[tor-bugs] #17556 [Tor]: Doc or implementation error in NTor handshake
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 8 06:47:38 UTC 2015
#17556: Doc or implementation error in NTor handshake
--------------------+---------------------------
Reporter: awick | Owner:
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Tor | Version:
Severity: Normal | Resolution: not a bug
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
--------------------+---------------------------
Changes (by yawning):
* status: new => closed
* resolution: => not a bug
Comment:
` crypto_hmac_sha256((char*)out, tweak, tweak_len, (const char*)inp,
inp_len);`
calls:
{{{
void
crypto_hmac_sha256(char *hmac_out,
const char *key, size_t key_len,
const char *msg, size_t msg_len)
{
/* If we've got OpenSSL >=0.9.8 we can use its hmac implementation. */
tor_assert(key_len < INT_MAX);
tor_assert(msg_len < INT_MAX);
HMAC(EVP_sha256(), key, (int)key_len, (unsigned char*)msg, (int)msg_len,
(unsigned char*)hmac_out, NULL);
}
}}}
Resulting in behavior as specified (The spec defines `H(x,t)`, the code
expects to be called as `H(t,x)`). The spec would be clearer and more in
line with how HMAC constructs are usually defined if everything was
written down as `H(t,x)`, but there's nothing wrong with either the code
or spec at present beyond being confusing.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17556#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list