[tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Jan 11 04:22:56 UTC 2012
#4779: AES broken since 0.2.3.9-alpha on CentOS 6
--------------------------+-------------------------------------------------
Reporter: Pascal | Owner: nickm
Type: defect | Status: closed
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version: Tor: 0.2.3.9-alpha
Resolution: fixed | Keywords: aes
Parent: | Points:
Actualpoints: |
--------------------------+-------------------------------------------------
Comment(by fermenthor):
Is it worth to simplify the evaluation? The test causes a mismatch after
the 3rd iterations and after the 2, pos is wrong. I've used this
successfully:
{{{
int
evaluate_ctr_for_aes(void)
{
#ifdef CAN_USE_OPENSSL_CTR
unsigned char zero[2];
unsigned char output[2];
unsigned char ivec[2];
unsigned char ivec_tmp[2];
unsigned int pos, i;
AES_KEY key;
memset(zero, 0, sizeof(zero));
memset(ivec, 0, sizeof(ivec));
AES_set_encrypt_key(zero, 128, &key);
pos = 0;
/* Encrypting a block one byte at a time should make the error manifest
* itself for known bogus openssl versions. */
for (i=0; i<2; ++i)
AES_ctr128_encrypt(&zero[i], &output[i], 1, &key, ivec, ivec_tmp,
&pos);
if (pos!=2) {
/* Counter mode is buggy */
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list