[Bug 1707172] Re: AES256-GCM emits all-zeros ciphertext on aarch64 with hardware acceleration

Launchpad Bug Tracker 1707172 at bugs.launchpad.net
Mon Sep 18 10:20:42 UTC 2017 

This bug was fixed in the package gnutls28 - 3.5.6-4ubuntu4.3

---------------
gnutls28 (3.5.6-4ubuntu4.3) zesty; urgency=medium

  * Cherry pick several fixes from Debian 3.5.8-5+deb9u3:
    - 38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch
      38_02-OCSP-find_signercert-improved-DER-length-calculation.patch from
      gnutls 3.5.14: Fix OCSP verification errors, especially with ecdsa
      signatures. LP: #1714506
    - 37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch from
      upstream 3.5.x branch: Fix breakage if AES-GCM in-place encryption and
      decryption on aarch64. LP: #1707172

 -- Julian Andres Klode <juliank at ubuntu.com>  Sat, 02 Sep 2017 16:12:49
+0200

** Changed in: gnutls28 (Ubuntu Zesty)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1707172

Title:
  AES256-GCM emits all-zeros ciphertext on aarch64 with hardware
  acceleration

Status in gnutls28 package in Ubuntu:
  Fix Released
Status in gnutls28 source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  AES256-GCM ciphertext is all zero on arm64 with hardware acceleration, breaking gnome-terminal and xfce4-terminal which use encrypted scrollback buffers.

  [Test case]
  Compile the program from https://gitlab.com/gnutls/gnutls/issues/204 and make sure the cipher text is not all zeros when running it on an aarch64 machine w/ HW accel.

  [Regression potential]
  Code change is limited to AES256-GCM w/ HW accel on aarch64, so that's the only thing that could possibly break. But given that it's broken already, it does not seem to be a big issue even if it breaks otherwise.

  [Other info]
  Original report:

  The following Debian issue exists in the Ubuntu package as well

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867581

  It breaks gnome-terminal and xfce4-terminal on arm64 machines.

  The issue is fixed upstream in 3.5.13, and the fix was backported to
  Debian stretch as well (3.5.8-5+deb9u2)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1707172/+subscriptions

More information about the foundations-bugs mailing list