[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: libnettle/libhogweed WIP
From: |
Ted Zlatanov |
Subject: |
Re: libnettle/libhogweed WIP |
Date: |
Tue, 11 Apr 2017 16:05:16 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
I updated the branch scratch/tzz/nettle with comprehensive
tests. It now mirrors the low-level API in the GnuTLS crypto.h
functions, so there's no libnettle/libhogweed dependency. The API was
pretty different so I had to rewrite almost everything.
The tests show usage and exercise many edge cases (e.g. AEAD with a nil
auth string).
There are many things still missing but I have some notes following up
to Eli's previous comments and my own, and think it's good enough for
another review round. Just keep the following in mind.
* the AEAD ciphers "CHACHA20-POLY1305" "AES-128-CCM-8" "AES-256-CCM-8"
are not working yet.
* For AEAD, I pin to GnuTLS 3.4.0 instead of AC_CHECK_FUNCS_ONCE because
I couldn't get that autoconf macro to work!
* the ERT tests look at the environment variable `GNUTLS_TEST_VERBOSE=1'
to trigger verbose behavior. I'm not sure if there's a better way, and
would like verbosity control and maybe even per-test-tag output
settings (to make a specific type of test more verbose). It feels like
something ERT should provide.
* other TODO: add the PK algorithms
* bookkeeping TODO list before merge: doc strings, additions to the
manual and NEWS
* should I cache `gnutls-macs' and `gnutls-ciphers'? I'm not sure. It
seems unnecessary, these are very fast and produce small data structures.
* should I distinguish between an AEAD decryption failure (e.g. bad
auth) and a general error? Right now both return nil, but I could have
the decryption failure return 'fail.
* TODO from Eli: avoid allocating a scratch buffer and then copying its
data (inside make_unibyte_string) into a newly-allocated string.
Instead, use make_uninit_string.
* I believe all data is wiped at the C level by the GnuTLS API, but I
don't make special efforts at the Lisp level to wipe inputs, keys,
IVs, or auth strings. If you think it's worthwhile, let me know what's
a good way to do it (or point me to an example in the C code).
Thanks
Ted
- Re: libnettle/libhogweed WIP,
Ted Zlatanov <=
- Re: libnettle/libhogweed WIP, Ted Zlatanov, 2017/04/14
- Re: libnettle/libhogweed WIP, Eli Zaretskii, 2017/04/15
- Re: libnettle/libhogweed WIP, Ted Zlatanov, 2017/04/15
- Re: libnettle/libhogweed WIP, Eli Zaretskii, 2017/04/15
- Re: libnettle/libhogweed WIP, Ted Zlatanov, 2017/04/15
- Re: libnettle/libhogweed WIP, Eli Zaretskii, 2017/04/16
- Re: libnettle/libhogweed WIP, Eli Zaretskii, 2017/04/16
- Re: libnettle/libhogweed WIP, Ted Zlatanov, 2017/04/17
- Re: libnettle/libhogweed WIP, Eli Zaretskii, 2017/04/17
- Re: libnettle/libhogweed WIP, Ted Zlatanov, 2017/04/17