Crypto timings

Eric S. Raymond esr at thyrsus.com
Mon Jan 30 08:27:51 UTC 2017


Hal Murray <hmurray at megapathdsl.net>:
> 
> esr at thyrsus.com said:
> [context is cleaning up crypto code]
> > Oh dear Goddess you are right.  I think I noticed that before but spaced it.
> > I'll fix that up once I've had some sleep. 
> 
> My straw man is that the table that holds keys has
>   password
>   password length
>   digest length
>   the magic that we feed to EVP_DigestInit(_ex)
>   a flag that says it works in the current kludge mode where the key and 
> digest is appended directly rather than with a length/type header.
> 
> The idea is to remove any special knowledge about MD5 or SHA1 from the main 
> code.

We're amost there.  I discovered I wasn't quite sleepy enough to need to crash yet
and cleaned up the functions with MD5 in their names that are actually general
to any OpenSSL MAC type.

The only place left with a wired-in assumption about this is in ntp_leapsec.c,
which knows it's validating with SHA-1.  Everything else gets the MAC type
from keyfile fields.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>


More information about the devel mailing list