[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 27 Dec 2011 02:28:35 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 26 Dec 2011 21:28:46 -0500
In-reply-to: <046.007d65a3572214d149c9452c7aa96a0c@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.007d65a3572214d149c9452c7aa96a0c@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4779: AES broken since 0.2.3.9-alpha on CentOS 6
-----------------------+----------------------------------------------------
 Reporter:  Pascal     |          Owner:                    
     Type:  defect     |         Status:  new               
 Priority:  major      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay  |        Version:  Tor: 0.2.3.9-alpha
 Keywords:  aes        |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by nickm):

 Hm. I'd suspect something weird about the counter mode implementation
 then. It's working fine until the part of the test where it encrypts 3
 characters at a time and decrypts 5 at a time (see lines 143...150 of
 test_crypto.c).  Looking at the data above, the first 566 bytes of data is
 as expected, but then it gets messed up.

 So the first thing I'll want to check is the actual openssl source.  I
 looked around for a while, but I can't find a list of the patches (if any)
 that centos applies to the openssl version you mentioned. Do you have a
 pointer there?  An SRPM would be great.

 Also, I should really make sure that unpatched 1.0.0-fips works ok with
 Tor too.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #3587 [Tor Bridge]: Accounting should work with pluggable transports
Next by Author: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Previous by thread: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Next by thread: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Index(es):
- Author
- Thread