Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#4779: AES broken since 0.2.3.9-alpha on CentOS 6
--------------------------+-------------------------------------------------
    Reporter:  Pascal     |       Owner:  nickm             
        Type:  defect     |      Status:  closed            
    Priority:  normal     |   Milestone:  Tor: 0.2.3.x-final
   Component:  Tor Relay  |     Version:  Tor: 0.2.3.9-alpha
  Resolution:  fixed      |    Keywords:  aes               
      Parent:             |      Points:                    
Actualpoints:             |  
--------------------------+-------------------------------------------------

Comment(by fermenthor):

 Is it worth to simplify the evaluation? The test causes a mismatch after
 the 3rd iterations and after the 2, pos is wrong. I've used this
 successfully:

 {{{
 int
 evaluate_ctr_for_aes(void)
 {
 #ifdef CAN_USE_OPENSSL_CTR
   unsigned char zero[2];
   unsigned char output[2];
   unsigned char ivec[2];
   unsigned char ivec_tmp[2];
   unsigned int pos, i;
   AES_KEY key;
   memset(zero, 0, sizeof(zero));
   memset(ivec, 0, sizeof(ivec));
   AES_set_encrypt_key(zero, 128, &key);

   pos = 0;
   /* Encrypting a block one byte at a time should make the error manifest
    * itself for known bogus openssl versions. */
   for (i=0; i<2; ++i)
     AES_ctr128_encrypt(&zero[i], &output[i], 1, &key, ivec, ivec_tmp,
 &pos);

   if (pos!=2) {
     /* Counter mode is buggy */
 }}}

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs