMsIDMsIDAsCitERUZVTiAoImdudXRscy1oYXNoLW1hYyIsIEZn
bnV0bHNfaGFzaF9tYWMsIFNnbnV0bHNfaGFzaF9tYWMsIDMsIDQsIDAsCiAgICAgICAgZG9jOiAv
KiBIYXNoIElOUFVUIHdpdGggSEFTSC1NRVRIT0QgYW5kIEtFWSBpbnRvIGEgdW5pYnl0ZSBzdHJp
bmcuCiAKIFJldHVybiBuaWwgb24gZXJyb3IuCkBAIC0yNzUyLDExICsyNzUyLDE2IEBAIERFRlVO
ICgiZ251dGxzLWhhc2gtbWFjIiwgRmdudXRsc19oYXNoX21hYywgU2dudXRsc19oYXNoX21hYywg
MywgMywgMCwKIFRoZSBJTlBVVCBjYW4gYWxzbyBiZSBzcGVjaWZpZWQgYXMgYSBidWZmZXIgb3Ig
c3RyaW5nIG9yIGluIG90aGVyCiB3YXlzLgogCitUaGUgTk9OQ0UgY2FuIGFsc28gYmUgc3BlY2lm
aWVkIGFzIGEgYnVmZmVyIG9yIHN0cmluZyBvciBpbiBvdGhlcgord2F5cy4gSWYgTUFDIGFsZ29y
aXRobSBkb2VzIG5vdCByZXF1aXJlIG5vbmNlLCB0aGUgb3B0aW9uYWwgYXJndW1lbnQKK05PTkNF
IGlzIGlnbm9yZWQgZXZlbiBpZiBwcmVzZW50ZWQuCisKKwogVGhlIGFsaXN0IG9mIE1BQyBhbGdv
cml0aG1zIGNhbiBiZSBvYnRhaW5lZCB3aXRoIGBnbnV0bHMtbWFjcycuICBUaGUKIEhBU0gtTUVU
SE9EIG1heSBiZSBhIHN0cmluZyBvciBzeW1ib2wgbWF0Y2hpbmcgYSBrZXkgaW4gdGhhdCBhbGlz
dCwgb3IKIGEgcGxpc3Qgd2l0aCB0aGUgYDptYWMtYWxnb3JpdGhtLWlkJyBudW1lcmljIHByb3Bl
cnR5LCBvciB0aGUgbnVtYmVyCiBpdHNlbGYuICovKQotICAoTGlzcF9PYmplY3QgaGFzaF9tZXRo
b2QsIExpc3BfT2JqZWN0IGtleSwgTGlzcF9PYmplY3QgaW5wdXQpCisgIChMaXNwX09iamVjdCBo
YXNoX21ldGhvZCwgTGlzcF9PYmplY3Qga2V5LCBMaXNwX09iamVjdCBpbnB1dCwgTGlzcF9PYmpl
Y3Qgbm9uY2UpCiB7CiAgIGlmIChCVUZGRVJQIChpbnB1dCkgfHwgU1RSSU5HUCAoaW5wdXQpKQog
ICAgIGlucHV0ID0gbGlzdDEgKGlucHV0KTsKQEAgLTI4MTMsNiArMjgxOCwyMyBAQCBERUZVTiAo
ImdudXRscy1oYXNoLW1hYyIsIEZnbnV0bHNfaGFzaF9tYWMsIFNnbnV0bHNfaGFzaF9tYWMsIDMs
IDMsIDAsCiAgICAgZXJyb3IgKCJHbnVUTFMgTUFDICVzIGluaXRpYWxpemF0aW9uIGZhaWxlZDog
JXMiLAogCSAgIGdudXRsc19tYWNfZ2V0X25hbWUgKGdtYSksIGVtYWNzX2dudXRsc19zdHJlcnJv
ciAocmV0KSk7CiAKKyAgaWYgKCFOSUxQIChub25jZSkpCisgICAgeworICAgICAgaWYgKEJVRkZF
UlAgKG5vbmNlKSB8fCBTVFJJTkdQIChub25jZSkpCisgICAgICAgIG5vbmNlID0gbGlzdDEgKG5v
bmNlKTsKKworICAgICAgQ0hFQ0tfQ09OUyAobm9uY2UpOworCisgICAgICBwdHJkaWZmX3QgbnN0
YXJ0X2J5dGUsIG5lbmRfYnl0ZTsKKyAgICAgIGNvbnN0IGNoYXIgKm5kYXRhCisgICAgICAgID0g
ZXh0cmFjdF9kYXRhX2Zyb21fb2JqZWN0IChub25jZSwgJm5zdGFydF9ieXRlLCAmbmVuZF9ieXRl
KTsKKyAgICAgIGlmIChuZGF0YSA9PSBOVUxMKQorICAgICAgICBlcnJvciAoIkdudVRMUyBNQUMg
bm9uY2UgZXh0cmFjdGlvbiBmYWlsZWQiKTsKKworICAgICAgZ251dGxzX2htYWNfc2V0X25vbmNl
IChobWFjLAorCQkJICAgICBuZGF0YSArIG5zdGFydF9ieXRlLCBuZW5kX2J5dGUgLSBuc3RhcnRf
Ynl0ZSk7CisgICAgfQorCiAgIHB0cmRpZmZfdCBpc3RhcnRfYnl0ZSwgaWVuZF9ieXRlOwogICBj
b25zdCBjaGFyICppZGF0YQogICAgID0gZXh0cmFjdF9kYXRhX2Zyb21fb2JqZWN0IChpbnB1dCwg
JmlzdGFydF9ieXRlLCAmaWVuZF9ieXRlKTsK
--0000000000003dc7f10604db0e1f--