[Emacs-diffs] scratch/tzz/nettle d805ea6: WIP: GnuTLS: no need to wipe IV or AUTH

[Teodor Zlatanov]

branch: scratch/tzz/nettle
commit d805ea69f1f635639e90650cf7c4e64e92d72c00
Author: Ted Zlatanov <address@hidden>
Commit: Ted Zlatanov <address@hidden>

    WIP: GnuTLS: no need to wipe IV or AUTH
---
 src/gnutls.c                  | 13 ++-----------
 test/lisp/net/gnutls-tests.el | 22 ++++++++++++++++++----
 2 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/src/gnutls.c b/src/gnutls.c
index 496d268..79bf802 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1830,9 +1830,6 @@ gnutls_symmetric_aead (bool encrypting, 
gnutls_cipher_algorithm_t gca,
                                         storage, &storage_length);
     }
 
-  if (!NILP (aead_auth) && STRINGP (XCAR (aead_auth)))
-    Fclear_string (XCAR (aead_auth));
-
   if (ret < GNUTLS_E_SUCCESS)
     {
       memset (storage, 0, storage_length);
@@ -1977,8 +1974,6 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
                                aead_auth);
       if (STRINGP (XCAR (key)))
         Fclear_string (XCAR (key));
-      if (STRINGP (XCAR (iv)))
-        Fclear_string (XCAR (iv));
       return aead_output;
     }
 
@@ -2029,12 +2024,9 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
 
   if (STRINGP (XCAR (key)))
     Fclear_string (XCAR (key));
-  if (STRINGP (XCAR (iv)))
-    Fclear_string (XCAR (iv));
 
   if (ret < GNUTLS_E_SUCCESS)
     {
-      Fclear_string (storage);
       gnutls_cipher_deinit (hcipher);
       const char* str = gnutls_strerror (ret);
       if (!str)
@@ -2055,7 +2047,7 @@ DEFUN ("gnutls-symmetric-encrypt", 
Fgnutls_symmetric_encrypt, Sgnutls_symmetric_
 Returns nil on error.  INPUT, KEY, and IV can be strings or buffers or
 lists.
 
-IV, KEY, and AEAD_AUTH will be wiped by the function.
+KEY will be wiped by the function if it's a string.
 
 INPUT and KEY and IV and AEAD_AUTH can be a list in the format
 (BUFFER-OR-STRING START END CODING-SYSTEM NOERROR) and
@@ -2082,8 +2074,7 @@ strings. AEAD_AUTH may be a unibyte string or omitted 
(nil).
 Returns nil on error.  INPUT, KEY, and IV can be strings or buffers or
 lists.
 
-IV, KEY, and AEAD_AUTH will be wiped by the function if they are
-strings.
+KEY will be wiped by the function if it's a string.
 
 INPUT and KEY and IV and AEAD_AUTH can be a list in the format
 (BUFFER-OR-STRING START END CODING-SYSTEM NOERROR) and
diff --git a/test/lisp/net/gnutls-tests.el b/test/lisp/net/gnutls-tests.el
index dc1c85f..806a961 100644
--- a/test/lisp/net/gnutls-tests.el
+++ b/test/lisp/net/gnutls-tests.el
@@ -94,6 +94,20 @@
           (should (plist-get plist prop)))
         (should (eq 'gnutls-symmetric-cipher (plist-get plist :type)))))))
 
+;; (ert-deftest test-gnutls-000-data-extractions ()
+;;   "Test the GnuTLS data extractions against the built-in `secure-hash'."
+;;   (skip-unless (gnutls-available-p))
+;;   (setq gnutls-tests-message-prefix "data extraction: ")
+;;   (dolist (input (delete "" gnutls-tests-mondo-strings))
+;;     ;; Test buffer extraction
+;;     (with-temp-buffer
+;;       (insert input)
+;;       (dolist (range '((0 1)))
+;;         (let ((spec (append (list (current-buffer)) range)))
+;;           (should (gnutls-tests-hexstring-equal
+;;                    (gnutls-hash-digest 'MD5 spec)
+;;                    (secure-hash 'md5 spec nil nil t))))))))
+
 (ert-deftest test-gnutls-001-hashes-internal-digests ()
   "Test the GnuTLS hash digests against the built-in `secure-hash'."
   (skip-unless (gnutls-available-p))
@@ -198,8 +212,8 @@
                    (key (gnutls-tests-pad-or-trim key (plist-get cplist 
:cipher-keysize)))
                    (input (gnutls-tests-pad-to-multiple input (plist-get 
cplist :cipher-blocksize)))
                    (iv (gnutls-tests-pad-or-trim iv (plist-get cplist 
:cipher-ivsize)))
-                   (data (gnutls-symmetric-encrypt cplist (copy-sequence key) 
(copy-sequence iv) input))
-                   (reverse (gnutls-symmetric-decrypt cplist (copy-sequence 
key) (copy-sequence iv) data)))
+                   (data (gnutls-symmetric-encrypt cplist (copy-sequence key) 
iv input))
+                   (reverse (gnutls-symmetric-decrypt cplist (copy-sequence 
key) iv data)))
               (gnutls-tests-message "%s %S" cipher cplist)
               (gnutls-tests-message "key %S IV %S input %S => hexdata %S and 
reverse %S" key iv input (encode-hex-string data) reverse)
               (should-not (gnutls-tests-hexstring-equal input data))
@@ -234,8 +248,8 @@
                      (key (gnutls-tests-pad-or-trim key (plist-get cplist 
:cipher-keysize)))
                      (input (gnutls-tests-pad-to-multiple input (plist-get 
cplist :cipher-blocksize)))
                      (iv (gnutls-tests-pad-or-trim iv (plist-get cplist 
:cipher-ivsize)))
-                     (data (gnutls-symmetric-encrypt cplist (copy-sequence 
key) (copy-sequence iv) input (copy-sequence auth)))
-                     (reverse (gnutls-symmetric-decrypt cplist (copy-sequence 
key) (copy-sequence iv) data (copy-sequence auth))))
+                     (data (gnutls-symmetric-encrypt cplist (copy-sequence 
key) iv input (copy-sequence auth)))
+                     (reverse (gnutls-symmetric-decrypt cplist (copy-sequence 
key) iv data auth)))
                 (gnutls-tests-message "%s %S" cipher cplist)
                 (gnutls-tests-message "key %S IV %S input %S auth %S => 
hexdata %S and reverse %S" key iv input auth (encode-hex-string data) reverse)
                 (should-not (gnutls-tests-hexstring-equal input data))