[tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Dec 27 04:38:59 UTC 2011
#4779: AES broken since 0.2.3.9-alpha on CentOS 6
-----------------------+----------------------------------------------------
Reporter: Pascal | Owner: nickm
Type: defect | Status: accepted
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version: Tor: 0.2.3.9-alpha
Keywords: aes | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by rransom):
Replying to [comment:15 nickm]:
> Hooray, results! I can confirm that the test passes (by saying "Looks
ok to me") on Ubuntu 11.10 and on Fedora 16.
>
> There are a few possibilities here:
>
> * The test shows a real bug in Centos's openssl.
> * The test shows a real bug in openssl itself.
> * The test is badly designed, and proves nothing.
> * The test is badly designed, and Tor has the same bad design in its
use of AES_ctr128_encrypt.
>
> So the first step here might be to find out whether it works on an
unpatched version of the openssl that centos started with. If so, then we
can rule out an openssl bug. Then we can try to tell which of the centos
patches broke it, and submit a bug report to the centos people.
This is a Red Hat SRPM; any bug report should go to them.
> But before that, I could use some review on the test code, to make sure
that it actually uses the API correctly and tests what it is supposed to
test.
Is `AES_ctr128_encrypt` documented anywhere?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list