[tor-bugs] #20569 [Core Tor/Tor]: hs: Use AES256 prop224 descriptors
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 10 14:22:09 UTC 2016
#20569: hs: Use AES256 prop224 descriptors
-------------------------------------------------+-------------------------
Reporter: dgoulet | Owner:
Type: defect | Status:
| needs_revision
Priority: High | Milestone: Tor:
| 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, easy, prop224, | Actual Points:
TorCoreTeam201611 |
Parent ID: | Points: 0.1
Reviewer: | Sponsor:
| SponsorR-must
-------------------------------------------------+-------------------------
Changes (by nickm):
* status: merge_ready => needs_revision
Comment:
NAK. This doesn't increase the length of secret_key in
encrypt_descriptor_data, or the length of secret_key in
desc_decrypt_data_v3. So you're still passing a 128-bit value to the AES
constructor.
You need to make sure that the inputs that are supposed to be 256-bit keys
really are 32 bytes long.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20569#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list