[tor-bugs] #17697 [Tor]: Add crypto_rand unit tests to check for predictable values
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 26 10:38:40 UTC 2015
#17697: Add crypto_rand unit tests to check for predictable values
-----------------------------+--------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
-----------------------------+--------------------------------
Add unit tests that check for common RNG failure modes, such as
returning all zeroes, identical values, or incrementing values
(OpenSSL's rand_predictable feature).
See my branch rand-failure-modes, it's based on bug17686_v2_027 in #17686.
https://github.com/teor2345/tor.git
As well as doing these checks during unit tests, we could also do these
checks every time we reseed OpenSSL's PRNG. (With an appropriately large
buffer so that the chance of failure during normal operation is
astronomically improbable, or at least less probable than a bit-flip in
the return value.)
In particular, OpenSSL's rand_predictable feature concerns me - we
currently don't check if Tor is run against an OpenSSL with it on.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17697>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list