[tahoe-dev] protecting against bugs in our own crypto code
Ben Laurie
ben at links.org
Wed May 7 11:47:55 PDT 2008
zooko wrote:
> On May 7, 2008, at 3:52 AM, Ben Laurie wrote:
>
>>> the allmydata quality assurance
>>> process made sure that we never deployed a version which did AES
>>> incorrectly, since we had extensive unit tests which verified the AES
>>> against fixed standard test vectors and other tests,
>> This seems to me to be where it all went wrong for you. You should
>> have
>> test vectors for the whole system, not just the components.
>
> This sounds exactly right. We should have test vectors in Tahoe
> showing what a correctly encrypted SSK file looks like, and the Tahoe
> unit tests should decrypt it and verify its plaintext.
>
> I'll go do that.
I'll leave my system broken for now so we can be sure they pick up the
error. Let me know when you're done.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
More information about the tahoe-dev
mailing list