[tor-bugs] #19979 [Core Tor/Tor]: Use OpenSSL 1.1.0 HKDF in Tor when available.

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Oct 23 16:00:42 UTC 2016

#19979: Use OpenSSL 1.1.0 HKDF in Tor when available.
 Reporter:  nickm            |          Owner:
     Type:  enhancement      |         Status:  new
 Priority:  Medium           |      Milestone:  Tor: 0.2.???
Component:  Core Tor/Tor     |        Version:
 Severity:  Normal           |     Resolution:
 Keywords:  openssl110 easy  |  Actual Points:
Parent ID:                   |         Points:
 Reviewer:                   |        Sponsor:

Comment (by icanhasaccount):

 Replying to [ticket:19979 nickm]:
 > OpenSSL 1.1.0 now includes HKDF support. We should consider using their
 implementation instead of ours when it's available.

 I had a quick look at this today - the implementation in openssl seems to
 fail (
 error:0F073041:common libcrypto routines:CRYPTO_memdup:malloc failure)
 when the key length is zero (Its one of the tests for the current
 implementation in test_crypto.c).

 I tried to upload a test but trac thinks its spam ><

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19979#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list