[tahoe-dev] protecting against bugs in our own crypto code

Ben Laurie ben at links.org
Wed May 7 11:47:55 PDT 2008


zooko wrote:
> On May 7, 2008, at 3:52 AM, Ben Laurie wrote:
> 
>>> the allmydata quality assurance
>>> process made sure that we never deployed a version which did AES
>>> incorrectly, since we had extensive unit tests which verified the AES
>>> against fixed standard test vectors and other tests,
>> This seems to me to be where it all went wrong for you. You should  
>> have
>> test vectors for the whole system, not just the components.
> 
> This sounds exactly right.  We should have test vectors in Tahoe  
> showing what a correctly encrypted SSK file looks like, and the Tahoe  
> unit tests should decrypt it and verify its plaintext.
> 
> I'll go do that.

I'll leave my system broken for now so we can be sure they pick up the 
error. Let me know when you're done.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff


More information about the tahoe-dev mailing list