botan icon indicating copy to clipboard operation
botan copied to clipboard
verified publisher icon randombit

FIX: Better scaling for botan_cipher_get_update_granularity()

Open reneme opened this issue 1 year ago • 1 comments

This is an alternative suggestion to address #4090. Essentially, it keeps the constraint that botan_cipher_get_update_granularity() should always return a size greater than the minimal_final_size() of the underlying cipher mode. But, it tries to produce more sensible outputs that actually honor the documented behavior ("ideal granularity" being a multiple of this).

To the best of my understanding, this is needed to handle the authentication tag of AEADs without special treatment of the final API buffer. But frankly, I don't fully understand the (historic) reasoning about it.

With the changes that came in #3951 this extra complexity is not needed anymore. At the expense of users handling the BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE error code properly. Therefore, I strongly suggest we implement the (vaguely) API changing suggestion of #4094 in the next major release. (How do we ensure that this won't be forgotten?)

Closes #4090.

reneme avatar Jun 13 '24 16:06 reneme

Coverage Status

coverage: 91.777% (-0.001%) from 91.778% when pulling a0d4d364d42d94694706b39fab14d5523d621ac0 on Rohde-Schwarz:fix/update_granularity_scaled into f02c6027b19f3e992796c157a474720ed3bcf82a on randombit:master.

coveralls avatar Jun 13 '24 17:06 coveralls

But frankly, I don't fully understand the (historic) reasoning about it.

You know we are kind of in the same boat on that one. But it is how the this interface has behaved in the past. And generally I put a much higher standard on dont-change-behavior for FFI vs everything else. For one because the FFI is our long lived API and ABI compatible interface. Whereas we happily break ABI for the C++ with every release, it's quite possible for the same Python script to link to and run against anything between Botan 2.0.0 and Botan 3.4.0 with no changes to the source and no change in behavior.

randombit avatar Jul 03 '24 12:07 randombit

How do we ensure that this won't be forgotten?

I've been thinking about starting a doc with "checklist of things to not forget in 3->4", we can put it there. Might work on this over the weekend.

randombit avatar Jul 03 '24 13:07 randombit

For one because the FFI is our long lived API and ABI compatible interface.

Understood. Makes a lot of sense to be careful with this then. Hyrum's law strikes again.

reneme avatar Jul 04 '24 13:07 reneme