[tor-bugs] #17686 [Tor]: Make our openssl-RNG calling code less scary.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 25 15:18:53 UTC 2015
#17686: Make our openssl-RNG calling code less scary.
------------------------+--------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Severity: Normal | Keywords: rng crypto
Actual Points: | Parent ID:
Points: | Sponsor:
------------------------+--------------------------------
crypto_rand() returns even when RAND_bytes fails. That's bad!
It's not actually a security bug though, since RAND_bytes can't fail given
how we set it up. But we should change the warning in RAND_bytes() to an
assertion. Then we can make crypto_rand() return void.
Similarly, in crypto_seed_rng(), we should check RAND_status() or
something, and flip out or assert if the openssl RNG is not fully
initialized and seeded.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17686>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list