[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[sr #107932] Cannot initialise AES-256-PGP-CFB cipher support in GnuTLS
|
From: |
anonymous |
|
Subject: |
[sr #107932] Cannot initialise AES-256-PGP-CFB cipher support in GnuTLS 3 |
|
Date: |
Thu, 12 Jan 2012 17:22:52 +0000 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 |
URL:
<http://savannah.gnu.org/support/?107932>
Summary: Cannot initialise AES-256-PGP-CFB cipher support in
GnuTLS 3
Project: GnuTLS
Submitted by: None
Submitted on: Thu 12 Jan 2012 05:22:51 PM UTC
Category: None
Priority: 5 - Normal
Severity: 3 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Email: address@hidden
Open/Closed: Open
Discussion Lock: Any
Operating System: GNU/Linux
_______________________________________________________
Details:
Hullo,
I am having problems trying to initialise a cipher handle for AES-256-PGP-CFB
using GnuTLS 3.0.11 and keep getting an error string of "The request is
invalid" when calling gnutls_cipher_init. I'm aware that GnuTLS 3 has been
migrated away from gcrypt to nettle, so I went looking in the docs for nettle,
and found no mention of any support for ciphers in CFB mode. This led me to
dig further into the GnuTLS source to see if the CFB ciphers were actually
implemented.
As far as I can tell, there are two ways in which a cipher can be implemented:
either a specific accelerated implementation is registered using
*_cipher_register during global initialisation, or _gnutls_cipher_init falls
through to the "generic" cipher ops, which eventually falls through to
wrap_nettle_cipher_init in lib/nettle/cipher.c. The latter function doesn't
have cases to handle any of the *-PGP-CFB ciphers, so if I am correct, these
ciphers are completely unavailable in GnuTLS as I have compiled it.
Is this correct, and how should I go about using these ciphers with GnuTLS 3?
I am trying to drop my code's explicit dependency on gcrypt, since GnuTLS
itself no longer depends on it.
Note also that AES-256-PGP-CFB does appear in the output of
gnutls_cipher_list, but from looking at the code, that just iterates over the
list of defined ciphers - which does not guarantee an implementation exists
for any particular cipher in the list.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107932>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [sr #107932] Cannot initialise AES-256-PGP-CFB cipher support in GnuTLS 3,
anonymous <=