From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: libnettle/libhogweed WIP Date: Sat, 15 Apr 2017 10:27:33 -0400 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87d1cdwxt6.fsf@lifelogs.com> References: <83a89gq3us.fsf@gnu.org> <87bmtjiv0w.fsf_-_@lifelogs.com> <83o9xjn06c.fsf@gnu.org> <87shmeb5ln.fsf_-_@lifelogs.com> <83y3w5z1ez.fsf@gnu.org> <87lgr6yakj.fsf@lifelogs.com> <87wpamww9k.fsf@lifelogs.com> <8337daggnj.fsf@gnu.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1492266517 15448 195.159.176.226 (15 Apr 2017 14:28:37 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 15 Apr 2017 14:28:37 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Apr 15 16:28:34 2017 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1czOgh-0003rQ-Rp for ged-emacs-devel@m.gmane.org; Sat, 15 Apr 2017 16:28:32 +0200 Original-Received: from localhost ([::1]:56994 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1czOgn-0007Lz-LC for ged-emacs-devel@m.gmane.org; Sat, 15 Apr 2017 10:28:37 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:37074) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1czOfz-0007Lr-25 for emacs-devel@gnu.org; Sat, 15 Apr 2017 10:27:48 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1czOfv-0000Fu-TQ for emacs-devel@gnu.org; Sat, 15 Apr 2017 10:27:47 -0400 Original-Received: from [195.159.176.226] (port=34755 helo=blaine.gmane.org) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1czOfv-0000FA-MO for emacs-devel@gnu.org; Sat, 15 Apr 2017 10:27:43 -0400 Original-Received: from list by blaine.gmane.org with local (Exim 4.84_2) (envelope-from ) id 1czOfm-0002ig-Ib for emacs-devel@gnu.org; Sat, 15 Apr 2017 16:27:34 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 92 Original-X-Complaints-To: usenet@blaine.gmane.org X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Cancel-Lock: sha1:TBOk5i4RO+05ITOK6yh9QxaIH1c= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 195.159.176.226 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:213974 Archived-At: On Sat, 15 Apr 2017 12:32:32 +0300 Eli Zaretskii wrote: >> From: Ted Zlatanov >> Date: Fri, 14 Apr 2017 16:48:39 -0400 >> TZ> * TODO from Eli: avoid allocating a scratch buffer and then copying its TZ> data (inside make_unibyte_string) into a newly-allocated string. TZ> Instead, use make_uninit_string. >> >> I've done this as much as possible. For AEAD output, I'm not sure how to >> set the length of an already-allocated string; I didn't want to modify >> `s.size' directly. I didn't see a function or macro to do it. This is >> needed for gnutls_symmetric_aead(). EZ> I'm not sure I understand what you say here. In particular, I see no EZ> s.size in gnutls_symmetric_aead. What did I miss? EZ> I do see some issues in gnutls_symmetric_aead with how you create Lisp EZ> strings. You first correctly call make_uninit_string, which gives you EZ> a unibyte string with no contents. Then you populate that string's EZ> data by calling gnutls_aead_cipher_encrypt resp. decrypt functions. EZ> But then you call make_unibyte_string with the resulting data, which EZ> is redundant: you already have the unibyte string with the correct EZ> data in the 'storage' variable. So you should just return 'storage', EZ> like you do in, e.g., gnutls_symmetric. These two comments are related: for example, the decryption with CAMELLIA-256-GCM produces less bytes of output that the input. But I don't want to try to anticipate that byte count--it complicates the code needlessly. So instead I want to cut the Lisp string `storage' to `storage_length' bytes after gnutls_aead_cipher_{encrypt,decrypt}() modifies `storage_length'. I can't find a macro or function to do it, so I used make_unibyte_string() for now and am asking how to do it better. EZ> I see your methods are still strings, whereas I suggested making them EZ> symbols. Any reasons why you didn't? Forgot :) Done now. EZ> A minor nit: in doc strings, please always leave 2 spaces between EZ> sentences, not 1. That was the auto reformat. Fixed, thanks. EZ> Only data structures defined via DEFVAR are accessible to Lisp, so EZ> keeping the data in C and providing accessors for Lisp programs will EZ> achieve the result, I think. The accessor could wipe the data after N EZ> accesses. OK, I'll work on that later. >> 2) Could there be a built-in C way to let C core functions take strings, >> but callers can invoke them with '(buffer-string) to tell *the core >> function* to call that form. In other words, I want the eval to be done >> at the C level, so that looking at the call tree won't reveal the actual >> string that was passed to the function. I think that would simplify my >> code and other C code too. I can probably fake it with eval()? WDYT? EZ> Why not simply pass nil as the input, with the meaning that it stands EZ> for the current buffer's text? Or, better yet, pass START and END to EZ> allow a substring of current buffer's text. We do that in a lot of EZ> places (for different reasons, of course). EZ> IOW, I see no reason to involve the Lisp interpreter for this job. Am EZ> I missing something? We're assuming that there's only three ways to pass data to the function, and they can all be expressed in the parameters instead of code: buffer-string, buffer-substring, and direct string. I think there may be other use cases, but maybe I'm wrong? Streaming data, event handlers, and coding system adjustments maybe? This is not standardized for core C functions AFAIK; I don't want to rewrite the first 150 lines of secure_hash() and extend them when I need to support more ways to pass data. So I think this should be provided by the core somehow, in a way that can be reused. I thought of the following possibilities: a) Could the core C functions use the `interactive' spec? That may be the best way, but I don't know of any core C functions that use it. b) Another way is to write a special core C function to interpret these special parameters and give back text. I could start writing this function with the first 150 lines of secure_hash() and then try to standardize the parameters. c) my earlier idea, to eval a form in the core C function, but that's slow and awkward. It *could* be a little better for performance, if the C function doesn't call the form when it's not needed. And it's very flexible. Ted