[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6



#4779: AES broken since 0.2.3.9-alpha on CentOS 6
-----------------------+----------------------------------------------------
 Reporter:  Pascal     |          Owner:  nickm             
     Type:  defect     |         Status:  accepted          
 Priority:  major      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay  |        Version:  Tor: 0.2.3.9-alpha
 Keywords:  aes        |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by rransom):

 Replying to [comment:15 nickm]:
 > Hooray, results!  I can confirm that the test passes (by saying "Looks
 ok to me") on Ubuntu 11.10 and on Fedora 16.
 >
 > There are a few possibilities here:
 >
 >  * The test shows a real bug in Centos's openssl.
 >  * The test shows a real bug in openssl itself.
 >  * The test is badly designed, and proves nothing.
 >  * The test is badly designed, and Tor has the same bad design in its
 use of AES_ctr128_encrypt.
 >
 > So the first step here might be to find out whether it works on an
 unpatched version of the openssl that centos started with.  If so, then we
 can rule out an openssl bug. Then we can try to tell which of the centos
 patches broke it, and submit a bug report to the centos people.

 This is a Red Hat SRPM; any bug report should go to them.

 > But before that, I could use some review on the test code, to make sure
 that it actually uses the API correctly and tests what it is supposed to
 test.

 Is `AES_ctr128_encrypt` documented anywhere?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs