From unknown Fri Aug 15 03:56:49 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#60693 <60693@debbugs.gnu.org>
To: bug#60693 <60693@debbugs.gnu.org>
Subject: Status: 30.0.50; gnutls-symmetric-encrypt/decrypt in GCM mode
 requires plaintext/ciphertext size to be multiple of 16
Reply-To: bug#60693 <60693@debbugs.gnu.org>
Date: Fri, 15 Aug 2025 10:56:49 +0000

retitle 60693 30.0.50; gnutls-symmetric-encrypt/decrypt in GCM mode require=
s plaintext/ciphertext size to be multiple of 16
reassign 60693 emacs
submitter 60693 J=C3=BCrgen H=C3=B6tzel <juergen@hoetzel.info>
severity 60693 normal

thanks


From debbugs-submit-bounces@debbugs.gnu.org Mon Jan 09 13:07:12 2023
Received: (at submit) by debbugs.gnu.org; 9 Jan 2023 18:07:12 +0000
Received: from localhost ([127.0.0.1]:38125 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pEwYB-00053G-Pe
	for submit@debbugs.gnu.org; Mon, 09 Jan 2023 13:07:12 -0500
Received: from lists.gnu.org ([209.51.188.17]:39984)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <juergen@hoetzel.info>) id 1pEwY9-000537-BD
 for submit@debbugs.gnu.org; Mon, 09 Jan 2023 13:07:10 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <juergen@hoetzel.info>)
 id 1pEwY9-00044c-5y
 for bug-gnu-emacs@gnu.org; Mon, 09 Jan 2023 13:07:09 -0500
Received: from mout-p-102.mailbox.org ([2001:67c:2050:0:465::102])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <juergen@hoetzel.info>)
 id 1pEwY5-00044z-Rc
 for bug-gnu-emacs@gnu.org; Mon, 09 Jan 2023 13:07:08 -0500
Received: from smtp102.mailbox.org (smtp102.mailbox.org
 [IPv6:2001:67c:2050:b231:465::102])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest
 SHA256) (No client certificate requested)
 by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4NrMN22RSbz9sS1
 for <bug-gnu-emacs@gnu.org>; Mon,  9 Jan 2023 19:06:58 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hoetzel.info;
 s=MBO0001; t=1673287618;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=3PX1iHjCMI6j5en7fibIV20XkU7yTWzkQfmkZ8K31O0=;
 b=RaAueN7Vg/pQASDunTyvpgU8WGnDdDBtLs1GGEzt/iSMexHeX+chFV/f6qwy0rdCt3ydsL
 VUqx7XG/qfQ5wYPwjNBCxlHV69iGnz7V1HeYSfofgkAJCXt+7GiiXxF3dlkEz73MBGzMkZ
 la4RsG93F7SfK4avb0d/I86EQXuTmkcuxc5RU6eEUKVZdUV5es6Mr0WM8Y7QJWkrYRMG1v
 zK69rYP9Nj0/+NxVVxRcNH66HpqGZuYA5DWwqFeoIu6v5g9rQgzN7aCRmPwMYqOI8dixh6
 zTR4d55URamclN4S+1IPlVcpV8/apFpWLkV4kkxhjq6BMi4hLc8teNZ0CKWszg==
From: =?utf-8?Q?J=C3=BCrgen_H=C3=B6tzel?= <juergen@hoetzel.info>
To: bug-gnu-emacs@gnu.org
Subject: 30.0.50; gnutls-symmetric-encrypt/decrypt in GCM mode requires
 plaintext/ciphertext size to be multiple of 16
Date: Mon, 09 Jan 2023 19:06:52 +0100
Message-ID: <87fscjpooz.fsf@hoetzel.info>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: 4NrMN22RSbz9sS1
Received-SPF: pass client-ip=2001:67c:2050:0:465::102;
 envelope-from=juergen@hoetzel.info; helo=mout-p-102.mailbox.org
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.6 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.6 (--)

(gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
"hello")

results in:

(error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
not 0 greater than a multiple of the required 16")


GCM doesn't require any padding of the plaintext before it is used, so this=
 is
IMO an invalid assumption. Evaluating


The corresponding C code using GnuTLS works as expected:

#include <gnutls/crypto.h>
#include <gnutls/gnutls.h>
#include <stdio.h>

int main(int argc, char *argv[]) {
  gnutls_datum_t key =3D {.data =3D (unsigned char *)"0123456789ABCDEF", .s=
ize =3D 16};
  char iv[12] =3D "0123456789AB";
  char plaintext[5] =3D "hello";
  int tlserr;
  gnutls_session_t session;
  gnutls_aead_cipher_hd_t hd;
  if ((tlserr =3D gnutls_init(&session, 0) !=3D GNUTLS_E_SUCCESS)) {
  };

  if (gnutls_aead_cipher_init(&hd, GNUTLS_CIPHER_AES_128_GCM, &key) < 0) {
    fprintf(stderr, "gnutls_cipher_init failed: %s", gnutls_strerror(tlserr=
));
    goto cleanup;
  }
  char ctext[5 + 16]; /* plaintext + tagsize */
  size_t ctext_len =3D 5 + 16;
  if ((tlserr =3D gnutls_aead_cipher_encrypt(hd, iv, sizeof(iv), NULL, 0, 1=
6, plaintext, 5, ctext, &ctext_len)) < 0) {
    fprintf(stderr, "gnutls_aead_cipher_decrypt failed: %s\n", gnutls_strer=
ror(tlserr));
    goto cleanup;
  }
  fwrite(ctext, 1, ctext_len, stdout);
cleanup:
  gnutls_deinit(session);
  return tlserr;
}

Best regards,

J=C3=BCrgen

GnuTLS-Version used: gnutls 3.7.8-4

In GNU Emacs 30.0.50 (build 1, x86_64-pc-linux-gnu, GTK+ Version
 3.24.35, cairo version 1.17.6) of 2023-01-08 built on herakles
Repository revision: 0be40fbe43c4e409a417b12d2919ca64326e0281
Repository branch: master
System Description: Arch Linux

Configured using:
 'configure --prefix /home/juergen/emacs/emacs-master 'CFLAGS=3D-g -O0''

Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
JSON LCMS2 LIBOTF LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY INOTIFY
PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS
WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB

Important settings:
  value of $LANG: de_DE.utf8
  locale-coding-system: utf-8-unix

Major mode: ELisp/l

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  eldoc-mode: t
  show-paren-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  line-number-mode: t
  indent-tabs-mode: t
  transient-mark-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t

Load-path shadows:
None found.

Features:
(shadow sort mail-extr emacsbug message mailcap yank-media rfc822 mml
mml-sec password-cache epa derived epg rfc6068 epg-config gnus-util
text-property-search time-date subr-x mm-decode mm-bodies mm-encode
mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail rfc2047
rfc2045 ietf-drums mm-util mail-prsvr mail-utils help-fns radix-tree
cl-print debug backtrace help-mode find-func gnutls puny dired-aux
cl-loaddefs cl-lib dired dired-loaddefs term/xterm xterm byte-opt gv
bytecomp byte-compile rmc iso-transl tooltip cconv eldoc paren electric
uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel
term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu
timer select scroll-bar mouse jit-lock font-lock syntax font-core
term/tty-colors frame minibuffer nadvice seq simple cl-generic
indonesian philippine cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
composite emoji-zwj charscript charprop case-table epa-hook
jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs
theme-loaddefs faces cus-face macroexp files window text-properties
overlay sha1 md5 base64 format env code-pages mule custom widget keymap
hashtable-print-readable backquote threads dbusbind inotify lcms2
dynamic-setting system-font-setting font-render-setting cairo
move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process
emacs)

Memory information:
((conses 16 55112 8296)
 (symbols 48 6511 0)
 (strings 32 17575 2110)
 (string-bytes 1 510603)
 (vectors 16 9803)
 (vector-slots 8 119382 8254)
 (floats 8 27 295)
 (intervals 56 752 35)
 (buffers 976 16))




From debbugs-submit-bounces@debbugs.gnu.org Mon Jan 09 15:19:04 2023
Received: (at 60693-done) by debbugs.gnu.org; 9 Jan 2023 20:19:04 +0000
Received: from localhost ([127.0.0.1]:38281 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pEybo-0000LZ-3z
	for submit@debbugs.gnu.org; Mon, 09 Jan 2023 15:19:04 -0500
Received: from eggs.gnu.org ([209.51.188.92]:51346)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1pEybn-0000L5-6T
 for 60693-done@debbugs.gnu.org; Mon, 09 Jan 2023 15:19:03 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@gnu.org>)
 id 1pEybg-00051W-KD; Mon, 09 Jan 2023 15:18:56 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From:
 Date; bh=PLd0sLPXNb9i6nY7LvYeju0pZaUbsqmvygTUZf5ZP70=; b=myq0Vg9igbnfVwblhgpS
 LZxuJEtWseLfb2maUgRVSvWTwcAWzs1034ZCbWsBcSx9zmPwHm4kYc1fTAlV+IaR3sqsm3rtuNGWo
 Px4srd1bnREpFQ1BRKa3I2VQ6UDzXlXVp76uSNkq4CIcSoEJyHyO7oHcq+tYieJe2kfsbvYOgHEmc
 szoPjtK5YD2tUgordzMnW+ZL43anQHVzDWd7ME3eFFg3wlfiIkzj5j3u8lL5qBWqanQpnsGcnPfV6
 chS0VnNajlQ75JzyB3V/1XPVv7L9JYKDEridNoF2NJYqhGn79kGw8SEsifNOo8z8PYQOrhQcpek9n
 X2IAyL+HgKMFtw==;
Received: from [87.69.77.57] (helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@gnu.org>)
 id 1pEybf-00005z-Cj; Mon, 09 Jan 2023 15:18:56 -0500
Date: Mon, 09 Jan 2023 22:19:21 +0200
Message-Id: <83sfgjo3zq.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: =?utf-8?Q?J=C3=BCrgen_H=C3=B6tzel?= <juergen@hoetzel.info>
In-Reply-To: <87fscjpooz.fsf@hoetzel.info> (message from =?utf-8?Q?J=C3=BC?=
 =?utf-8?Q?rgen_H=C3=B6tzel?= on Mon, 09 Jan 2023 19:06:52 +0100)
Subject: Re: bug#60693: 30.0.50;
 gnutls-symmetric-encrypt/decrypt in GCM mode requires
 plaintext/ciphertext size to be multiple of 16
References: <87fscjpooz.fsf@hoetzel.info>
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 60693-done
Cc: 60693-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

> From: Jürgen Hötzel <juergen@hoetzel.info>
> Date: Mon, 09 Jan 2023 19:06:52 +0100
> 
> (gnutls-symmetric-encrypt 'AES-128-GCM "0123456789ABCDEF" "0123456789AB"
> "hello")
> 
> results in:
> 
> (error "GnuTLS AEAD cipher AES-128-GCM/encrypt input block length 5 is
> not 0 greater than a multiple of the required 16")
> 
> 
> GCM doesn't require any padding of the plaintext before it is used, so this is
> IMO an invalid assumption. Evaluating

OK, thanks.  I disabled the check on the master branch, and closing
the bug.




From unknown Fri Aug 15 03:56:49 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Tue, 07 Feb 2023 12:24:11 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator