[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #19979 [Core Tor/Tor]: Use OpenSSL 1.1.0 HKDF in Tor when available.



#19979: Use OpenSSL 1.1.0 HKDF in Tor when available.
-------------------------------------------------+-------------------------
 Reporter:  nickm                                |          Owner:  rl1987
     Type:  enhancement                          |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.5.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  openssl110, easy, refactor, code-    |  Actual Points:
  removal                                        |
Parent ID:                                       |         Points:
 Reviewer:  nickm                                |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision
 * milestone:  Tor: unspecified => Tor: 0.3.5.x-final


Comment:

 Looks mostly good, but maybe we should just remove support for 0-length
 keys here?  They don't actually achieve anything, we don't use them except
 in the tests, and they require us to compile both implementations.

 Also, this code has moved from crypto.c into crypto_hkdf.c with
 d38e7ddf5b930ae7e4d3a5da63cfc32d92a8dfa7, but it would be easy enough to
 apply the patch to the new location.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19979#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs