[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16189 [Tor]: Ensure our scrypt interoperates with openssl's scrypt

Subject: Re: [tor-bugs] #16189 [Tor]: Ensure our scrypt interoperates with openssl's scrypt
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 09 Jul 2015 20:03:37 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 09 Jul 2015 16:03:46 -0400
In-reply-to: <045.c0b20014caa1e3b57e2205aea2e70022@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.c0b20014caa1e3b57e2205aea2e70022@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16189: Ensure our scrypt interoperates with openssl's scrypt
------------------------+--------------------------------
     Reporter:  nickm   |      Owner:  rl1987
         Type:  defect  |     Status:  needs_revision
     Priority:  normal  |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by rl1987):

 Replying to [comment:5 nickm]:

 > > I have preliminary patch for this:
 âhttps://github.com/rl1987/tor/compare/libscrypt_eq_openssl
 > >
 > >
 >
 > Looks promising. We'll need to pull it out eventually, once we add some
 logic to stop linking libscrypt when openssl has scrypt... but for now it
 should be fine.
 >
 > There's a logic bug, though: The code that calls EVP_PBE_scrypt() needs
 to be disabled entirely when openssl doesn't have that function, or our
 tests won't compile.
 >

 I pushed one more commit that fixes this.

 > > OpenSSL seems to fail with the last test vector from draft-josefsson-
 scrypt-kdf-00 section 11.
 > >
 > >
 >
 > Hmmm.  Does libscrypt pass with that test vector?  If so, we should
 submit a bug to the openssl people so they don't release a broken scrypt
 implementation.
 >

 It seems to, since libscrypt is being tested independently in
 `test_crypto_scrypt_vectors()` and this test does not fail. I have
 isolated the failing part using `#if 0` so that others could take a look.
 If you enable that part of the code, you will see that `EVP_PBE_scrypt()`
 returns the failure status if you try to compute key with the last test
 vector in Section 11.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16189#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #16534 [Tor Browser]: Failed to remove debugging options in Firefox
Next by Author: [tor-bugs] #16538 [Tor]: Limit the impact of a malicious HSDir
Previous by thread: Re: [tor-bugs] #16189 [Tor]: Ensure our scrypt interoperates with openssl's scrypt
Next by thread: Re: [tor-bugs] #16189 [Tor]: Ensure our scrypt interoperates with openssl's scrypt
Index(es):
- Author
- Thread