On Tue, Feb 9, 2021 at 3:07 PM Niels Möller wrote:
>
> ni...@lysator.liu.se (Niels Möller) writes:
>
> > I would guess that means that we got 209 bytes, including the 16-byte
> > poly1305 authentication tag. Message size is then 209 - 16 = 193 bytes.
> > If the first byte is a TLS packet type, the
ni...@lysator.liu.se (Niels Möller) writes:
> I would guess that means that we got 209 bytes, including the 16-byte
> poly1305 authentication tag. Message size is then 209 - 16 = 193 bytes.
> If the first byte is a TLS packet type, the "length: 192" in the next to
> last line makes sense if the pa
Andreas Metzler writes:
> Afaict from
> https://gitlab.com/gnutls/gnutls/-/blob/master/lib/nettle/cipher.c#L815
> it does use chacha_poly1305_encrypt/decrypt/update/digest/set_key/set_nonce.
I see. (But closer to line 857). I wonder what the precise message size
was. Log says
server|<5>| REC[0x
On 2021-02-09 Niels Möller wrote:
> Andreas Metzler writes:
> > I have bisected this[1] in nettle git and found
> >
> > 58a0301437e9beb23130423ff1063a67b6f2b43b
> > ppc: New assembly for chacha_core4, doing four blocks in parallel.
> This is indeed new code in nettle-3.7, and particularly suspe
Andreas Metzler writes:
> I have bisected this[1] in nettle git and found
>
> 58a0301437e9beb23130423ff1063a67b6f2b43b
> ppc: New assembly for chacha_core4, doing four blocks in parallel.
This is indeed new code in nettle-3.7, and particularly suspect since
the test fails only on ppc. Do you kno
On 2021-02-09 Andreas Metzler wrote:
> Hello,
> Upgrading nettle from 3.6 to 3.7 triggers a GnuTLS 3.7.0 testsuite
> error on both ppc64 and ppc64el:
> (sid_ppc64el-dchroot)ametzler@plummer:~/GNUTLS/gnutls28-3.7.0/b4deb/tests$
> ./min
[...]
> testing chacha20-poly1305
> testing tls13-chacha20-p