From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34963)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rkrcmar@redhat.com>) id 1ZDYpy-0005d4-J6
	for qemu-devel@nongnu.org; Fri, 10 Jul 2015 09:59:35 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rkrcmar@redhat.com>) id 1ZDYpx-0004Ko-G4
	for qemu-devel@nongnu.org; Fri, 10 Jul 2015 09:59:34 -0400
Received: from mx1.redhat.com ([209.132.183.28]:50979)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rkrcmar@redhat.com>) id 1ZDYpx-0004Kh-Ad
	for qemu-devel@nongnu.org; Fri, 10 Jul 2015 09:59:33 -0400
Date: Fri, 10 Jul 2015 15:59:29 +0200
From: Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>
Message-ID: <20150710135929.GC3818@potion.brq.redhat.com>
References: <1436531615-30183-1-git-send-email-rkrcmar@redhat.com>
	<CAFEAcA-2E=0qUkASMPRuf-WLOY9fUa-W+7zoReTehHskb8fMJw@mail.gmail.com>
	<20150710133131.GB3818@potion.brq.redhat.com>
	<CAFEAcA8xAPCtY2nPMvJPRpXc9P3aBbirZ3hNOhD=je2RMER-oQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAFEAcA8xAPCtY2nPMvJPRpXc9P3aBbirZ3hNOhD=je2RMER-oQ@mail.gmail.com>
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] crypt: fix build with nettle >= 3.0.0
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: QEMU Developers <qemu-devel@nongnu.org>

2015-07-10 14:38+0100, Peter Maydell:
> On 10 July 2015 at 14:31, Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.c=
om> wrote:
>> 2015-07-10 13:56+0100, Peter Maydell:
>>> On 10 July 2015 at 13:33, Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat=
.com> wrote:
>>>> @@ -83,8 +87,8 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlg=
orithm alg,
>>>> -        ctx->alg_encrypt =3D (nettle_crypt_func *)des_encrypt;
>>>> -        ctx->alg_decrypt =3D (nettle_crypt_func *)des_decrypt;
>>>> +        ctx->alg_encrypt =3D (nettle_cipher_func *)des_encrypt;
>>>> +        ctx->alg_decrypt =3D (nettle_cipher_func *)des_decrypt;
>>>> @@ -98,8 +102,8 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAl=
gorithm alg,
>>>> -        ctx->alg_encrypt =3D (nettle_crypt_func *)aes_encrypt;
>>>> -        ctx->alg_decrypt =3D (nettle_crypt_func *)aes_decrypt;
>>>> +        ctx->alg_encrypt =3D (nettle_cipher_func *)aes_encrypt;
>>>> +        ctx->alg_decrypt =3D (nettle_cipher_func *)aes_decrypt;
>>>
>>> Why do we need the casts here at all?  If the functions
>>> we're passing around don't have the right signature
>>> anyway we're in big trouble and casting them is
>>> just going to hide the problem until runtime...
>>
>> Yes.
>>
>> We pass 'ctx' as a 'void *' in the code, but these functions accept
>> specialized structures, which makes them incompatible:
>>
>>   void nettle_cipher_func(const void *ctx, size_t length, [...])
>>
>>   void aes_decrypt(const struct aes_ctx *ctx, size_t length, [...])
>>   void des_decrypt(const struct des_ctx *ctx, size_t length, [...])
>=20
> But aren't both the typedef and the aes/des_decrypt functions
> provided by the nettle library? Why is the library providing
> functions whose prototypes don't match its own typedef?

They are.  Authors needed to sacrifice something to fit into the type
system and I think they valued safety when using just a single cipher
above safety when mixing them ... (The decision was probably biased by
existing unabstracted code, if I were to guess how the library started.)