Re: Authentication over ECDHE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 29/12/2018 13:19, C.Wehrmeyer wrote:
...

Your corrections, improvements and enhancements would be very welcome as pull requests at https://github.com/openssl/openssl - thank you for your contributions.

And don't give me any "trust us, we're experienced programmers" bullshit. I've *seen* ssl/record/ssl3_record.c:

> static const unsigned char ssl3_pad_1[48] = {
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
>     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
> };
> static const unsigned char ssl3_pad_2[48] = {
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
>     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
> };

What's wrong with that, you ask?

Yes, I ask; why not tell us?

Let me show you how I'd have done that:

> static const unsigned char ssl3_pad_1[] =
> {
>     "66666666"
>     "66666666"
>     "66666666"
>     "66666666"
>     "66666666"
>     "66666666"
> };
>
> static const unsigned char*ssl3_pad_2[] =
> {
>     "\\\\\\\\\\\\\\\\"
>     "\\\\\\\\\\\\\\\\"
>     "\\\\\\\\\\\\\\\\"
>     "\\\\\\\\\\\\\\\\"
>     "\\\\\\\\\\\\\\\\"
>     "\\\\\\\\\\\\\\\\"
> };

So, no. I don't trust anyone. Especially not this mess of a code.

So instead of correct portable code which derives obviously and straightforwardly from the specification, you'd write arrays of a different length from the original, the first 48 bytes of which would only be correct in some compilation environments, and even in the cases where those 48 bytes end up correct they have no obvious relationship to the specification they are implementing (your obfuscation making the code much more difficult to review). How are these changes improvements? I'd walk you out of an interview if you offered this as an implementation, let alone as an improvement.

For the record, I have nothing to do with any of the code in OpenSSL.

-- 
J. J. Farrell
Not speaking for Oracle
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux