* gnutls-symmetric-encrypt/decrypt in GCM mode requires plaintext/ciphertext size to be multiple of 16
@ 2023-01-08 16:03 Jürgen Hötzel
2023-01-08 16:25 ` Eli Zaretskii
0 siblings, 1 reply; 2+ messages in thread
From: Jürgen Hötzel @ 2023-01-08 16:03 UTC (permalink / raw)
To: emacs-devel
Hi,
GCM doesn't require any padding of the plaintext before it used, so this is
IMO an invalid assumption. Evaluating
(gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
"hello")
results in:
(error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
not 0 greater than a multiple of the required 16")
whereas the corresponding C code using GnuTLS works as expected:
#include <gnutls/crypto.h>
#include <gnutls/gnutls.h>
#include <stdio.h>
int main(int argc, char *argv[]) {
gnutls_datum_t key = {.data = (unsigned char *)"0123456789ABCDEF", .size = 16};
char iv[12] = "0123456789AB";
char plaintext[5] = "hello";
int tlserr;
gnutls_session_t session;
gnutls_aead_cipher_hd_t hd;
if ((tlserr = gnutls_init(&session, 0) != GNUTLS_E_SUCCESS)) {
};
if (gnutls_aead_cipher_init(&hd, GNUTLS_CIPHER_AES_128_GCM, &key) < 0) {
fprintf(stderr, "gnutls_cipher_init failed: %s", gnutls_strerror(tlserr));
goto cleanup;
}
char ctext[5 + 16]; /* plaintext + tagsize */
size_t ctext_len = 5 + 16;
if ((tlserr = gnutls_aead_cipher_encrypt(hd, iv, sizeof(iv), NULL, 0, 16, plaintext, 5, ctext, &ctext_len)) < 0) {
fprintf(stderr, "gnutls_aead_cipher_decrypt failed: %s\n", gnutls_strerror(tlserr));
goto cleanup;
}
fwrite(ctext, 1, ctext_len, stdout);
cleanup:
gnutls_deinit(session);
return tlserr;
}
Best regards,
Jürgen
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: gnutls-symmetric-encrypt/decrypt in GCM mode requires plaintext/ciphertext size to be multiple of 16
2023-01-08 16:03 gnutls-symmetric-encrypt/decrypt in GCM mode requires plaintext/ciphertext size to be multiple of 16 Jürgen Hötzel
@ 2023-01-08 16:25 ` Eli Zaretskii
0 siblings, 0 replies; 2+ messages in thread
From: Eli Zaretskii @ 2023-01-08 16:25 UTC (permalink / raw)
To: Jürgen Hötzel; +Cc: emacs-devel
> From: Jürgen Hötzel <juergen@hoetzel.info>
> Date: Sun, 08 Jan 2023 17:03:48 +0100
>
> GCM doesn't require any padding of the plaintext before it used, so this is
> IMO an invalid assumption. Evaluating
>
> (gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
> "hello")
>
> results in:
>
> (error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
> not 0 greater than a multiple of the required 16")
>
> whereas the corresponding C code using GnuTLS works as expected:
Please report this using "M-x report-emacs-bug RET", and please
include with the report the version of the GnuTLS library you are
using.
Thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-01-08 16:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-08 16:03 gnutls-symmetric-encrypt/decrypt in GCM mode requires plaintext/ciphertext size to be multiple of 16 Jürgen Hötzel
2023-01-08 16:25 ` Eli Zaretskii
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).