aboutsummaryrefslogtreecommitdiff
path: root/changes/bug8121
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2013-02-04 12:50:01 -0500
committerNick Mathewson <nickm@torproject.org>2013-02-07 14:09:01 -0500
commit266419d244c1a4795407479693b016c5a8b5da96 (patch)
treecb5c0b8a9aab066209f81bb8b80cb1e7c3719929 /changes/bug8121
parent898f2d7c278442d2c4fbdf0126eaa406d503d088 (diff)
downloadtor-266419d244c1a4795407479693b016c5a8b5da96.tar.gz
tor-266419d244c1a4795407479693b016c5a8b5da96.zip
Tolerate curve25519 backends where the high bit of the pk isn't ignored
Right now, all our curve25519 backends ignore the high bit of the public key. But possibly, others could treat the high bit of the public key as encoding out-of-bounds values, or as something to be preserved. This could be used to distinguish clients with different backends, at the cost of killing a circuit. As a workaround, let's just clear the high bit of each public key indiscriminately before we use it. Fix for bug 8121, reported by rransom. Bugfix on 0.2.4.8-alpha.
Diffstat (limited to 'changes/bug8121')
-rw-r--r--changes/bug81217
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug8121 b/changes/bug8121
new file mode 100644
index 0000000000..60cba72848
--- /dev/null
+++ b/changes/bug8121
@@ -0,0 +1,7 @@
+ o Minor features:
+ - Clear the high bit on curve25519 public keys before passing them to
+ our backend, in case we ever wind up using a backend that doesn't do
+ so itself. If we used such a backend, and *didn't* clear the high bit,
+ we could wind up in a situation where users with such backends would
+ be distinguishable from users without. Fix for bug 8121; bugfix on
+ 0.2.4.8-alpha.