Skip to content

Introduce CKF_MULTI_MESSAGE flag #190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 27, 2025
Merged

Introduce CKF_MULTI_MESSAGE flag #190

merged 1 commit into from
Mar 27, 2025

Conversation

@Jakuje
Copy link
Contributor

@Jakuje Jakuje commented Mar 26, 2025
edited by simo5
Loading

Description

Fixes: #170

If you think some more tests will be needed, please let me know. I think we support this only for AES-GCM/CCM for now.

Checklist

  • [ ] Test suite updated with functionality tests
  • [ ] Test suite updated with negative tests
  • [ ] Documentation was updated
  • [ ] This is not a code change

Reviewer's checklist:

  • Any issues marked for closing are fully addressed
  • There is a test suite reasonably covering new functionality or modifications
  • This feature/change has adequate documentation added
  • A changelog entry is added if the change is significant
  • Code conform to coding style that today cannot yet be enforced via the check style test
  • Commits have short titles and sensible text

@simo5
Copy link
Member

simo5 commented Mar 26, 2025

Should we add a test that ensure this works as expected ?
Ie the GCM mechanism has the flag set and trying to use the Message function with another cipher fails because of lack of the flag ?

@Jakuje
Copy link
Contributor Author

Jakuje commented Mar 27, 2025

Should we add a test that ensure this works as expected ? Ie the GCM mechanism has the flag set and trying to use the Message function with another cipher fails because of lack of the flag ?

I was thinking what would be a usable tests, but for now only AES-GCM and AES-CCM works with the message API and both of them have the MULTI_MESSAGE flag. So the only thing I can test is to call init with mechanism that does not have message API (AES-CRT). But this fails already at fn_message_encrypt_init() on the missing CKF_MESSAGE_ENCRYPT flag. Do you have some other test in you mind that could excercise this code path? Or do you know from top of you head if there is some mechanism that does not support the MULTI_MESSAGE that we can implement/wire for the test?

@simo5
Copy link
Member

simo5 commented Mar 27, 2025

Should we add a test that ensure this works as expected ? Ie the GCM mechanism has the flag set and trying to use the Message function with another cipher fails because of lack of the flag ?

I was thinking what would be a usable tests, but for now only AES-GCM and AES-CCM works with the message API and both of them have the MULTI_MESSAGE flag. So the only thing I can test is to call init with mechanism that does not have message API (AES-CRT). But this fails already at fn_message_encrypt_init() on the missing CKF_MESSAGE_ENCRYPT flag. Do you have some other test in you mind that could excercise this code path? Or do you know from top of you head if there is some mechanism that does not support the MULTI_MESSAGE that we can implement/wire for the test?

Uhmmm I had not considered that ... indeed it seem like we do not have a way to test this in a meannigful way.
In that case I'll just merge and we'll add a test, if we figure out how, in the future.

@simo5 simo5 merged commit 6ca7b2e into latchset:main Mar 27, 2025
24 of 26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simo5 simo5 simo5 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CKF_MULTI_MESSAGE is not set on any mechanism

2 participants

@Jakuje @simo5