GNU bug report logs - #60693
30.0.50; gnutls-symmetric-encrypt/decrypt in GCM mode requires plaintext/ciphertext size to be multiple of 16

Previous Next

Package: emacs;

Reported by: Jürgen Hötzel <juergen <at> hoetzel.info>

Date: Mon, 9 Jan 2023 18:08:01 UTC

Severity: normal

Found in version 30.0.50

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 60693 in the body.
You can then email your comments to 60693 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#60693; Package emacs. (Mon, 09 Jan 2023 18:08:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Jürgen Hötzel <juergen <at> hoetzel.info>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Mon, 09 Jan 2023 18:08:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jürgen Hötzel <juergen <at> hoetzel.info>
To: bug-gnu-emacs <at> gnu.org
Subject: 30.0.50; gnutls-symmetric-encrypt/decrypt in GCM mode requires
 plaintext/ciphertext size to be multiple of 16
Date: Mon, 09 Jan 2023 19:06:52 +0100

(gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
"hello")

results in:

(error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
not 0 greater than a multiple of the required 16")


GCM doesn't require any padding of the plaintext before it is used, so this is
IMO an invalid assumption. Evaluating


The corresponding C code using GnuTLS works as expected:

#include <gnutls/crypto.h>
#include <gnutls/gnutls.h>
#include <stdio.h>

int main(int argc, char *argv[]) {
  gnutls_datum_t key = {.data = (unsigned char *)"0123456789ABCDEF", .size = 16};
  char iv[12] = "0123456789AB";
  char plaintext[5] = "hello";
  int tlserr;
  gnutls_session_t session;
  gnutls_aead_cipher_hd_t hd;
  if ((tlserr = gnutls_init(&session, 0) != GNUTLS_E_SUCCESS)) {
  };

  if (gnutls_aead_cipher_init(&hd, GNUTLS_CIPHER_AES_128_GCM, &key) < 0) {
    fprintf(stderr, "gnutls_cipher_init failed: %s", gnutls_strerror(tlserr));
    goto cleanup;
  }
  char ctext[5 + 16]; /* plaintext + tagsize */
  size_t ctext_len = 5 + 16;
  if ((tlserr = gnutls_aead_cipher_encrypt(hd, iv, sizeof(iv), NULL, 0, 16, plaintext, 5, ctext, &ctext_len)) < 0) {
    fprintf(stderr, "gnutls_aead_cipher_decrypt failed: %s\n", gnutls_strerror(tlserr));
    goto cleanup;
  }
  fwrite(ctext, 1, ctext_len, stdout);
cleanup:
  gnutls_deinit(session);
  return tlserr;
}

Best regards,

Jürgen

GnuTLS-Version used: gnutls 3.7.8-4

In GNU Emacs 30.0.50 (build 1, x86_64-pc-linux-gnu, GTK+ Version
 3.24.35, cairo version 1.17.6) of 2023-01-08 built on herakles
Repository revision: 0be40fbe43c4e409a417b12d2919ca64326e0281
Repository branch: master
System Description: Arch Linux

Configured using:
 'configure --prefix /home/juergen/emacs/emacs-master 'CFLAGS=-g -O0''

Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
JSON LCMS2 LIBOTF LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY INOTIFY
PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS
WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB

Important settings:
  value of $LANG: de_DE.utf8
  locale-coding-system: utf-8-unix

Major mode: ELisp/l

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  eldoc-mode: t
  show-paren-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  line-number-mode: t
  indent-tabs-mode: t
  transient-mark-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t

Load-path shadows:
None found.

Features:
(shadow sort mail-extr emacsbug message mailcap yank-media rfc822 mml
mml-sec password-cache epa derived epg rfc6068 epg-config gnus-util
text-property-search time-date subr-x mm-decode mm-bodies mm-encode
mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail rfc2047
rfc2045 ietf-drums mm-util mail-prsvr mail-utils help-fns radix-tree
cl-print debug backtrace help-mode find-func gnutls puny dired-aux
cl-loaddefs cl-lib dired dired-loaddefs term/xterm xterm byte-opt gv
bytecomp byte-compile rmc iso-transl tooltip cconv eldoc paren electric
uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel
term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu
timer select scroll-bar mouse jit-lock font-lock syntax font-core
term/tty-colors frame minibuffer nadvice seq simple cl-generic
indonesian philippine cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
composite emoji-zwj charscript charprop case-table epa-hook
jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs
theme-loaddefs faces cus-face macroexp files window text-properties
overlay sha1 md5 base64 format env code-pages mule custom widget keymap
hashtable-print-readable backquote threads dbusbind inotify lcms2
dynamic-setting system-font-setting font-render-setting cairo
move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process
emacs)

Memory information:
((conses 16 55112 8296)
 (symbols 48 6511 0)
 (strings 32 17575 2110)
 (string-bytes 1 510603)
 (vectors 16 9803)
 (vector-slots 8 119382 8254)
 (floats 8 27 295)
 (intervals 56 752 35)
 (buffers 976 16))
Reply sent to Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility. (Mon, 09 Jan 2023 20:20:01 GMT) Full text and rfc822 format available.
Notification sent to Jürgen Hötzel <juergen <at> hoetzel.info>:
bug acknowledged by developer. (Mon, 09 Jan 2023 20:20:02 GMT) Full text and rfc822 format available.

Message #10 received at 60693-done <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Jürgen Hötzel <juergen <at> hoetzel.info>
Cc: 60693-done <at> debbugs.gnu.org
Subject: Re: bug#60693: 30.0.50;
 gnutls-symmetric-encrypt/decrypt in GCM mode requires
 plaintext/ciphertext size to be multiple of 16
Date: Mon, 09 Jan 2023 22:19:21 +0200

> From: Jürgen Hötzel <juergen <at> hoetzel.info>
> Date: Mon, 09 Jan 2023 19:06:52 +0100
> 
> (gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
> "hello")
> 
> results in:
> 
> (error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
> not 0 greater than a multiple of the required 16")
> 
> 
> GCM doesn't require any padding of the plaintext before it is used, so this is
> IMO an invalid assumption. Evaluating

OK, thanks.  I disabled the check on the master branch, and closing
the bug.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Tue, 07 Feb 2023 12:24:11 GMT) Full text and rfc822 format available.
This bug report was last modified 2 years and 186 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.